RE: [WIRELESS-LAN] Big flaw in WPA2

2017-10-16 Thread Mike Cunningham 
Same story - different wording. This article is blaming the protocol and not 
the implementation "The weaknesses are in the Wi-Fi standard itself, and not in 
individual products or implementations"  
https://www.theregister.co.uk/2017/10/16/wpa2_krack_attack_security_wifi_wireless/

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Anderson
Sent: Monday, October 16, 2017 3:08 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Big flaw in WPA2

It isn't a design flaw.  It is an implementation flaw that everyone did wrong 
because the spec didn't address the need to be careful about it.

Read this Aruba FAQ, it is helpful to address these sorts of questions:

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf

On Mon, Oct 16, 2017 at 06:57:57PM +0000, Mike Cunningham wrote:
> If this is a flaw in the design of the WPA2 protocol isn't the fix going to 
> need to be made on both sides of the communication link?  Access points will 
> all need to be updated but also all client wifi drivers are going to need to 
> be updated on all wifi enabled devices that support WPA2, right?
>
> Mike Cunningham
>
>
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv
> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Stephen
> Belcher
> Sent: Monday, October 16, 2017 10:40 AM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Big flaw in WPA2
>
>
> >From Cisco:
>
>
>
> https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
> cisco-sa-20171016-wpa
>
>
>
>
>
> / Stephen Belcher
>
> Assistant Director of Network Operations WVU Information Technology
> Services
>
> One Waterfront Place / PO Box 6500
>
> Morgantown, WV  26506
>
>
>
> (304) 293-8440 office
> (681) 214-3389 mobile
> steve.belc...@mail.wvu.edu<mailto:steve.belc...@mail.wvu.edu>
>
> 
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv
> <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCA
> USE.EDU>> on behalf of Richard Nedwich
> <rich.nedw...@brocade.com<mailto:rich.nedw...@brocade.com>>
> Sent: Monday, October 16, 2017 10:34:43 AM
> To:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAU
> SE.EDU>
> Subject: Re: [WIRELESS-LAN] Big flaw in WPA2
>
> Ruckus is providing a response today.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.


This email may contain confidential information about a Pennsylvania College of 
Technology student. It is intended solely for the use of the recipient. This 
email may contain information that is considered an “educational record” 
subject to the protections of the Family Educational Rights and Privacy Act 
Regulations. The regulations may be found at 34 C.F.R. Part 99 for your 
reference. The recipient may only use or disclose the information in accordance 
with the requirements of the Federal Educational Rights and Privacy Act 
Regulations. If you have received this transmission in error, please notify the 
sender immediately and permanently delete the email.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

RE: [WIRELESS-LAN] Big flaw in WPA2

2017-10-16 Thread Mike Cunningham 
If this is a flaw in the design of the WPA2 protocol isn't the fix going to 
need to be made on both sides of the communication link?  Access points will 
all need to be updated but also all client wifi drivers are going to need to be 
updated on all wifi enabled devices that support WPA2, right?

Mike Cunningham


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Stephen Belcher
Sent: Monday, October 16, 2017 10:40 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Big flaw in WPA2


>From Cisco:



https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa





/ Stephen Belcher

Assistant Director of Network Operations
WVU Information Technology Services

One Waterfront Place / PO Box 6500

Morgantown, WV  26506



(304) 293-8440 office
(681) 214-3389 mobile
steve.belc...@mail.wvu.edu<mailto:steve.belc...@mail.wvu.edu>


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Richard Nedwich 
<rich.nedw...@brocade.com<mailto:rich.nedw...@brocade.com>>
Sent: Monday, October 16, 2017 10:34:43 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Big flaw in WPA2

Ruckus is providing a response today.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/discuss.


This email may contain confidential information about a Pennsylvania College of 
Technology student. It is intended solely for the use of the recipient. This 
email may contain information that is considered an "educational record" 
subject to the protections of the Family Educational Rights and Privacy Act 
Regulations. The regulations may be found at 34 C.F.R. Part 99 for your 
reference. The recipient may only use or disclose the information in accordance 
with the requirements of the Federal Educational Rights and Privacy Act 
Regulations. If you have received this transmission in error, please notify the 
sender immediately and permanently delete the email.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

RE: [WIRELESS-LAN] Res hall wireless printing..

2016-09-01 Thread Mike Cunningham 
I hear ya….. paying your dues to become a programmer ☺  My last semester we 
actually had a terminal with card reader and line printer connected to an IBM 
mainframe at Penn State and as a student we could walk up and touch the 
machine, put in our cards and press the start button and get a compile listing 
back in 10-15 minutes.  Then take your punch cards out of the output hopper and 
the paper out of the line printer and go back to the keypunch. Dropping the 
cards on the way and screaming *&^D&^#FYU(*&(*@&(*^*&^*& I never got the time 
to add sequence numbers

Mike

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John York
Sent: Thursday, September 01, 2016 3:54 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Res hall wireless printing..

Ah, punching Fortran onto cards, handing the cards in at the DCL (Digital 
Computer Lab) window, waiting 4 hours to get a printout full of errors…
Wash, rinse, repeat.
Those were the good old days.

John

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike Cunningham
Sent: Thursday, September 1, 2016 3:36 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Res hall wireless printing..

We didn’t have printers in college, we had typewriters…… oh crap, did I just 
date myself ☹

-Mike

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman
Sent: Thursday, September 01, 2016 2:50 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Res hall wireless printing..

That was our  past philosophy .. go somewhere to print it on one of our units.  
But that isn’t flying any more.  It’s all about convenience, right?

Hey, I had to walk 2 miles in 6’ of snow in September uphill both ways to get 
my print outs when I was in college!

-Brian

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tony Skalski
Sent: Thursday, September 01, 2016 12:40 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Res hall wireless printing..

Is the issue getting them onto your wireless network, or to stop them from 
broadcasting their own SSIDs?

