Fair questions. Main thing is to only allow games, etc- disallow smart devices that ought to be using secure network. And... To make sure that only legit campus users are adding the devices because we bleed out into lots of neighborhoods.
Not PPSK option outside of Aerohive. Lee On Mar 1, 2016, at 11:03 AM, Jeffrey D. Sessler <j...@scrippscollege.edu<mailto:j...@scrippscollege.edu>> wrote: Playing devils advocate, I have to ask the opposite, which is why put up a barrier in the first place to the student on-boarding their device(s)? Is there sufficient history to suggest that having to register/on-board the device has a positive impact on the operation of the network? Should the goal be to have the experience be as close to what they had at home? I continue to focus on BYOD and IoT, where implementing something like PPSK (personal pre-shared key) is probably "good enough." I imagine a state where the student gets their key via the student portal and then uses it for all of their devices. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "lhbad...@syr.edu<mailto:lhbad...@syr.edu>" <lhbad...@syr.edu<mailto:lhbad...@syr.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Tuesday, March 1, 2016 at 6:11 AM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Hi Everyone, Not looking for a lot of input on all of the things you CAN do- just asking a focused question for those that are doing it. We're piloting the ability for students to self-register games, TVs, Roku, etc. but am astounded at how hard some devices are to find MAC addresses for from the user side. Amazon Echo is notorious, also fighting with a Roku 2. No labels, not easy to find in menu. Sure, you can find all of this on APs, but that isn't "self-service" for self-registration. Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE can fingerprint, but I'm finding that's far from accurate at times, and again- doesn't help with "register YOUR device by MAC" for users that can't see what network admins use. -Lee Badman Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
