Happy New Year to all! York University needs to create a guest WLAN service suitable for use by: a) individuals enrolled in on-campus 1-day to 5-day professional development courses but they bring their own locked-down corporate laptops for which the end-user has no administrative rights (making it difficult for them to configure their 802.1x supplicant) b) VIP guests (potential donors to the University) visiting the campus for the day c) suppliers visiting for the day to make presentations or to provide support for products and services used by the University d) prospective students (and parents) visiting the campus for the day e) guests of on-campus conferences (using residences and meeting spaces rented by our hotel operation)
We intend to have the guest user self-register for time-limit (12 hours at a stretch) access via email address or mobile phone number (which may be reached via SMS.) We have an existing temporary/sponsored account mechanism which is suitable for use by individuals who require 'full WLAN service' and whose arrival is pre-arranged. However, this does not support self-registration and is perceived by our clientele as too cumbersome for use by this group of users. We have eduroam deployed but most of the users in the target market do not have high-education userids elsewhere and thus are not able to leverage that service. Our corporate IT policies are such that we prefer to have all users with a long-term relationship to the University (enrolled students, faculty, staff, researchers) use our standard 802.1x authenticated service which is tied to our corporate ID management systems. This permits us to link any abuse or data breach back to a particular individual and apply one of a number of standard response procedures to mitigate the malware found in the client device or the in head of the end-user as appropriate. How does your institution define guest WLAN service vs. corporate WLAN services? How does your institution encourage use of the corporate WLAN service vs. Guest WLAN service by those individuals who are known to corporate ID management? How do the capabilities of your Guest WLAN service differ from those of the corporate WLAN service? (e.g. throughput limits? restricted TCP/UDP ports? application restrictions? other?) Thanks in advance for any and all input. Eriks "In God we trust; all others must bring data." - attributed to W. Edwards Deming --- Eriks Rugelis | Manager, Network Development | University Information Technology 010 Steacie Science and Engineering Library | York University | 4700 Keele St. , Toronto ON Canada M3J 1P3 T: +1.416.736.5756 | F: +1.416.736.5830 | er...@yorku.ca | www.yorku.ca York UIT will NEVER send unsolicited requests for passwords or other personal information via email. Messages requesting such information are fraudulent and should be deleted. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.