We try (by providing ~75 follow-me release stations around campus) to get them 
to use our infrastructure. We tell them not to bring printers. We see their 
SSIDs in the res, but to date, we haven't spent much time making them turn them 
off. We trust that they are low power transmitters and that they are only 
disruptive at short distances. If someone complains about poor performance in 
the area, and we can see evidence of interference, we will use it to encourage 
the student to turn off the wireless on their printer.

We have no interest in getting them on our network.

ajs

On Thu, Sep 1, 2016 at 11:20 AM, Jeffrey D. Sessler 
<j...@scrippscollege.edu<mailto:j...@scrippscollege.edu>> wrote:
Have you considered adding more printers in the residence halls, mitigating any 
compelling need for a student to have their own printer? There are a number of 
solutions out there today that provide air print/google print (or mobile print 
clients), making it even simpler.

Basically, you’ll likely spend less to provide more/better college-provided 
printing then to engineer a solution for the personal printers.

Jeff

From: 
"wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Brian Helman 
<bhel...@salemstate.edu<mailto:bhel...@salemstate.edu>>
Reply-To: 
"wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Thursday, September 1, 2016 at 9:08 AM
To: 
"wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: [WIRELESS-LAN] Res hall wireless printing..

Can you tell it’s the start of the new academic year?...

I know we talk about this every year, but here we go again.  How are people 
tackling/addressing students who want to use their wireless printers in their 
dorm rooms?  In the past, we’ve told them they have to disable the wireless and 
use a USB from their laptop.  That’s not flying as well as more and more people 
are more and more dependent on tablets, phablets and phones.

We haven’t thought it through, but one option is to set up a separate, 
non-Internet accessible SSID

RE: [WIRELESS-LAN] Res hall wireless printing..

2016-09-01 Thread Mike Cunningham 
We didn’t have printers in college, we had typewriters…… oh crap, did I just 
date myself ☹

-Mike

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman
Sent: Thursday, September 01, 2016 2:50 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Res hall wireless printing..

That was our  past philosophy .. go somewhere to print it on one of our units.  
But that isn’t flying any more.  It’s all about convenience, right?

Hey, I had to walk 2 miles in 6’ of snow in September uphill both ways to get 
my print outs when I was in college!

-Brian

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tony Skalski
Sent: Thursday, September 01, 2016 12:40 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Res hall wireless printing..

Is the issue getting them onto your wireless network, or to stop them from 
broadcasting their own SSIDs?

We try (by providing ~75 follow-me release stations around campus) to get them 
to use our infrastructure. We tell them not to bring printers. We see their 
SSIDs in the res, but to date, we haven't spent much time making them turn them 
off. We trust that they are low power transmitters and that they are only 
disruptive at short distances. If someone complains about poor performance in 
the area, and we can see evidence of interference, we will use it to encourage 
the student to turn off the wireless on their printer.

We have no interest in getting them on our network.

ajs

On Thu, Sep 1, 2016 at 11:20 AM, Jeffrey D. Sessler 
> wrote:
Have you considered adding more printers in the residence halls, mitigating any 
compelling need for a student to have their own printer? There are a number of 
solutions out there today that provide air print/google print (or mobile print 
clients), making it even simpler.

Basically, you’ll likely spend less to provide more/better college-provided 
printing then to engineer a solution for the personal printers.

Jeff

From: 
"wireless-lan@listserv.educause.edu" 
> 
on behalf of Brian Helman 
>
Reply-To: 
"wireless-lan@listserv.educause.edu" 
>
Date: Thursday, September 1, 2016 at 9:08 AM
To: 
"wireless-lan@listserv.educause.edu" 
>
Subject: [WIRELESS-LAN] Res hall wireless printing..

Can you tell it’s the start of the new academic year?...

I know we talk about this every year, but here we go again.  How are people 
tackling/addressing students who want to use their wireless printers in their 
dorm rooms?  In the past, we’ve told them they have to disable the wireless and 
use a USB from their laptop.  That’s not flying as well as more and more people 
are more and more dependent on tablets, phablets and phones.

We haven’t thought it through, but one option is to set up a separate, 
non-Internet accessible SSID for printers.  We’d have to think though if it 
should hit the NAC, be somehow otherwise registered, do we care about security, 
contain those SSID’s to buildings (and not pass that traffic between buildings) 
etc, etc.

-Brian


Brian Helman, M.Ed |  Director, ITS/Networking Services | •: 
978.542.7272
Salem State University, 352 Lafayette St., Salem Massachusetts 01970
GPS: 42.502129, -70.894779

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.



--
Tony Skalski
Systems Administrator
a...@stolaf.edu
507-786-3227
St. Olaf College
Information Technology
1510 St. Olaf Avenue
Northfield, MN55057-1097

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Servers on Guest Networks

2016-06-13 Thread Mike Cunningham 
Add Amazon Echo. We had the first one of those last Fall. 

Mike Cunningham
Penn College 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W 
(Network Services)
Sent: Monday, June 13, 2016 7:44 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Servers on Guest Networks

On our non-802.1x network, we have

Game consoles & handhelds (Sony, Microsoft, Nintendo) Windows phones Apple TV, 
Chromecast, Roku, etc.
Internet connected televisions
e-Readers

​That is just a quick list from my memory.
 
Bruce Osborne
Wireless Engineer
IT Network Services - Wireless
 
(434) 592-4229
 
LIBERTY UNIVERSITY
Training Champions for Christ since 1971


-Original Message-
From: Curtis K. Larsen [mailto:curtis.k.lar...@utah.edu]
Sent: Wednesday, June 8, 2016 5:53 PM
Subject: Re: Servers on Guest Networks

Interesting Hunter,

Are the Xboxes the only use case causing you to look at this?  I'm trying to 
identify as many use cases as possible before we apply the inbound deny.  Let 
me know.

