All of a-e would be classified as a "guest"; essentially anyone but faculty/staff/students. It is much more locked down for traffic (basically web traffic only) and is bandwidth limited (per device, and as a whole). It also can only connect to the Internet with no connection to the internal network. We also have a similar time limit (1 day) for most guests. The exception is long term guests (professor visiting for a week, week long summer basketball camp, etc); these get special extended time guest accounts specific to the situation and only good for the duration of the visit.
For faculty/staff/students, I see very little reason why they would want to use the guest network instead of the standard on campus network. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Eriks Rugelis Sent: Thursday, January 5, 2017 7:51 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: EXTERNAL: [WIRELESS-LAN] Guest WLAN capabilities/policies Happy New Year to all! York University needs to create a guest WLAN service suitable for use by: a) individuals enrolled in on-campus 1-day to 5-day professional development courses but they bring their own locked-down corporate laptops for which the end-user has no administrative rights (making it difficult for them to configure their 802.1x supplicant) b) VIP guests (potential donors to the University) visiting the campus for the day c) suppliers visiting for the day to make presentations or to provide support for products and services used by the University d) prospective students (and parents) visiting the campus for the day e) guests of on-campus conferences (using residences and meeting spaces rented by our hotel operation) We intend to have the guest user self-register for time-limit (12 hours at a stretch) access via email address or mobile phone number (which may be reached via SMS.) We have an existing temporary/sponsored account mechanism which is suitable for use by individuals who require 'full WLAN service' and whose arrival is pre-arranged. However, this does not support self-registration and is perceived by our clientele as too cumbersome for use by this group of users. We have eduroam deployed but most of the users in the target market do not have high-education userids elsewhere and thus are not able to leverage that service. Our corporate IT policies are such that we prefer to have all users with a long-term relationship to the University (enrolled students, faculty, staff, researchers) use our standard 802.1x authenticated service which is tied to our corporate ID management systems. This permits us to link any abuse or data breach back to a particular individual and apply one of a number of standard response procedures to mitigate the malware found in the client device or the in head of the end-user as appropriate. How does your institution define guest WLAN service vs. corporate WLAN services? How does your institution encourage use of the corporate WLAN service vs. Guest WLAN service by those individuals who are known to corporate ID management? How do the capabilities of your Guest WLAN service differ from those of the corporate WLAN service? (e.g. throughput limits? restricted TCP/UDP ports? application restrictions? other?) Thanks in advance for any and all input. Eriks "In God we trust; all others must bring data." - attributed to W. Edwards Deming --- Eriks Rugelis | Manager, Network Development | University Information Technology 010 Steacie Science and Engineering Library | York University | 4700 Keele St. , Toronto ON Canada M3J 1P3 T: +1.416.736.5756 | F: +1.416.736.5830 | er...@yorku.ca<mailto:er...@yorku.ca> | www.yorku.ca<http://www.yorku.ca/> York UIT will NEVER send unsolicited requests for passwords or other personal information via email. Messages requesting such information are fraudulent and should be deleted.<http://www.yorku.ca/> ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.