> As mentioned on the page to download the NIST Zero Trust Network
> Architecture document
>
> "Zero trust focuses on protecting resources (assets, services, workflows,
> network accounts, etc.), not network segments, as the network location is
> no longer seen as the prime component to the securit
> On Feb 1, 2021, at 7:26 PM, William Green wrote:
>
> I don't believe the network is the appropriate place for security to be
> applied, but witnessing the carnage... I believe there is a careful
> cost/benefit role.
>
> By n=1, I was clumsily referring to Terry Gray's Perimeter Protection
-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wireless Segmentation and NAC
All I would say here is that networks are not obligated to accommodate every
half-baked, livin-in-1988 device that comes along, either. You can say no to
the worst offenders, and also work with device manufacturers on occasio
All I would say here is that networks are not obligated to accommodate every
half-baked, livin-in-1988 device that comes along, either. You can say no to
the worst offenders, and also work with device manufacturers on occasion to
help them drag their stuff into this century rather than risk non-
One more consideration for network design (especially L2, L3) and policy
enforcement architecture, somewhat relevant in this "segment the network?
And how?" portion of this thread: the __performance effects/consequences__
of consumer IoT tech operating in the Enterprise setting (what I call
BYOT).
I don't believe the network is the appropriate place for security to be
applied, but witnessing the carnage... I believe there is a careful
cost/benefit role.
By n=1, I was clumsily referring to Terry Gray's Perimeter Protection Paradox--
wanting to get to a perimeter of 1 (or very few failing
> On Jan 26, 2021, at 6:39 PM, William Green wrote:
>
> I've long been a proponent of Zero Trust (before it was called that).
Yes the Jericho Forum and others were right about issues that are included in
Zero Trust.
Or at least one camp of Zero Trust.
“Bekker says that the vendor landscape
t: Re: [WIRELESS-LAN] Wireless Segmentation and NAC
EXTERNAL MESSAGE
I've long been a proponent of Zero Trust (before it was called that).
To flip the concern around, however, what about the connecting end device (e.g.
Internet Of Trash)? I don't expect end device security postures to
I've long been a proponent of Zero Trust (before it was called that).
To flip the concern around, however, what about the connecting end device (e.g.
Internet Of Trash)? I don't expect end device security postures to improve in
the foreseeable. The network can't fix their postures, but it can
Now might be a good time to consider a Zero Trust Network Architecture.
As mentioned on the page to download the NIST Zero Trust Network Architecture
document
"Zero trust focuses on protecting resources (assets, services, workflows,
network accounts, etc.), not network segments, as the network
>>
On Behalf Of John Pertalion
Sent: 22 January 2021 16:45
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] [External] Re: [WIRELESS-LAN] Wireless Segmentation
and NAC
Aruba Instant can manage 25 access points per network.
UCAUSE Wireless Issues Community Group Listserv <
>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *John Pertalion
>> *Sent:* 22 January 2021 16:45
>> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>> *Subject:* Re: [WIRELESS-LAN] [External] Re: [WIRELESS-LAN] Wireless
&g
e EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *John Pertalion
> *Sent:* 22 January 2021 16:45
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] [External] Re: [WIRELESS-LAN] Wireless
> Segme
] Wireless Segmentation
and NAC
Aruba Instant can manage 25 access points per network.
Aruba Central can handle thousands of access points.
Moody would be best served by Central, if they wanted to go controllerless.
On Fri, Jan 22, 2021 at 11:31 AM Enfield, Chuck
mailto:cae...@psu.edu>>
I agree about not wanting to manage a on premise wireless controller anymore.
We have been looking at the cloud solutions of all the vendors.
However, we got some major push back from the Aruba sales engineer. He pushed
hard for using the Aruba controller and didn't appear to have much conf
Group Listserv
On Behalf Of Enfield, Chuck
Sent: Friday, January 22, 2021 11:32 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wireless Segmentation and NAC
Just curious, but for the respondents recommending Aruba, would that be the
controller-based flavor or the Instant
)
> *Sent:* Friday, January 22, 2021 11:11 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Wireless Segmentation and NAC
>
>
>
> Sounds like a fun project!
>
> Agreed that Aruba and ClearPass are solid. They're both working well for
> u
We at Chemeketa Community College have done all this with Ruckus and
Cloudpath for several years now.
On Fri, Jan 22, 2021 at 6:45 AM Joseph Runkles wrote:
>
> Hi,
>
> We are in the middle of conversations with vendors for a wireless overhaul
> as a relatively small school (we will end up with 1
ing looks compelling.
Billy
From: The EDUCAUSE Wireless Issues Community Group Listserv
on behalf of Enfield, Chuck
Sent: Friday, January 22, 2021 11:31
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wireless Segmentation and NAC
Just
S-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wireless Segmentation and NAC
Sounds like a fun project!
Agreed that Aruba and ClearPass are solid. They're both working well for us and
have for a long time.
If I were to investigate a new system for wireless service and network access
co
nt: Friday, January 22, 2021 10:12
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wireless Segmentation and NAC
This isn't a very deep answer, but aruba with clearpass should do everything
you're asking about.
Robert Harris
Manager – Telecom, Networks, & AV Servic
Hi Joey,
That is a big project and those are all good questions. Here is a data
point for you.
We use Aruba for wireless and guest portal, Impluse's Safeconnect for
our NAC, Windows for Radius against our AD.
~1400 APs
Three SSIDs [eduroam, IOT, and guest]
Radius for local accounts returns a group
urs.™
Please consider the environment before printing this e-mail.
-Original Message-
From: The EDUCAUSE Wireless Issues Community Group Listserv
On Behalf Of Joseph Runkles
Sent: Friday, January 22, 2021 9:36 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Wireless Se
Hi,
We are in the middle of conversations with vendors for a wireless overhaul as a
relatively small school (we will end up with 1000-1200 AP’s). We are moving
away from Cisco Aironet and currently talking with Ruckus, Extreme(aerohive),
Juniper(Mist) and Aruba. To further complicate things w
24 matches
Mail list logo
