Re: [WIRELESS-LAN] Open-Free Access wireless

Wed, 16 Sep 2009 09:04:49 -0700

We currently register all devices on our network, however, there really isn't a way to track people doing illicit activities unless they are actively using the network at that time. To mitigate risks we have a NetEnforcer to throttle certain types of traffic and it does a good job of it. After setting up the policies on the device we rarely get DMCA notices. To handle guests we setup a conference ID in NetReg so even if we have an issue we at least can account for the MAC of the device and what event allowed access to the network.
If your campus truly wants a wireless network that is both free to use and open (by which I believe you mean no registration, no authentication, and no encryption) then they would need to be made aware that it could possibly open them up to a host of security and possible liability issues. I would suggest if you were asked to proceed that you segregate this wireless network from the rest of your network as much as possible (ACLs and limited routing). 

Heath

Scott Powell wrote:



I’ve read some responses on how to handle guest access, but I’m being 
asked a slightly different question by my campus. We are considering 
providing “free”/”open” wireless access on campus. I can think of a 
myriad of issues, but I need to find out if anyone else has done this 
and any comments you might have. We’ve been registering our user base, 
and then they access the real network via a webvpn. Guests were 
handled via the web auth in the Cisco WLC. My biggest concerns are how 
to handle RIAA and Movie industry copyright notices, CALEA, as well as 
the “unthinkable” activity over our wireless network. If it is “open”, 
I don’t know how I’ll be able to identify who did what if at all. Any 
feedback will be appreciated.


Scott Powell

Network Manager

Wittenberg University

spow...@wittenberg.edu <mailto:spow...@wittenberg.edu>

937-525-3821

937-327-7372 fax

www.wittenberg.edu <http://www.wittenberg.edu>


********** Participation and subscription information for this 
EDUCAUSE Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.





--
Heath Barnhart
Asst. Systems and Networking Admin
Information Systems and Services
Washburn University
Topeka, KS 66621

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.






















					Reply via email to