Thanks,

Curtis


On Wed, June 8, 2016 3:45 pm, Hunter Fuller wrote:
> We are looking at giving users the option to use a wide-open ESSID for 
> their Xboxes. The user would register the MAC, and we would put them 
> into a wide-open-inbound area with public addresses, for the best 
> experience. But we would limit some outgoing stuff (Google, our LMS,
> etc.) to try to nudge people toward eduroam (our 802.1X solution).
> None of this is in production but it's the direction I think we are 
> leaning when we discontinue our legacy PSK ESSIDs.
>
> --
> Hunter Fuller
> Network Engineer
> VBRH Annex B-1
> +1 256 824 5331
>
> Office of Information Technology
> The University of Alabama in Huntsville Systems and Infrastructure
>
>
> On Tue, Jun 7, 2016 at 6:34 PM, Curtis K. Larsen 
> <curtis.k.lar...@utah.edu> wrote:
>> Hello,
>>
>> We're looking at a default deny inbound and possibly opening ports as 
>> required later on the guest wireless network.  If you have already 
>> done this I am curious to know what you and your user community defined as 
>> being required on the guest network.
>>
>> I think primary drivers might include devices that are not capable of 
>> WPA2-Enterprise *and* needing to run a service.  Google cloud 
>> printers come to mind, someone also mentioned multi-player Xbox?  Do 
>> you have other examples or use cases for allowing services like http/https 
>> from the internet to your guest wireless network?  If so, please share.
>>
>> Thanks,
>>
>> Curtis
>> **
>> Participation and subscription information for this EDUCAUSE 
>> Constituent Group discussion list can be found at 
>> http://www.educause.edu/groups/.
>
> **
> Participation and subscription information for this EDUCAUSE 
> Constituent Group discussion list can be found at 
> http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Mike Cunningham 
Talk to your campus legal office before opening your wifi to the world. We 
asked ours about this and were strongly advised against it. Contracting with a 
local telecom company to provide free wifi would be better. A college or 
university is not an ISP like a Verizon or AT or Comcast is. If someone is 
abusing the campus network you’re responsible for their action. If law 
enforcement comes knocking on your door asking about network traffic 
originating from you campus you need to be able to point to a person or at 
least a room and say “there”. If it was a guest on campus for a short period of 
time you still need to be able to identify who that guest was. At least that is 
the interpretation of current law according to our legal office.

Mike Cunningham
Pennsylvania College of Technology


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of David R. Morton
Sent: Tuesday, March 01, 2016 12:21 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Joel, thanks for the detailed reply. I agree that Personal PSK is an 
interesting idea, but it may fall apart at scale (we see 200k+ devices per 
week), security, implementation or other burdens. My thoughts about on 
boarding, user name as part of the credential/password have been along the same 
lines as yours. While we wouldn’t put all of their devices on the same VLAN, I 
would see them being able to access their printers, chrome cast, AppleTV, etc. 
The later is already possible using something like ClearPass and AirGroup.

We’ve been engaged in some conversations with our vendor about how to solve 
this problem, but so far there isn’t anything to report.

As an aside, we are also keeping an eye on MAC randomization and how this might 
impact systems based on MAC for authentication and other headaches.

David





David Morton
Director, Mobile Communications
Service Owner: Wi-Fi, Mobile & HuskyTV
University of Washington
dmor...@u.washington.edu<mailto:dmor...@u.washington.edu>
tel 206.221.7814

On Mar 1, 2016, at 9:02 AM, Coehoorn, Joel 
<jcoeho...@york.edu<mailto:jcoeho...@york.edu>> wrote:

Ruckus supports a PPSK variant, as well.

I'm just gonna put this out there. I have this idea in my head for an ideal 
wifi service. It starts with personal pre-shared key (PPSK), but it's something 
I don't believe is possible yet with any vendor.

Step one is to create a unique key prefix for each user, effectively embedding 
a username value (the prefix) into the same field as the key/password. The 
prefix would be as short as possible, perhaps as small as three characters, in 
order to keep entry into devices simple. The purpose of this prefix is to allow 
users to choose their own wifi password, while still ensuring that each PSK 
value is unique and identifiable to a given user. If we don't value allowing 
users to choose their own wifi passwords, we could instead generate and assign 
them, and just map back the assigned key to the user.. but I believe there is 
value in this.

Users would onboard by first connecting to a portal available via open/limited 
ssid to claim their key. They would have to log in with their traditional 
username/password. The portal would then prompt them for a key suffix (their 
wifi password), and then show them the complete key (prefix + suffix), which 
would be registered with our system. It would also have options to show them 
history for devices authenticated using their key, expire an old/create a new 
key using the same prefix, and other typical account management options. Once 
created, that key could be used with anything that supports traditional PSK 
connections.

One important feature that I'd like to see as part of this, and what I think 
helps make this idea unique, is that devices authenticated with the same PPSK 
should always end up with the same vlan id. In this way, a student would be 
able to, for example, connect to a desktop in his room from the phone/tablet he 
brought to class and grab a file he forget to show an instructor. It also makes 
things like wireless printers, long the bane or our existence, almost 
reasonable in terms of setup and support.

By keeping a prefix that's unique to each user, or mapping all key assignments 
back to the user, we can still always know who is responsible for a given 
device. We could do things like get a report of keys that authenticate more 
than, say, 6 devices to monitor for key abuse, expire keys when there is a 
problem, engage a known user when expiring old keys is not enough, and even map 
users to specific vlan pools for network policy enforcement. We could also 
create keys for events or specially classes of device (security cameras, door 
locks, wifi phones, etc). Additionally, per-user keys means each user's 
over-the-air signals have different encryption keys, preventing things like 
firesheep from

RE: Desktop projection to classroom display

2015-10-27 Thread Mike Cunningham 
Eric, do you have your wired and wireless networks on the same subnet? We use a 
different subnet for wireless and have found that many of these types of 
devices don't like the way our network is configured. The broadcast from the 
device to help a wireless device find what to connect to never crosses over to 
the wireless side or if it does the communications between the mobile device is 
unreliable.


