I especially agree about the onboarding issue. While it's great that the
market for onboarding tools is growing (we currently have three systems
capable on wireless onboarding, only one of which was bought for that
purpose!) they all feel like ridiculously expensive rolls of duct tape
necessary only because every OS reinvents the wheel with wildly varying
shapes. It's ridiculous to me that in this day and age there's no cross
vendor standard for a wireless device to request a set of network credentials
after authenticating with user credentials. Instead we have DNS/HTTP
intercept, captive portal detection, and vendors whose primary value-add is
that they track all of the os version specific quirks and bugs (call function
X to add a cert to the store, unless it's android >= 4.0 on a Samsung...).
We should be able to have a simple authenticated service that feeds the
equivalent of an apple mobileconfig containing a full set of wireless settings
and credentials (like a per-user certificate) that can be read by any client
device, and *just work*.
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
Manager of Network Operations | is simple, elegant, and wrong.
Worcester Polytechnic Institute | - HL Mencken
On 01/23/2015 01:36 PM, Brian Helman wrote:
But our environments are unique in the sense that we have many of the same
data security concerns that a hospital has, but unlike their tenants, ours are
1) largely irresponsible children, 2) using systems we have to maintain (I’ve
never seen a hospital help a patient fix a laptop) and 3) live on site for
long periods of time. Your points regarding media/game systems are well
taken and appreciated by everyone on here who has resident students though. I
say this over and over .. it’s really not the “rule” that is the problem, it’s
the exceptions. And those “Internet of things” devices (far beyond “BYOD”)
are becoming more and more prevalent everywhere on campus… and very few of
them support “enterprise” wireless configurations.
As far as the onboarding headaches, I’m still surprised at how difficult this
is. The closest I’ve seen to a good process is from a (very expensive) cloud
**cough** provider. But is that expense warranted? Or better asked, WHY do
we STILL NEED that expense when we’re now 4-5 generations (depending on how
you count 11n) into mainstream wireless?
My fear is that we are going to start seeing proprietary ‘standards’ for
on-boarding similar to how Ethernet drivers worked 20 years ago or NAC-type
interfaces built in to some supplicant-like application that each wifi vendor
packages with their equipment (ie an enterprise version of WPS).
-Brian
*From:*The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeffrey Sessler
*Sent:* Friday, January 23, 2015 1:20 PM
*To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
*Subject:* Re: [WIRELESS-LAN] Trying to get the Wi-Fi Alliance's Attention
I think you could accomplish the same consumer friendly setup in classrooms,
labs, etc. and still provide meet your goals including regulatory
compliance. I see this sort of hybrid approach today in hospital settings, so
I'm not sure why it can't be accomplished in EDU. The new Kaiser hospital in
my area has free WiFi everywhere, secure wifi for all their mobile computer
stations (one per room), EKGs, pumps, etc. mesh-based location solution with
tags on everything, and cellular distribution.
I would also question setting highest performance as a goal. What you want is
a solution that provides the user what they need at the moment they need it. I
didn't deploy 802.11n or 802.11ac so that I could win unrealistic max
performance claims. I deployed those technologies to support more efficient
access to a finite amount of spectrum. And if performance is a goal, it's
going to be more difficult to attain if the access to the service is complex
enough to make the typical user reach for their MiFi device.
Jeff
On Friday, January 23, 2015 at 9:44 AM, in message
<7c623f076ece4354b6039ec505e9c...@ex13-mbx-10.ad.syr.edu
<mailto:7c623f076ece4354b6039ec505e9c...@ex13-mbx-10.ad.syr.edu>>, Lee H
Badman <lhbad...@syr.edu <mailto:lhbad...@syr.edu>> wrote:
No easy answer. The dorms could be set up “consumer style” with a different
operational profile, SSID, etc and don’t HAVE to be run like the rest of campus.
But in classrooms, labs and meeting rooms there is now way to deliver highest
performance, regulatory compliance, and accommodation of crap devices all at
the same time without hyper complexity, and then at the physics level you
still have problems.
Even if every issue can’t be fixed in one fell swoop, there are a number of
easy tweaks that device makers could provide if they pulled their heads out of
2004.
Lee Badman
Wireless/Network Architect
ITS, Syracuse University
315.443.3003
(Blog: http://wirednot.wordpress.com)
*From:*The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeffrey Sessler
*Sent:* Friday, January 23, 2015 12:39 PM
*To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
*Subject:* Re: [WIRELESS-LAN] Trying to get the Wi-Fi Alliance's Attention
I don't know Lee, in my mind is it the device maker's requirements to work in
both consumer and enterprise environment, or does the enterprise wlan market
need to figure out how to look more like a consumer wlan? Is this a problem
EDU's have created because of some desire to provide a service that's more
complex or invasive to use then it has to be? Is there really a need to
on-board devices and have them associate using WPA2 Ent, or could we support
the bulk of our users (especially students) using something more consumer
friendly?
Take residential (dorm) wifi as an example. If you had a model with an open or
PSK-emulated wireless network coupled with location-based service filtering,
the user gets on with every device out there, and they can see their
chromecast, appletv, etc. and any others on that AP or 1 adjacent. Pretty much
gives you the consumer feel.
Jeff
On Thursday, January 22, 2015 at 11:47 AM, in message
<432756068f5346b59e108b825efca...@ex13-mbx-10.ad.syr.edu
<mailto:432756068f5346b59e108b825efca...@ex13-mbx-10.ad.syr.edu>>, Lee H
Badman <lhbad...@syr.edu <mailto:lhbad...@syr.edu>> wrote:
I know self-promotion is in poor taste, but wanted to share this
http://www.networkcomputing.com/wireless-infrastructure/the-case-for-wlan-interoperability/a/d-id/1318718?
and encourage anyone of like (or opposing) mind to add comments. I'm told that
the Alliance is at least reading along, FWIW.
-Lee
*Lee H. Badman*
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
