We use to exempt them per device as requested, but it became unmanageable. We thought about doing a blanket exemption but felt it was more of a security risk to have such a small, easy to install software that can cause problems on unknown devices with full access. As a result we adopted a policy of forcing the users to authenticate through a web browser on their device, with an exemption possibly being made on a case by case basis for devices that do not have a general web browser (an MP3 player, or some other device.)
More information on our policy can be found at http://help.rockhurst.edu/node/75 Michael Stanclift Network Analyst Rockhurst University http://help.rockhurst.edu<http://help.rockhurst.edu/> (816) 501-4231 From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Robert J. Rutkowski Sent: Monday, January 12, 2009 3:31 PM To: [email protected] Subject: iPod Touch, Blackberry, etc.. Forgive me if this has been discussed before, I searched my archive and didn't really find much. I was wondering how everyone was handling the recent bloom in personal devices that connect to wireless networks. Today is the first day of the semester and already we have a student with a Blackberry Curve that has WiFi and another with an iPod Touch with WiFi. I was just wondering how others are handling these types of situations. One option I thought of was to make wildcard OUI exceptions, similar to the game consoles, but then I'd have to start gathering OUIs and create a role that allowed them the correct access. Any help or comments are appreciated! Thanks! Rob Robert J. Rutkowski Network Administrator Keystone College (570) 945-8204 [email protected]<mailto:[email protected]>