Mike Cunningham
VP of Information Technology Services/CIO
Pennsylvania College of Technology


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kurtz, Eric
Sent: Tuesday, October 27, 2015 12:25 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Desktop projection to classroom display

We recently deployed these Extron units (without the wifi since we have a solid 
wifi infrastructure already)   As long as your device can reach this device's 
ip you should be good.

http://www.extron.com/product/product.aspx?id=sharelink200=4

The Extron ShareLink 200 Wireless Collaboration Gateway enables anyone to 
present content from a laptop, smartphone, or tablet on a display, transforming 
any meeting room into a collaboration space. ShareLink(tm) technology supports 
simultaneous display of slides, documents, graphs, and photos from up to four 
devices without needing a cable. It is compatible with Windows(r) and OS X(r) 
computers as well as Apple(r) and Android(r) smartphones and tablets. It also 
includes a moderator mode to ensure only approved content is displayed. In 
spaces with sight line concerns, slides can be viewed on a personal device via 
a Web browser. The professional capabilities of the ShareLink 200 wireless and 
network models provide easy integration of mobile devices into meeting and 
huddle rooms, interactive collaborative spaces, and larger presentation 
environments.

Eric Kurtz
Senior Systems Engineer
Office of Information Technology
Susquehanna University
514 University Avenue
Selinsgrove, PA 17870-1164
570.372.4537
ku...@susqu.edu<mailto:ku...@susqu.edu>

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ashfield, Matt (NBCC)
Sent: Tuesday, October 27, 2015 8:50 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [WIRELESS-LAN] Desktop projection to classroom display

Good Morning

Like I'm sure most of you have experienced, we are dealing with technology like 
AppleTVs and Chromecasts showing up in our classrooms and being asked to "make 
it work". Obviously we run into the roadblocks of those devices not fitting 
into our network well, or working with certain OS's, not to mention security 
implications.

We'd like to try and standardize on a technology so we can manage it (ha!). I'm 
just wondering if anyone has solved this one yet?  We've looked briefly at 
AirParrot but wondering if anyone else has had any luck in this area.

Any info/advice is appreciated.

Thanks,

Matt
NBCC

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Measuring RADIUS Auths

2015-10-20 Thread Mike Cunningham 
I believe that newer wifi access points will be able to include location 
information to E911 services. 
http://www.arubanetworks.com/pdf/partners/SB_RedSky.pdf 
http://www.cisco.com/c/en/us/products/collateral/wireless/wireless-location-appliance/product_data_sheet0900aecd80293728.html
 
How many access point vendors are going to jump on board remains to be seen. 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mattson III, Ken V.
Sent: Tuesday, October 20, 2015 10:56 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Measuring RADIUS Auths

Thanks for the additional info.  We mainly were using it to compare against 
itself, especially the retransmissions. There were some telltale signs that we 
were having controller problems and a spike in retransmissions was a big one.

Kenneth V. Mattson III
Director - Network and Data
DoIT
Creighton University
402-280-2743
402-981-1140
 
A password is like a toothbrush:
Choose a good one, change it regularly and don't share it.

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Earl Barfield
Sent: Monday, October 19, 2015 10:08 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Measuring RADIUS Auths

> Date:Fri, 16 Oct 2015 18:21:19 +
> From:"Mattson III, Ken V." 
> Subject: Re: Measuring RADIUS Auths
>
> I am pretty sure it is raw ("The number of RADIUS Access-Request packets sent 
> to this server. This does not include retransmissions.").
>
> 1.3.6.1.4.1.14179.2.5.3.1.8.3 is the retransmissions.
> http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en
> =Translate=bsnRadiusAuthClientAccessRetransmissions#oidCon
> tent
>
>
> Output from a snmpbulkwalk on one of our controllers:
> .1.3.6.1.4.1.14179.2.5.3.1.7.3 = Counter32: 93421076
> .1.3.6.1.4.1.14179.2.5.3.1.7.4 = Counter32: 0
> .1.3.6.1.4.1.14179.2.5.3.1.8.3 = Counter32: 31652
> .1.3.6.1.4.1.14179.2.5.3.1.8.4 = Counter32: 0

If you are doing EAP-PEAPv0/MS-CHAPv2 then there will be many (a dozen or so) 
Access-Request packets sent per user authorization occurrence.

The WiSM sends Access-Request (type 1) and the radius server answers
with Auth-Challenge (type 11).   This repeats back and forth many times
until the radius server finally answers the final Auth-Request with either an 
Auth-Accept (type 2) or Auth-Reject (type 3).


Just be clear what you're counting when comparing with other
institutions or you will be off by quite a bit.   Apples-to-apples, etc.







--
Earl Barfield -- Academic & Research Tech / Information Technology Georgia 
Institute of Technology, Atlanta Georgia, 30332
Internet: earl.barfi...@oit.gatech.edue...@gatech.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

eduroam

2015-09-25 Thread Mike Cunningham 
Does anyone know for sure if a college that is not part of Internet2 can  still 
participate in eduroam or is have an Internet2 link a requirement?

Thanks
Mike Cunningham
VP of Information Technology Services/CIO
Pennsylvania College of Technology



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: eduroam

2015-09-25 Thread Mike Cunningham 
Thanks Max

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Max Saber
Sent: Friday, September 25, 2015 12:49 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] eduroam

Hi Mike,

We are not part of Internet2 and have eduroam on campus as an additional SSID.

Max


...

