We are looking at technologies such as Radius, Cisco Clean Access, etc. to
require our wireless client to authenticate to our network. Currently we have
an open, unsecured wireless network. What are you Higher Ed institutions
implementing to make sure that only valid users are using your
How many users do you have? How does the initial cost and maintenance of the
Bradford system stack up against other products such as Clean Access?
Daniel R. Bennett
CompTIA Security+
Information Technology Security Analyst
Pennsylvania College of Technology
One College Ave
Williamsport, PA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At 07:43 -0400 3/26/2008, Daniel Bennett wrote:
What are you Higher Ed institutions implementing to make sure that only
valid users are using your wireless networks?
With our first generation network, we allowed all devices to associate, but
a VPN
Our wireless network policy allows anyone to access it, however a VPN is
required to get back into the main network for anything beyond basic
internet access.
We are also looking at a 802.1x solution along side WPA/WPA2. I'm also
exploring the new Network Access Protection feature in Server 2008
We use a captive portal scenario with Bluesocket boxes. The Bluesocket
boxes redirect the user to a login page and verifies the account/password
combination via RADIUS.
J
James Savage York University
Senior Communications
At Syracuse University, we have a year-old 802.1x implementation that
went extremely well by most accounts. We have around 85% adoption on a
large WLAN that typically peaks out at over 5,000 concurrent users at
its busiest.
The non-802.1x users are a combination of devices that can't easily do
Brian,
I'm curious about your Meru experiences. Aruba recently released a white paper
on the downsides of a single-channel architecture. Its a pretty cogent
argument, and I haven't seen any response yet from Meru.
You can take a look at it here:
We are using Trapeze Networks for our hardware and we have three SSIDs
1) unencrypted - uses the captive portal built in to the Trapeze unit.
2) encrypted with 802.1x authentication - WPA/WPA2 (AES, TKIP, PEAP,
EAP, EAP-TTLS, etc.)
3) encrypted with 802.1x for Macs - WPA/WPA2, Only does TKIP,
Not intending to hijack this thread, but to supplement it, I am curious
about what other organizations are doing for CALEA compliance with
respect to wireless, especially if you're leaving open access to the
Internet.
Thanks,
Chris
Daniel Bennett wrote:
We are looking at technologies
We are currently using the NAC product from Impulse to authenticate all
users on to our wireless network.
Bruce Entwistle
Associate Director Enterprise Services
University of Redlands
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL
I'd be interested to hear some comments on the CALEA question as well.
Hector
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Gauthier
Sent: Wednesday, March 26, 2008 10:19 AM
To:
I would second that, their technical support service is incredible, and are
patient and supportive, and in terms of ease of use, flexibility, and
overall power, they ignition server has all others beat.
Jason D. Appah
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent
That's what I want - the truth (from Meru). --Bruce
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Daniel Eklund
Sent: Wednesday, March 26, 2008 12:26 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re:
13 matches
Mail list logo