Re: [WIRELESS-LAN] OT - Anyone using OpenDNS Umbrella DNS security product?

Luke, as I’m only a couple of days into the trial, it’s the dashboard, reports, and data analysis in OpenDNS Umbrella that seem to be the value-add. I imagine one could recreate it, but for the cost I’ve been quoted for the product, there is no incentive to reinvent the wheel. The other plus

Re: [WIRELESS-LAN] OT - Anyone using OpenDNS Umbrella DNS security product?

We've used OpenDNS for the past 4 years or so. It has definitely reduced our malware infection rates, though we have no numbers to back that up. We've been pretty happy with the service, when there are blocked sites that our users wish to visit, a request to re-evaluate the site is typically

Re: [WIRELESS-LAN] OT - Anyone using OpenDNS Umbrella DNS security product?

We used OpenDNS back when it was inexpensive. When they upped their price, we used the cost increase to justify licencing on our firewall to do the job. And do it better, as the firewall offers more ways to protect our users and data. - Pete Hoffswell - Network Manager

Sticky Clients and Probe Suppression

Has anyone ever used probe suppression and force dissociation of clients at a particular RSS value? This feature was just introduced and we have a lot of "sticky" clients that don't like to roam even though there are more desirable AP's in the area. I have enabled it on a handful of AP's for

RE: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

Disabling the data rates is the preferred method of doing this. A few WLAN vendors (Aerohive and Ubiquiti are the ones I know of for sure) allow you to set a Min RSSI value. If a client’s SNR drops too low for X number of TU’s, then AP will deauth the client to…persuade them to pick a different

Re: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

This is the GTAC solution guide to probe suppression. I will report if it helps with sticky clients or not. This is assuming there is enough RF from surrounding AP's.

RE: [WIRELESS-LAN] Sticky Clients and Probe Suppression

We have typically achieved this by disabling lower data rates available per SSID. Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu | Office: (706)

Re: [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

Hi, Jeremy, we have not used probe suppression but Chris thanks for the opening on, disabling lower data rates. This Cisco best practice, last updated Jan 2015, page 18 shows 2.5GHz disabled up to 12Mbps and 5GHz disabled up to 24Mbps

Re: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

In my testing so far (limited), it appears to work better then disabling various data rates. But for now I am just testing in a few small areas with high AP density. My worry is clients who are on the fringe of all APs would end up being bounced around, creating a worse problem than poor data

RE: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

That’s what I observed too. Deauth frames have no information element for specifying that the client was disconnected due to insufficient signal strength. So many clients will just keep trying to reconnect ad infinitum. Disable those lower data rates and they’ll figure it out on their own.

Re: [WIRELESS-LAN] OT - Anyone using OpenDNS Umbrella DNS security product?

Just wondering if anyone has done a comparison of what OpenDNS offers over and above just using DNS RPZ internally (obviously fed by a third party list of known malware sites)? I had a look a while ago and it was clearly a more turnkey solution than configuring BIND and then setting up a

RE: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

I believe in allowing the client to make the decision. Even with limiting the suppressed probe responses or deauthing; there can be times when a client could experience issues. We allow 12, mandatory 18. Limit the transmit power on both radios. The issue I see with many sticky clients are that

The

U Sent from my iPhone ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.