Max Saber, MS
Systems Support Technician
Information Services
MCPHS University

179 Longwood Ave | Boston MA 02115
T 617.732.2811  C 774.644.1542  F 617.732.2080
max.sa...@mcphs.edu<mailto:max.sa...@mcphs.edu>
www.mcphs.edu<http://www.mcphs.edu>

[cid:image001.jpg@01D0F797.E72E54C0]<http://www.mcphs.edu/>

Confidentiality Note:  This e-mail, and any attachment to it, is intended to be 
confidential and might be legally privileged.  It is intended solely for the 
use of the addressee.  If you are not the intended recipient, you are hereby 
notified that reading, copying, disseminating or distributing this email is 
strictly prohibited.  If you have received this e-mail in error, please 
immediately return it to the sender and delete it from your system.  Thank you.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike Cunningham
Sent: Friday, September 25, 2015 12:47
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [WIRELESS-LAN] eduroam

Does anyone know for sure if a college that is not part of Internet2 can  still 
participate in eduroam or is have an Internet2 link a requirement?

Thanks

Mike Cunningham
VP of Information Technology Services/CIO
Pennsylvania College of Technology


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: WiFi Service Level Agreement

2015-08-26 Thread Mike Cunningham 
In some locations where there are many offices concentrated we think we can 
eliminate at least 30% of our switch stack ports which means in a few years 
instead of needing to replace 10 switches I only need to replace 7.  Saving 
about $10,000 which would pay for additional access points if they were even 
needed (which we don't think will be the case). We also spend way too much time 
every summer with people swapping offices and the new tenant wants their desk 
in a different place and we need to drop another network connection because 
where they want their PC is not where the current drop is. Then we have to 
decide do we make both drops hot and use an additional switch port (sometimes 
needed to add a new switch) or just make one hot. If only one is hot it leads 
to other problems later because everyone always thinks all ports are hot and 
will plug something in and when it doesn't work it's a panic call. Or a one 
person office has to be made to handle two. With an all wireless office they 
can put their desk anywhere they want and we don't need to be involved. We have 
a few people who only turn on their desktops PCs now every other week because 
they can do almost their entire job on a tablet or a laptop and rarely need to 
use their desktop, yet we still install a drop and take up a switch port and 
keep upgrading those switch ports every few years. I see that trend continuing, 
especially for faculty. 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hinson, Matthew P
Sent: Tuesday, August 25, 2015 10:00 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement

Mike: It is true that a few quality APs and wireless adapters for the clients 
can replace wired ports most of the time. I've admin'ed a few sites where this 
was done, but if you've already got the Ethernet runs done, why work towards 
the reduction of bespoke ports? Or are you referring to only new construction 
or room repurposing?

Chuck: It was just a brainstorming idea. I wasn't saying that this should be 
implemented as official policy. I view Wi-Fi as an extension of our wired 
network that has massive convenience and cost benefits, but at the end of the 
day, if given the option, I'll take an Ethernet connection 10 times out of 10.

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike Cunningham
Sent: Tuesday, August 25, 2015 9:43 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement

We have just approved a campus strategic plan that calls for a reduction in 
wired outlets in favor of wireless. Mostly targeted at office desktops where 
usage is very predictable and not classrooms or other student spaces where it 
is not. Bandwidth use to our typical office desktop is very low and a cluster 
of 5-6 desktop users could easily share a single high bandwidth access point 
instead of 5-6 wired connections.   

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield
Sent: Tuesday, August 25, 2015 9:22 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement

Wi-Fi is not intended to replace the wired network, but is a convenient, 
supplemental method for accessing the campus network. Mission-critical 
applications should NOT rely upon Wi-Fi.

While I think it's completely appropriate to recommend wired connections for 
certain functions, if anybody who worked for me suggested something this broad 
I would affect an extreme attitude adjustment.

Chuck Enfield
Manager, Wireless Systems  Engineering
Telecommunications  Networking Services The Pennsylvania State University 
110H, USB2, UP, PA 16802
ph: 814.863.8715
fx: 814.865.3988

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hinson, Matthew P
Sent: Tuesday, August 25, 2015 8:38 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement

We looked into doing this for awhile but could never clearly define what 
acceptable quality of service is. 99.999% uptime in all areas? 99%? 90?
75?

Here are a few excerpts of things we had in our draft that never went live.

Wi-Fi is not intended to replace the wired network, but is a 
convenient, supplemental method for accessing the campus network.
Mission-critical applications should NOT rely upon Wi-Fi.
 Due to the uniqueness of each wireless installation and the shared 
spectrum nature of current wireless technology, the theoretical maximum 
throughput will not be available everywhere coverage is provided.
Further, the available bandwidth will depend directly

RE: WiFi Service Level Agreement

2015-08-25 Thread Mike Cunningham 
We have just approved a campus strategic plan that calls for a reduction in 
wired outlets in favor of wireless. Mostly targeted at office desktops where 
usage is very predictable and not classrooms or other student spaces where it 
is not. Bandwidth use to our typical office desktop is very low and a cluster 
of 5-6 desktop users could easily share a single high bandwidth access point 
instead of 5-6 wired connections.   

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield
Sent: Tuesday, August 25, 2015 9:22 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement

Wi-Fi is not intended to replace the wired network, but is a convenient, 
supplemental method for accessing the campus network. Mission-critical 
applications should NOT rely upon Wi-Fi.

While I think it's completely appropriate to recommend wired connections for 
certain functions, if anybody who worked for me suggested something this broad 
I would affect an extreme attitude adjustment.

Chuck Enfield
Manager, Wireless Systems  Engineering
Telecommunications  Networking Services The Pennsylvania State University 
110H, USB2, UP, PA 16802
ph: 814.863.8715
fx: 814.865.3988

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hinson, Matthew P
Sent: Tuesday, August 25, 2015 8:38 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement

We looked into doing this for awhile but could never clearly define what 
acceptable quality of service is. 99.999% uptime in all areas? 99%? 90?
75?

Here are a few excerpts of things we had in our draft that never went live.

