RE: Self-registered MAC device bypass- worth the headaches?

2016-03-02 Thread Chris Adams (IT) 
We are using Aerohive PPSK for media devices on our residential network as 
well. We have a RESNet-Media SSID for gaming consoles, smart-TVs, streaming 
media devices, and other non-802.1x compliant devices to connect to.

 

We strictly enforce 1 key per device connection limits to avoid abuse.

 

This solution has worked well for us because we have been able to create 
accounts within the HiveManager for the IT Service Desk to provision the PPSK 
keys themselves and simplify key distribution. We also automatically roll the 
keys every 12 months which prevents stale/idle keys from hanging around too 
long.

 

Thanks,

 

Chris Adams

 

Director, Network & Telecom Services

Division of Information Technology

University of North Georgia

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Forrester, Matthew
Sent: Tuesday, March 1, 2016 5:18 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

 

I believe that is a bit out of date!

 

We use Aerohive and their PPSK option extensively.  We love the feature.  The 
total number of PPSK’s that each access point can store is around 5000 at this 
time.  For our environment, that is more than enough.  Aerohive is a great 
company and their kit is wonderful.

 

Thanks,

 

Matt Forrester
Senior Systems Engineer

Berry College

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt
Sent: Tuesday, March 1, 2016 3:58 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
 
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

 

Not sure how up to date this is…

 

http://2.bp.blogspot.com/-XhUW84JOJj4/TdZdX3YbIJI/AAA/BpQ7LDfc5Yo/s1600/comparison%2Bbetween%2BPPSK.jpg

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield
Sent: Tuesday, March 1, 2016 3:09 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
 
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

 

I’m curious how PPSK scales.  What are the limits on the number and span of a 
PPSK?

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Coehoorn, Joel
Sent: Tuesday, March 01, 2016 12:02 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
 
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

 

Ruckus supports a PPSK variant, as well.

 

I'm just gonna put this out there. I have this idea in my head for an ideal 
wifi service. It starts with personal pre-shared key (PPSK), but it's something 
I don't believe is possible yet with any vendor.

 

Step one is to create a unique key prefix for each user, effectively embedding 
a username value (the prefix) into the same field as the key/password. The 
prefix would be as short as possible, perhaps as small as three characters, in 
order to keep entry into devices simple. The purpose of this prefix is to allow 
users to choose their own wifi password, while still ensuring that each PSK 
value is unique and identifiable to a given user. If we don't value allowing 
users to choose their own wifi passwords, we could instead generate and assign 
them, and just map back the assigned key to the user.. but I believe there is 
value in this.

 

Users would onboard by first connecting to a portal available via open/limited 
ssid to claim their key. They would have to log in with their traditional 
username/password. The portal would then prompt them for a key suffix (their 
wifi password), and then show them the complete key (prefix + suffix), which 
would be registered with our system. It would also have options to show them 
history for devices authenticated using their key, expire an old/create a new 
key using the same prefix, and other typical account management options. Once 
created, that key could be used with anything that supports traditional PSK 
connections. 

 

One important feature that I'd like to see as part of this, and what I think 
helps make this idea unique, is that devices authenticated with the same PPSK 
should always end up with the same vlan id. In this way, a student would be 
able to, for example, connect to a desktop in his room from the phone/tablet he 
brought to class and grab a file he forget to show an instructor. It also makes 
things like wireless printers, long the bane or our existence, almost 
reasonable in terms of setup and support.

 

By keeping a prefix that's unique to each user, or mapping all key assignments 
back to the user, we can still always know who is responsible for a given 
device. We could do things like get a report of keys that

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Forrester, Matthew 
I believe that is a bit out of date!

We use Aerohive and their PPSK option extensively.  We love the feature.  The 
total number of PPSK’s that each access point can store is around 5000 at this 
time.  For our environment, that is more than enough.  Aerohive is a great 
company and their kit is wonderful.

Thanks,

Matt Forrester
Senior Systems Engineer
Berry College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt
Sent: Tuesday, March 1, 2016 3:58 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Not sure how up to date this is…

http://2.bp.blogspot.com/-XhUW84JOJj4/TdZdX3YbIJI/AAA/BpQ7LDfc5Yo/s1600/comparison%2Bbetween%2BPPSK.jpg

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield
Sent: Tuesday, March 1, 2016 3:09 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

I’m curious how PPSK scales.  What are the limits on the number and span of a 
PPSK?

