We currently register all devices on our network, however, there really
isn't a way to track people doing illicit activities unless they are
actively using the network at that time. To mitigate risks we have a
NetEnforcer to throttle certain types of traffic and it does a good job
of it. After setting up the policies on the device we rarely get DMCA
notices. To handle guests we setup a conference ID in NetReg so even if
we have an issue we at least can account for the MAC of the device and
what event allowed access to the network.
If your campus truly wants a wireless network that is both free to use
and open (by which I believe you mean no registration, no
authentication, and no encryption) then they would need to be made aware
that it could possibly open them up to a host of security and possible
liability issues. I would suggest if you were asked to proceed that you
segregate this wireless network from the rest of your network as much as
possible (ACLs and limited routing).
Heath
Scott Powell wrote:
I’ve read some responses on how to handle guest access, but I’m being
asked a slightly different question by my campus. We are considering
providing “free”/”open” wireless access on campus. I can think of a
myriad of issues, but I need to find out if anyone else has done this
and any comments you might have. We’ve been registering our user base,
and then they access the real network via a webvpn. Guests were
handled via the web auth in the Cisco WLC. My biggest concerns are how
to handle RIAA and Movie industry copyright notices, CALEA, as well as
the “unthinkable” activity over our wireless network. If it is “open”,
I don’t know how I’ll be able to identify who did what if at all. Any
feedback will be appreciated.
Scott Powell
Network Manager
Wittenberg University
spow...@wittenberg.edu <mailto:spow...@wittenberg.edu>
937-525-3821
937-327-7372 fax
www.wittenberg.edu <http://www.wittenberg.edu>
********** Participation and subscription information for this
EDUCAUSE Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
--
Heath Barnhart
Asst. Systems and Networking Admin
Information Systems and Services
Washburn University
Topeka, KS 66621
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.