Wi-Fi is not intended to replace the wired network, but is a 
convenient, supplemental method for accessing the campus network.
Mission-critical applications should NOT rely upon Wi-Fi.
 Due to the uniqueness of each wireless installation and the shared 
spectrum nature of current wireless technology, the theoretical maximum 
throughput will not be available everywhere coverage is provided.
Further, the available bandwidth will depend directly on the number of Wi-Fi 
users and upon their respective bandwidth usage in any given coverage area.
All 802.11 technologies (a, b, g, n, and ac) utilize frequencies 
unlicensed by the FCC. Therefore, other devices utilizing wireless technology 
that are operating within the same frequency ranges may interfere with Wi-Fi. 
IT will try to solve any interference issues that arise, but IT may not be able 
to affect the removal of such interfering devices.
Construction materials used in many buildings significantly impair the 
propagation of wireless radio signals. As such, not all devices will be able to 
consistently connect in all areas of the campus' buildings.
Consistent coverage, especially for devices with small antennae (such as 
smartphones), cannot be guaranteed.


While we never ended up making it live, I think it might get you started.
:)

-Matthew

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mervyn Christoffels
Sent: Tuesday, August 25, 2015 1:45 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement

Greetings Colleagues


I have been tasked with the process of setting up a service level agreement for 
a wifi tender


Has anyone developed a user experience sla for wifi ? Or a services description 
for the wifi solution


Best regards, mervyn





Mervyn Christoffels, Elec Eng (CPUT), MBA (UCT), Mcomm InfSYS (UCT)

University of the Western Cape, Modderdam Road, Bellville, 7535, South Africa T 
+27 21 9592304 E mchristoff...@uwc.ac.za

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Wireless Door Locks

2015-07-02 Thread Mike Cunningham 
Stanley makes a door lock that is wireless but does not run on 802.11 so does 
not interface with the campus data wi-fi network. I think it’s 802.15 but not 
sure of that. I know it works with Tyco and their iStar controllers. You do 
have to deploy a Tyco proprietary access point that is just for the locks.  We 
don’t have any wireless locks yet but probably will be moving in that direction 
and when we do we will deploy this system since we already have all of our 
wired locks using Tyco iStar hardware.

Mike Cunningham

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Rossella Mariotti-Jones
Sent: Thursday, July 2, 2015 2:27 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wireless Door Locks

We have ASSA ABLOY locks too. I agree with Aaron, as that is exactly the reason 
why we went with the wifi locks. One argument that might have a little more 
traction is that we, for example, are not able to send and immediate lock to 
our wifi locks because they connect to the controller for a very short amount 
of time at midnight (or whatever time they're programmed to do it), at which 
time the sync occurs, and after that they disconnect from wifi, once they 
disconnect, the controller is not able to access them because they are offline. 
So in an emergency situation this doesn't work very well at all, especially if 
you have, or are looking into a system integrated with your locks (like 
informacast for example) that can lock down your whole campus with the push of 
a button. Now, our locks are about 4 or 5 years old so it might be that the new 
ones are smarter, but this has been our experience with these so far.


rossella mariotti-jones | network analyst | information technology | chemeketa 
community college | p: 503-589-7775tel:503-589-7775 | e: 
rmari...@chemeketa.edumailto:rmari...@chemeketa.edu

On Thu, Jul 2, 2015 at 11:07 AM, Aaron Abitia 
aabi...@calpoly.edumailto:aabi...@calpoly.edu wrote:
Yeah, this thread is summing up the issues with doing the door locks over WiFi, 
but in the near term it's unlikely that any arguments will deter most 
organizations because it's all about initial financial layout. The cost of 
retrofit for a hardwire connection is so high, they will not want to pay for 
that when wireless is available.  They don't yet know about the pitfalls, but 
since it's all about the initial layout, none of that matters until disasters 
start to occur.  Here there's a push to do the same thing in our dorms. The 
only buildings that will get hardwire to the door locks are the ones already in 
construction.
-Aaron

On Thu, Jul 2, 2015 at 10:33 AM, Derek Johnson 
djohn...@fhsu.edumailto:djohn...@fhsu.edu wrote:
Our campus planners are looking to standardize  modernize lock systems across 
campus, and they're drooling over my worst nightmare wireless door locks that 
connect to our existing wifi network.  2.4GHz only, of course.  I'm against 
this idea for too many reasons to list (technical  security-based), but I'm 
curious to hear perspectives from the community.  Has anyone deployed or had to 
support a wifi-based door lock system?  What's been your experience?

On the flip side, have you successfully fended off a push for wireless door 
locks?  If so, do tell... :)

Thinking back to Lee's recent drone discussion... perhaps I can get 
administration interested in drone surveillance instead of wifi door locks.  
That's an idea I could get behind...


Derek Johnson | Data Communications Coordinator
FORT HAYS STATE UNIVERSITY
415 Lyman Dr. TH 101, Hays, KS 67601
(785) 628 - 5688tel:%28785%29%20628%20-%205688 | 
dpjohn...@fhsu.edumailto:dpjohn...@fhsu.edu

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.



--
Aaron Abitia
Network Analyst
Enterprise Systems, Networks
Information Technology Services
Cal Poly State University
Tel: 805.756.1295tel:805.756.1295
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] netflix question

2015-03-23 Thread Mike Cunningham 
How does option 1) help with on-campus bandwidth use? Isn’t there going to be 
just as much traffic going across the link to your ISP if the ISP is the one 
caching Netflix?

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey Sessler
Sent: Monday, March 23, 2015 2:12 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] netflix question

We take the position that a residential user should expect a similar experience 
to what they would get at home. It's one of the best ways to prevent 
residential users from finding ways around bandwidth caps e.g. free VPN to get 
around Netflix cap. If Netflix is causing you bandwidth issues, increase your 
Internet bandwidth. Internet costs keep going down, and we've been able to 
increase our bandwidth with no increase in cost i.e. when our 1Gb contract was 
up, moving to 10Gb was the same price.