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Coehoorn, Joel
Sent: Tuesday, March 01, 2016 12:02 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Ruckus supports a PPSK variant, as well.

I'm just gonna put this out there. I have this idea in my head for an ideal 
wifi service. It starts with personal pre-shared key (PPSK), but it's something 
I don't believe is possible yet with any vendor.

Step one is to create a unique key prefix for each user, effectively embedding 
a username value (the prefix) into the same field as the key/password. The 
prefix would be as short as possible, perhaps as small as three characters, in 
order to keep entry into devices simple. The purpose of this prefix is to allow 
users to choose their own wifi password, while still ensuring that each PSK 
value is unique and identifiable to a given user. If we don't value allowing 
users to choose their own wifi passwords, we could instead generate and assign 
them, and just map back the assigned key to the user.. but I believe there is 
value in this.

Users would onboard by first connecting to a portal available via open/limited 
ssid to claim their key. They would have to log in with their traditional 
username/password. The portal would then prompt them for a key suffix (their 
wifi password), and then show them the complete key (prefix + suffix), which 
would be registered with our system. It would also have options to show them 
history for devices authenticated using their key, expire an old/create a new 
key using the same prefix, and other typical account management options. Once 
created, that key could be used with anything that supports traditional PSK 
connections.

One important feature that I'd like to see as part of this, and what I think 
helps make this idea unique, is that devices authenticated with the same PPSK 
should always end up with the same vlan id. In this way, a student would be 
able to, for example, connect to a desktop in his room from the phone/tablet he 
brought to class and grab a file he forget to show an instructor. It also makes 
things like wireless printers, long the bane or our existence, almost 
reasonable in terms of setup and support.

By keeping a prefix that's unique to each user, or mapping all key assignments 
back to the user, we can still always know who is responsible for a given 
device. We could do things like get a report of keys that authenticate more 
than, say, 6 devices to monitor for key abuse, expire keys when there is a 
problem, engage a known user when expiring old keys is not enough, and even map 
users to specific vlan pools for network policy enforcement. We could also 
create keys for events or specially classes of device (security cameras, door 
locks, wifi phones, etc). Additionally, per-user keys means each user's 
over-the-air signals have different encryption keys, preventing things like 
firesheep from working. This is just about all the things we do with 802.1x 
today, but in a form that's much friendlier to the consumer devices we have to 
support.

This plan effectively embeds a username (the prefix) and a password (suffix) 
into the same value, with our without the prefix, so some of the same security 
concerns apply, but these are solvable problems. We just need to get vendors on 
board with the idea.



[http://www.york.edu/Portals/0/Images/Logo/YorkCollegeLogoSmall.jpg]


Joel Coehoorn
Director of Information Technology
402.363.5603
jcoeho...@york.edu



The mission of York College is to transform lives through

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread trent . hurt 
Not sure how up to date this is…

http://2.bp.blogspot.com/-XhUW84JOJj4/TdZdX3YbIJI/AAA/BpQ7LDfc5Yo/s1600/comparison%2Bbetween%2BPPSK.jpg

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield
Sent: Tuesday, March 1, 2016 3:09 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

I’m curious how PPSK scales.  What are the limits on the number and span of a 
PPSK?

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Coehoorn, Joel
Sent: Tuesday, March 01, 2016 12:02 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Ruckus supports a PPSK variant, as well.

I'm just gonna put this out there. I have this idea in my head for an ideal 
wifi service. It starts with personal pre-shared key (PPSK), but it's something 
I don't believe is possible yet with any vendor.

Step one is to create a unique key prefix for each user, effectively embedding 
a username value (the prefix) into the same field as the key/password. The 
prefix would be as short as possible, perhaps as small as three characters, in 
order to keep entry into devices simple. The purpose of this prefix is to allow 
users to choose their own wifi password, while still ensuring that each PSK 
value is unique and identifiable to a given user. If we don't value allowing 
users to choose their own wifi passwords, we could instead generate and assign 
them, and just map back the assigned key to the user.. but I believe there is 
value in this.

Users would onboard by first connecting to a portal available via open/limited 
ssid to claim their key. They would have to log in with their traditional 
username/password. The portal would then prompt them for a key suffix (their 
wifi password), and then show them the complete key (prefix + suffix), which 
would be registered with our system. It would also have options to show them 
history for devices authenticated using their key, expire an old/create a new 
key using the same prefix, and other typical account management options. Once 
created, that key could be used with anything that supports traditional PSK 
connections.

