We recently began blocking port 25 up/down for wireless users. While
this has always been blocked at our border it seems to make sense to
block in within the wireless group as well given the recent spate of
spam viruses using that port. The logs bear this out.
We also block access to the controller addresses from the wireless side
(natch) as well as specific high-profile sites that currently mandate NO
wireless access (Health Services, Police Dept., etc.).
Haven't blocked client to client traffic for fear of what we might break
(although we have a vlan pool of fifteen /24 client subnets and the odds
are most clients can't see their friends at L2)
Mike
*******************************
Michael Dickson
Network Analyst
University of Massachusetts Amherst
*******************************
Barros, Jacob wrote:
We were recently reviewing our policies on our Aruba wireless controller
and I am curious what ports or protocols others are blocking for student
wireless connections. For example, guest wireless connections are
straightforward: HTTP, SSL, DNS. Student connections are much more
complicated in my mind. Can anyone share an overall philosophy and some
specifics on how you manage student wireless connections?
Jacob Barros
Network Administrator
Grace College and Seminary
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