1) Check with your local ISP and get them to direct peer with Netflix - It's 
Free - everyone should do it. Our regional EDU ISP did this for us.
2) Talk with Netflix about one of their local caching appliances.

https://openconnect.itp.netflix.com/

Jeff



 On Thursday, March 19, 2015 at 8:46 AM, in message 
 dm2pr0101mb1005ea65a6295a939459fcd5be...@dm2pr0101mb1005.prod.exchangelabs.commailto:dm2pr0101mb1005ea65a6295a939459fcd5be...@dm2pr0101mb1005.prod.exchangelabs.com,
  Alexander, David alexa...@ohio.edumailto:alexa...@ohio.edu wrote:
I wanted to know if Netflix has been a problem for other schools, specifically 
those with large residential campuses.

We’ve seen usage on our campus grow a lot over the past few years, and our 
response has been to implement a bandwidth cap on Netflix from 8 am to 10 pm.  
This pretty much makes Netflix unusable during the day.  When we lift the 
bandwidth cap at night, Netflix takes up around 40% of our total traffic.

I’m curious if other schools are dealing with Netflix bandwidth issues and what 
solutions you have implemented that allows students to enjoy Netflix without 
impacting the usability of the network.

Thanks,
Dave

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi

2015-02-11 Thread Mike Cunningham 
I'm wondering if it would be prudent for us to use a copyrighted name as part 
of any SSID we setup. Then if anyone else uses the same name we can go after 
them under copyright violation. Or we look at getting our current SSIDs 
copyrighted. We use Wildcat Wireless as our primary SSID but Wildcat is not 
copyrighted. If we use Penn College Wireless, Penn College is copyrighted and 
no one but us can use that name.  And we have the ubiquitous guest SSID which 
gives people no indication that it is even ours.  Are domain names protected?  
If we used wildcats.pct.edu or guest.pct.edu would we be able to tell anyone 
who might put up their own AP and use xx.pct.edu that they have to take it 
down? 

Mike Cunningham
VP of Information Technology Services/CIO
Pennsylvania College of Technology



-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh
Sent: Wednesday, February 11, 2015 10:47 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi

On Wed Feb 11 2015 09:22:55 CST, Bob Brown bbr...@nww.com wrote:
 
 Thought my recent interview with head of wireless for Partners 
 Healthcare might be of interest re: the FCC de-authing discussion
 
 http://www.networkworld.com/article/2881540/careers/how-not-to-get-sla
 mmed-by-the-fcc-for-wi-fi-blocking.html

One thing that I haven't seen mentioned (or it's just as likely that I missed 
it) is the situation where a user's AP is configured to broadcast the same 
network name as one of our SSIDs.  Is there justification to use deauth as a 
protective measure in those cases?


--
Julian Y. Koh
Acting Associate Director, Telecommunications and Network Services Northwestern 
University Information Technology (NUIT)

2001 Sheridan Road #G-166
Evanston, IL 60208
847-467-5780
NUIT Web Site: http://www.it.northwestern.edu/ PGP Public 
Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: USB / Electric charging stations

2015-01-27 Thread Mike Cunningham 
Not the only vendor in this space but the one we use http://www.kwikboost.com/

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chad Burnham
Sent: Tuesday, January 27, 2015 3:00 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] USB / Electric charging stations

HI Brian,

I saw this charging station example @ the Computing Center @ ASU (Tempe, AZ) 
last week while at a conference. We currently do not have any @ DU.

Chad

Chad D Burnham
Director of Telecommunications
University Technology Services
University of Denver
2100 S. High St. #106
Denver, CO 80208
Desk Phone: 303-871-4441
Mobile Phone: 303-520-5657
[UniversityTechnologyServices_Signature]



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman
Sent: Tuesday, January 27, 2015 10:22 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] USB / Electric charging stations

..just a diversion from the network side of wireless/BYOD, but how do people 
(if at all) address the need for charging the devices that your users want to 
throw on your wireless networks in public areas?

We've been throwing up new construction at a rate of about 1 new building every 
12-18 months.  Architects love to use floor-to ceiling glass on curtain walls 
these days, so where do you put outlets?  If you put them on the floor, they 
aren't convenient to access.

I've pushed for electricity near/under everywhere that we'll have furniture (or 
at least a good portion) that is conducive to studying or lounging for a long 
time.  But I'm also trying to take it a step further.  Anyone offering anything 
like this?  The unit below is ok (and commercial grade), but aesthetically it's 
.. eh.

What are you all doing?

http://www.globalindustrial.com/p/work-benches/power-strips/surge-protectors/wsc320-s-commercial-cord-ended-tabletop-unit-125v-15a-6-1116l-4-outlets?infoParam.campaignId=T9Fgclid=CJOMk5fUtMMCFRNp7AodkSIAoQ

-Brian


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal

2014-10-03 Thread Mike Cunningham 
What happens when all these hotspots start interfering with your business 
wireless APs and prevent you from conducting business? In the case of a hotel 
if all the door access is using wireless to let you in your room and all the 
personal hotpots being used by guests are preventing doors from opening then I 
think the hotel has the obligation to ban the use of hotspots. However if all 
these devices play nice and don't cause problems then no one should block 
anything.

We tell students they can't bring their own access points to dorms and if we 
find they we tell them to shut them down. I know of many colleges that do the 
same. I can see the FCC telling colleges they can't do that anymore if they can 
tell hotels they can't

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chris Murphy
Sent: Friday, October 03, 2014 2:41 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine 
features illegal

The first thoughts that pop to my mind are when is it ok to contain an AP that 
isn't a) on your network and b) doesn't belong to one of your employees?  As 
it's being used by a hotel guest the usual security concerns about rogues don't 
apply.  Would this be any different than containing an AP belonging to, say, an 
office bordering your site that isn't part of your institution?