One important feature that I'd like to see as part of this, and what I think 
helps make this idea unique, is that devices authenticated with the same PPSK 
should always end up with the same vlan id. In this way, a student would be 
able to, for example, connect to a desktop in his room from the phone/tablet he 
brought to class and grab a file he forget to show an instructor. It also makes 
things like wireless printers, long the bane or our existence, almost 
reasonable in terms of setup and support.

By keeping a prefix that's unique to each user, or mapping all key assignments 
back to the user, we can still always know who is responsible for a given 
device. We could do things like get a report of keys that authenticate more 
than, say, 6 devices to monitor for key abuse, expire keys when there is a 
problem, engage a known user when expiring old keys is not enough, and even map 
users to specific vlan pools for network policy enforcement. We could also 
create keys for events or specially classes of device (security cameras, door 
locks, wifi phones, etc). Additionally, per-user keys means each user's 
over-the-air signals have different encryption keys, preventing things like 
firesheep from working. This is just about all the things we do with 802.1x 
today, but in a form that's much friendlier to the consumer devices we have to 
support.

This plan effectively embeds a username (the prefix) and a password (suffix) 
into the same value, with our without the prefix, so some of the same security 
concerns apply, but these are solvable problems. We just need to get vendors on 
board with the idea.



[http://www.york.edu/Portals/0/Images/Logo/YorkCollegeLogoSmall.jpg]


Joel Coehoorn
Director of Information Technology
402.363.5603
jcoeho...@york.edu



The mission of York College is to transform lives through Christ-centered 
education and to equip students for lifelong service to God, family, and society

On Tue, Mar 1, 2016 at 10:20 AM, David R. Morton 
> wrote:
Matt, Bill and others,

You’d indicated that you have instructions for most common devices, is this 
something that you can share. Like others, we have a manual registration 
process (built on ClearPass), but it does require the MAC in order to complete 
the registration. The Amazon Echo is now relatively straightforward, as it 
shows up in the Alexa app after you’ve connected your phone to the Echo. To 
find it, users open the Alexa app, go to settings, choose the device and scroll 
all the way down to the bottom

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Seward, Bill 
We haven't had an Echo show up, at least as far as I know.  Our how-tos are on 
our Jenzabar-driven portal, so they aren't exactly normal files I can email.  I 
have a printable handout that we leave in all residence hall rooms at the 
beginning of fall semester, but it is light on illustrations in order to keep 
the length (and expense) down.  I also haven't added in the latest items that 
we've had show up this year.  Need to do that before fall

As far as the ongoing discussion on the subject of open vs. closed networks, my 
input is that our students pay to be on our network and deserve our best 
efforts in providing them with the best possible service in terms of speed and 
a smooth experience.  We invested a lot of money in ClearPass, in wireless APs 
and other hardware and in bandwidth to make it that way.  Everyone else, be 
they neighbors or transients through the area, did not pay to be on our 
network.  They may pay for their own, just as I do.

Bill Seward   |   Director of Information Technology

Office of Information Technology
P.O. Box 960   |   48380 US Hwy 52
Misenheimer, NC  28109
Office  704-463-3066   |   Fax  704-463-1363
pfeiffer.edu   |   
facebook.com/PfeifferUniversity   | 
  @Pfeiffer1885
instagram/PfeifferUniversity    |  
 
youtube.com/PfeifferUniversity

For assistance with an IT-related issue, call Tech Support at 704-463-3002 or 
email us at techsupp...@pfeiffer.edu
[advancement:public:GARY:stationary:Pfeiffer BB color logo email sig 
logo.jpg]

This email, including attachments, is intended for the person(s) or company 
named and may contain legally privileged information. Unauthorized disclosure, 
copying or use of this information is prohibited. If you are not an intended 
recipient, you may not review, copy or distribute this message. If you received 
this communication in error, please notify the sender immediately by email and 
delete the original message.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 9:41 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Thanks, Bill. How do you deal with Amazon Echo, specifically? For that matter, 
is that how-to available to share? I've seen other schools' guides, but none 
that include latest round of devices.

-Lee

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> 
on behalf of Seward, Bill 
>
Sent: Tuesday, March 1, 2016 9:24:11 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

It takes some time and effort on IT's part each semester, but we put how-to 
instructions with screen shots on all the common devices on the student portal. 
 We then refer callers to the help desk to the portal first with instructions 
to call back if they continue to have difficulties.  That seems to handle the 
vast majority of cases.

Bill Seward   |   Director of Information Technology

Office of Information Technology
P.O. Box 960   |   48380 US Hwy 52
Misenheimer, NC  28109
Office  704-463-3066   |   Fax  704-463-1363
pfeiffer.edu   |   
facebook.com/PfeifferUniversity   | 
  @Pfeiffer1885
instagram/PfeifferUniversity    |  
 
youtube.com/PfeifferUniversity

For assistance with an IT-related issue, call Tech Support at 704-463-3002 or 
email us at techsupp...@pfeiffer.edu
[advancement:public:GARY:stationary:Pfeiffer BB color logo email sig 
logo.jpg]

This email, including attachments, is intended for the person(s) or company 
named and may contain legally privileged information. Unauthorized disclosure, 
copying or use of this information is prohibited. If you are not an intended 
recipient, you may not review, copy or distribute this message. If you received 
this communication in error, please notify the sender immediately by email and 
delete the original message.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 9:12 AM
To:

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Thomas Carter 
I meant on a label on the device itself.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W 
(Network Services)
Sent: Tuesday, March 1, 2016 11:58 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Who keeps the original boxes?

​

Bruce Osborne
Wireless Engineer
IT Network Services - Wireless

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Thomas Carter [mailto:tcar...@austincollege.edu]
Sent: Tuesday, March 1, 2016 10:01 AM
Subject: Re: Self-registered MAC device bypass- worth the headaches?

This is something we struggle with, especially being a small school. Keeping up 
with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A 
big thank you to product designers who put the MAC on a label on the outside.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 8:12 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Osborne, Bruce W (Network Services) 
Why “reinvent the wheel” with PPSK when 802.1X uses the existing personal user 
credentials?

​

Bruce Osborne
Wireless Engineer
IT Network Services - Wireless

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Coehoorn, Joel [mailto:jcoeho...@york.edu]
Sent: Tuesday, March 1, 2016 12:02 PM
Subject: Re: Self-registered MAC device bypass- worth the headaches?

Ruckus supports a PPSK variant, as well.

I'm just gonna put this out there. I have this idea in my head for an ideal 
wifi service. It starts with personal pre-shared key (PPSK), but it's something 
I don't believe is possible yet with any vendor.

Step one is to create a unique key prefix for each user, effectively embedding 
a username value (the prefix) into the same field as the key/password. The 
prefix would be as short as possible, perhaps as small as three characters, in 
order to keep entry into devices simple. The purpose of this prefix is to allow 
users to choose their own wifi password, while still ensuring that each PSK 
value is unique and identifiable to a given user. If we don't value allowing 
users to choose their own wifi passwords, we could instead generate and assign 
them, and just map back the assigned key to the user.. but I believe there is 
value in this.

Users would onboard by first connecting to a portal available via open/limited 
ssid to claim their key. They would have to log in with their traditional 
username/password. The portal would then prompt them for a key suffix (their 
wifi password), and then show them the complete key (prefix + suffix), which 
would be registered with our system. It would also have options to show them 
history for devices authenticated using their key, expire an old/create a new 
key using the same prefix, and other typical account management options. Once 
created, that key could be used with anything that supports traditional PSK 
connections.

One important feature that I'd like to see as part of this, and what I think 
helps make this idea unique, is that devices authenticated with the same PPSK 
should always end up with the same vlan id. In this way, a student would be 
able to, for example, connect to a desktop in his room from the phone/tablet he 
brought to class and grab a file he forget to show an instructor. It also makes 
things like wireless printers, long the bane or our existence, almost 
reasonable in terms of setup and support.

By keeping a prefix that's unique to each user, or mapping all key assignments 
back to the user, we can still always know who is responsible for a given 
device. We could do things like get a report of keys that authenticate more 
than, say, 6 devices to monitor for key abuse, expire keys when there is a 
problem, engage a known user when expiring old keys is not enough, and even map 
users to specific vlan pools for network policy enforcement. We could also 
create keys for events or specially classes of device (security cameras, door 
locks, wifi phones, etc). Additionally, per-user keys means each user's 
over-the-air signals have different encryption keys, preventing things like 
firesheep from working. This is just about all the things we do with 802.1x 
today, but in a form that's much friendlier to the consumer devices we have to 
support.

This plan effectively embeds a username (the prefix) and a password (suffix) 
into the same value, with our without the prefix, so some of the same security 
concerns apply, but these are solvable problems. We just need to get vendors on 
board with the idea.