-Chris

On Oct 3, 2014, at 2:22 PM, Lee H Badman 
lhbad...@syr.edumailto:lhbad...@syr.edu wrote:



What do you all think of this?
http://arstechnica.com/tech-policy/2014/10/after-blocking-personal-hotspot-at-hotel-marriott-to-pay-fcc-60/

- Lee Badman

-
Chris Murphy - MIT IST Operations Program Management - 
ch...@mit.edumailto:ch...@mit.edu

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] apple tv wired/wireless

2014-06-13 Thread Mike Cunningham 
Jason, to you happen to be working on anything for the non iOS world of tablets?

Mike Cunningham
Pennsylvania College of Technology


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Heffner
Sent: Friday, June 13, 2014 10:13 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] apple tv wired/wireless

We built an iOS app for discovery with appletvs at Penn State 
(http://mirror.psu.edu/) that works well. The appletvs used wired connections 
and a list is presented to the user they can select from. We’ve recently also 
added Reflector and AirServer support in an upcoming 1.2 release and finished a 
working OS X version this week. It works off a backend server that holds all 
the manual registrations for devices.

https://itunes.apple.com/us/app/mirror-by-penn-state/id811297100?mt=8

We are going to be testing it out this Fall with a few faculty/classes. The 
nice thing is it allows connections across our campuses and on networks where 
bonjour is disabled. We are keeping an eye on the bluetooth discovery and iOS8 
adhoc wireless feature. In testing we found that bluetooth discovery wasn’t the 
most reliable.

Jason


On Jun 13, 2014, at 9:30 AM, Hurt,Trenton W. 
trent.h...@louisville.edumailto:trent.h...@louisville.edu wrote:

For the folks that have apple tvs on campus.  How are they connecting to the 
network?  Wired/wireless


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] apple tv wired/wireless

2014-06-13 Thread Mike Cunningham 
Thanks. Mirrors (no pun intended) our testing here. We would like to have 
someone produce a device that we can connect to a room projector and have any 
mobile device do screen mirroring to the projector. iOS, Android, Windows 
mobile, laptops, anything with built in wifi. So far no such thing exists. We 
are also watching AirTame closely

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Heffner
Sent: Friday, June 13, 2014 10:44 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] apple tv wired/wireless

Mike,

That’s tricky. Android uses Miracast for screen mirroring. There is chromecast 
that has some very limited support for mirroring so far. I’ve also seen some 
android apps that do airplay mirroring but you need a certain android version 
and rooted device.

You can share content with certain android apps to an AppleTV but we are 
primarily interested in Mirroring. It opens up many more possibilities using 
the device and several companies have already tackled content sharing across 
devices like crestron, epson, panasonic, and a lot of other vendor specific 
hardware/apps.

I’m also watching the AirTame project closely.

Jason


On Jun 13, 2014, at 10:16 AM, Mike Cunningham 
mike.cunning...@pct.edumailto:mike.cunning...@pct.edu wrote:

Jason, to you happen to be working on anything for the non iOS world of tablets?

Mike Cunningham
Pennsylvania College of Technology


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Heffner
Sent: Friday, June 13, 2014 10:13 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] apple tv wired/wireless

We built an iOS app for discovery with appletvs at Penn State 
(http://mirror.psu.edu/) that works well. The appletvs used wired connections 
and a list is presented to the user they can select from. We’ve recently also 
added Reflector and AirServer support in an upcoming 1.2 release and finished a 
working OS X version this week. It works off a backend server that holds all 
the manual registrations for devices.

https://itunes.apple.com/us/app/mirror-by-penn-state/id811297100?mt=8

We are going to be testing it out this Fall with a few faculty/classes. The 
nice thing is it allows connections across our campuses and on networks where 
bonjour is disabled. We are keeping an eye on the bluetooth discovery and iOS8 
adhoc wireless feature. In testing we found that bluetooth discovery wasn’t the 
most reliable.

Jason


On Jun 13, 2014, at 9:30 AM, Hurt,Trenton W. 
trent.h...@louisville.edumailto:trent.h...@louisville.edu wrote:

For the folks that have apple tvs on campus.  How are they connecting to the 
network?  Wired/wireless


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found 
athttp://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

RE: Learning Catalytics App

2014-05-27 Thread Mike Cunningham 
We have looked at similar tools for smartphones but we always come back to the 
concern that not every student has a wifi enabled phone or tablet. Our last 
survey put that at around 85% do and 15% do not. What do you do with the 15% 
who do not? A package that allows both smartphone and clicker would be the 
perfect solution but I don't know if one exists or not. Students with a 
smartphone can buy the app and those that do not can buy (or rent) a clicker. 
We thought about trying to purchase some used android phones and not set them 
up for cell phone use and only use them as a wifi device but have not had time 
to give that a try

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios
Sent: Tuesday, May 27, 2014 9:43 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Learning Catalytics App

I was approached by one of our faculty to let me know that they are considering 
switching from their current classroom clickers technology (student response 
systems) to a web application called learning catalytics 
(https://learningcatalytics.com/). If you haven't heard about it, please look 
into it because sooner or later you'll see something similar.

The advantage of this application is that students can use their own 
WiFi-enabled devices, instead of clickers. But the obvious question is will 
this work on our current wireless environment?. And the answer is always, 
depends. For us, we are currently undergoing a redesign on a number of 
classrooms that we have identified as in need for High Density wireless. But 
these things take time, and money. Anyway, my question is, do you support a 
similar application on your wireless network? The biggest concern for us is 
that the nature of the application is to potentially cause users to transmit 
data at the same time.  We have a trial in a couple of weeks and at that point 
we will look closely into exactly how the application works and how much data 
it transmits. If you've played with something similar, I'd love to hear from 
you.

Thanks,

Hector Rios
Louisiana State University
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.