[http://www.york.edu/Portals/0/Images/Logo/YorkCollegeLogoSmall.jpg]


Joel Coehoorn
Director of Information Technology
402.363.5603
jcoeho...@york.edu<mailto:jcoeho...@york.edu>



The mission of York College is to transform lives through Christ-centered 
education and to equip students for lifelong service to God, family, and society

On Tue, Mar 1, 2016 at 10:20 AM, David R. Morton 
<dmor...@uw.edu<mailto:dmor...@uw.edu>> wrote:
Matt, Bill and others,

You’d indicated that you have instructions for most common devices, is this 
something that you can share. Like others, we have a manual registration 
process (built on ClearPass), but it does require the MAC in order to complete 
the registration. The Amazon Echo is now relatively straightforward, as it 
shows up in the Alexa app after you’ve connected your phone to the Echo. To 
find it, users open the Alexa app, go to settings, choose the device and scroll 
all the way down to the bottom of the screen. There it will show you the 
software version, serial number and MAC address. All of that said, I haven’t 
been able to test the latest versions to see if you can do all of this without 
needing to connect to the Internet. If you aren’t we are back at square one and 
have to take it off site to get through the initial setup, which is a real pain.

Another device we’ve had a lot of issues with is the newest AppleTV. Again I 
haven’t

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Osborne, Bruce W (Network Services) 
We register as part of a plan to manage the ever growing Internet bandwidth 
requirements by having heavy users help finance the needs.

​

Bruce Osborne
Wireless Engineer
IT Network Services - Wireless

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Jeffrey D. Sessler [mailto:j...@scrippscollege.edu]
Sent: Tuesday, March 1, 2016 11:03 AM
Subject: Re: Self-registered MAC device bypass- worth the headaches?

Playing devils advocate, I have to ask the opposite, which is why put up a 
barrier in the first place to the student on-boarding their device(s)? Is there 
sufficient history to suggest that having to register/on-board the device has a 
positive impact on the operation of the network? Should the goal be to have the 
experience be as close to what they had at home?

I continue to focus on BYOD and IoT, where implementing something like PPSK 
(personal pre-shared key) is probably “good enough.” I imagine a state where 
the student gets their key via the student portal and then uses it for all of 
their devices.

Jeff

From: 
"wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of "lhbad...@syr.edu<mailto:lhbad...@syr.edu>" 
<lhbad...@syr.edu<mailto:lhbad...@syr.edu>>
Reply-To: 
"wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Tuesday, March 1, 2016 at 6:11 AM
To: 
"wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Osborne, Bruce W (Network Services) 
Who keeps the original boxes?

​

Bruce Osborne
Wireless Engineer
IT Network Services - Wireless

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Thomas Carter [mailto:tcar...@austincollege.edu]
Sent: Tuesday, March 1, 2016 10:01 AM
Subject: Re: Self-registered MAC device bypass- worth the headaches?

This is something we struggle with, especially being a small school. Keeping up 
with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A 
big thank you to product designers who put the MAC on a label on the outside.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 8:12 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Osborne, Bruce W (Network Services) 
We have users self-register non-802.1X capable devices such a s game consoles, 
Apple TVs, etc.

We use syslog from our ClearPass RADIUS server to map username to ip address so 
we can manage Internet bandwidth and either cap speeds for heavy users or let 
them purchase additional Internet bandwidth.

We have some struggles with Chromecast & Roku as we help Aruba debug their 
AirGroup offering. This works quite well for AirPlay, however.

​

Bruce Osborne
Wireless Engineer
IT Network Services - Wireless

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Lee H Badman [mailto:lhbad...@syr.edu]
Sent: Tuesday, March 1, 2016 9:12 AM
Subject: Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Manon Lessard 
There's also chatter on Amazon forums that there might be eventually an Alexa 
skill to make the Echo speak its mac.
Lee, if you have an open ssid, and have the ip address the device got from it, 
maybe a script that queries your dhcp through a web page could be an idea?


Manon Lessard
Technicienne en développement de systèmes CCNP
Direction des technologies de l'information
Pavillon Louis-Jacques-Casault
1055, avenue du Séminaire
Bureau 0403
Université Laval, Québec (Québec)
G1V 0A6, Canada

418 656-2131, poste 12853
Télécopieur : 418 656-7305
manon.less...@dti.ulaval.ca
www.dti.ulaval.ca

Avis relatif à la confidentialité | Notice of 
Confidentiality



[Description : Description : Description : Description : Description : 
Description : Description : Description : Description : Description : 
Description : Description : Description : Description : Description : 
Description : Description : Description : Description : Logo de l'Université 
Laval]



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter
Sent: 1 mars 2016 11:04
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Yep, but it feels like we're always playing catch up. Especially in spring 
after everyone brings back their latest Christmas gift.

BTW, the instructions for the Echo are "contact Amazon support and they will 
email you the MAC".

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Tuesday, March 1, 2016 9:22 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Our helpdesk folks sat down and wrote up documents on how to find the MAC 
addresses for as many devices as they could.  We haven't done any instructions 
for the Amazon Echoes yet.  We hit the most common devices and are waiting to 
see what tickets we get for devices that we missed so we can build them into 
our registration page.  Our registration page was written in-house and the 
developers set it up to display the instructions for finding the MAC address, 
including screen shots, based on the device that you selected in the drop down.

Respectfully,

Matt

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter
Sent: Tuesday, March 1, 2016 10:01 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

This is something we struggle with, especially being a small school. Keeping up 
with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A 
big thank you to product designers who put the MAC on a label on the outside.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 8:12 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Thomas Carter 
Yep, but it feels like we're always playing catch up. Especially in spring 
after everyone brings back their latest Christmas gift.

BTW, the instructions for the Echo are "contact Amazon support and they will 
email you the MAC".

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Tuesday, March 1, 2016 9:22 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

Our helpdesk folks sat down and wrote up documents on how to find the MAC 
addresses for as many devices as they could.  We haven't done any instructions 
for the Amazon Echoes yet.  We hit the most common devices and are waiting to 
see what tickets we get for devices that we missed so we can build them into 
our registration page.  Our registration page was written in-house and the 
developers set it up to display the instructions for finding the MAC address, 
including screen shots, based on the device that you selected in the drop down.

Respectfully,

Matt

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter
Sent: Tuesday, March 1, 2016 10:01 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

This is something we struggle with, especially being a small school. Keeping up 
with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A 
big thank you to product designers who put the MAC on a label on the outside.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 8:12 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Williams, Matthew 
Our helpdesk folks sat down and wrote up documents on how to find the MAC 
addresses for as many devices as they could.  We haven't done any instructions 
for the Amazon Echoes yet.  We hit the most common devices and are waiting to 
see what tickets we get for devices that we missed so we can build them into 
our registration page.  Our registration page was written in-house and the 
developers set it up to display the instructions for finding the MAC address, 
including screen shots, based on the device that you selected in the drop down.

Respectfully,

Matt

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter
Sent: Tuesday, March 1, 2016 10:01 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

This is something we struggle with, especially being a small school. Keeping up 
with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A 
big thank you to product designers who put the MAC on a label on the outside.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 8:12 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Thomas Carter 
This is something we struggle with, especially being a small school. Keeping up 
with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A 
big thank you to product designers who put the MAC on a label on the outside.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 8:12 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: Self-registered MAC device bypass- worth the headaches?

2016-03-01 Thread Lee H Badman 
Thanks, Bill. How do you deal with Amazon Echo, specifically? For that matter, 
is that how-to available to share? I've seen other schools' guides, but none 
that include latest round of devices.

-Lee

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 on behalf of Seward, Bill 

Sent: Tuesday, March 1, 2016 9:24:11 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

It takes some time and effort on IT's part each semester, but we put how-to 
instructions with screen shots on all the common devices on the student portal. 
 We then refer callers to the help desk to the portal first with instructions 
to call back if they continue to have difficulties.  That seems to handle the 
vast majority of cases.

Bill Seward   |   Director of Information Technology

Office of Information Technology
P.O. Box 960   |   48380 US Hwy 52
Misenheimer, NC  28109
Office  704-463-3066   |   Fax  704-463-1363
pfeiffer.edu   |   
facebook.com/PfeifferUniversity   | 
  @Pfeiffer1885
instagram/PfeifferUniversity    |  
 
youtube.com/PfeifferUniversity

For assistance with an IT-related issue, call Tech Support at 704-463-3002 or 
email us at techsupp...@pfeiffer.edu
[advancement:public:GARY:stationary:Pfeiffer BB color logo email sig 
logo.jpg]

This email, including attachments, is intended for the person(s) or company 
named and may contain legally privileged information. Unauthorized disclosure, 
copying or use of this information is prohibited. If you are not an intended 
recipient, you may not review, copy or distribute this message. If you received 
this communication in error, please notify the sender immediately by email and 
delete the original message.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 9:12 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.