RE: [External][WIRELESS-LAN] Rogue ssid mitigation features
This has been discussed in the past, but DO NOT USE THIS FEATURE. Read this from our own Lee Badman: https://wirednot.wordpress.com/2021/03/15/interfering-personal-hotspots-beyond-simply-a-technical-issue/ and note his summary of the FCC response. Basically this opens you up to potential fines by the FCC. It probably won't happen, but are you willing to take that risk? This doesn't scale well, but in the past we've used the reporting tools to locate rogue devices and work through other means to mitigate. For "home" style routers, this meant disabling the wired port it was connected to, and for other hotspot type devices, it meant getting student life involved to have the interfering device turned off. [Oklahoma Baptist University] Thomas Carter Assistant Vice President for Technology Services okbu.edu<https://www.okbu.edu/> From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Becker, Jason Sent: Wednesday, May 19, 2021 11:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [External][WIRELESS-LAN] Rogue ssid mitigation features CAUTION: This email originated from outside of OBU. Do not click links or open attachments unless you recognize the sender and know the content is safe. Is anyone using the features to disable/mitigate anyone trying to impersonate your own ssid's? I've been testing this on our lab Cisco gear and see that it works but kind of scary to push to a production hardware. Jason The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail. ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
RE: [WIRELESS-LAN] Aruba Wireless - IDS: Protect-SSID
I guess I should have clarified – we do rogue detection, but “mitigation” is a physical visit by us or someone from Student Life. If it’s a router or other device plugged into a port in the room, we disable that port until the students communicate with us. It’s just the automatic mitigation that isn’t worth it. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Enfield, Chuck Sent: Monday, October 28, 2019 12:55 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Aruba Wireless - IDS: Protect-SSID My main reason for worrying about people broadcasting our SSIDs is usability. The $64 question for security is whether or not the Aruba IDS would detect a well-executed evil twin attack. If the twin uses not just your ESSID but a valid BSSID from one of your APs in an area where the “spoofed” AP can’t detect it, would the IDS figure it out? If so, then there may be some value in enabling automatic mitigation. From: The EDUCAUSE Wireless Issues Community Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> On Behalf Of Sidharth Nandury Sent: Monday, October 28, 2019 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Aruba Wireless - IDS: Protect-SSID Thank you for the response. Thomas, I'm definitely going to share the FCC announcement with my management and security officer to ensure that they are aware of this. That being said, we are not trying to prevent anyone from using a hotspot, but like Chuck mentioned are trying to protect our users from connecting to counterfeit "well-known" campus SSIDs. My thought is to only add "well-known" SSIDs in our list of protected networks. Chuck, Airwave can be an option for alerting, but as you said, it needs manual intervention. If our security officer decides to go against implementing this, my next suggestion would be using Airwave for manual intervention. Something else I can think of is the polling intervals duration and immediacy of action. If there is a malicious individual trying to broadcast a known-network, wouldn't we want to have immediate action to be taken, rather than having to wait for the airwave polling interval, receive an email notification, turn around and maybe have some kind of text alert to immediately alert us to take action? Thoughts? Regards, Sid On Mon, Oct 28, 2019 at 12:08 PM Enfield, Chuck mailto:cae...@psu.edu>> wrote: Most of the time if somebody is using one of your well-known SSID’s on campus it’s either out of ignorance or benign experimentation. Rouge mitigation of those devices is unlikely to attract the attention of the FCC, and even if it does, I doubt you’ll get in any trouble for it. The FCC has cracked down on property owners acting like they own the spectrum within their facilities. I suspect an effort to protect users from what may reasonably be characterized as “counterfeit” networks would be viewed in a different light. They may still tell you to knock it off, but penalties seem really unlikely. On the other hand, have you considered an Airwave alert to bring these device to your attention and mitigating by manual intervention? If your institution is anything like ours you’ll see very few of these. From: The EDUCAUSE Wireless Issues Community Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> On Behalf Of Thomas Carter Sent: Monday, October 28, 2019 11:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Aruba Wireless - IDS: Protect-SSID The short answer is don’t do this. The longer answer is the FCC frowns on rogue mitigation: https://nakedsecurity.sophos.com/2015/08/19/fcc-fines-company-75-for-disabling-conference-hotspots/<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnakedsecurity.sophos.com%2F2015%2F08%2F19%2Ffcc-fines-company-75-for-disabling-conference-hotspots%2F=02%7C01%7Ccae104%40PSU.EDU%7C4b37afea33a44d07033308d75bc7b030%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637078785539367454=YsBhtcqVWA9GD6aFnYun6U3xXmLKXiKv6FcNeW2cxjU%3D=0> Look at the notice from the FCC down about ½ the page. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.austincollege.edu%2F=02%7C01%7Ccae104%40PSU.EDU%7C4b37afea33a44d07033308d75bc7b030%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637078785539377449=cHC14Zo%2BU96LwtnPeQ576WtRUGOIDPx7yawwtNOd8ro%3D=0> From: The EDUCAUSE Wireless Issues Community Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.
RE: [WIRELESS-LAN] Aruba Wireless - IDS: Protect-SSID
The short answer is don’t do this. The longer answer is the FCC frowns on rogue mitigation: https://nakedsecurity.sophos.com/2015/08/19/fcc-fines-company-75-for-disabling-conference-hotspots/ Look at the notice from the FCC down about ½ the page. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Sidharth Nandury Sent: Monday, October 28, 2019 10:34 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Aruba Wireless - IDS: Protect-SSID All, We have been asked to look into rogue WAP detection and mitigation. We are an Aruba shop for wireless and are running v6.5.4.12. After doing some research and looking at Airheads posts, it lead to me a configuration called "Protect SSID" in the IDS profile. Though I have successfully tested this in a lab environment and it seems to be "protecting" valid SSID's (ones that I have configured), I am a little apprehensive about simply turning this on due to the ramifications that it might cause. I am wondering if anyone here has used this setting to help with mitigating rogue SSID broadcasts and protecting your clients connecting to these rogue WAPs. I would also love to hear about any pitfalls with turning this on, and any other gotchas that I might need to keep in mind other suggestions about rogue WAP detection and mitigation, I would love to hear them. Please feel free to reach me off this list if you wish. Please let me know if any additional information is needed on my end. Thank you for your time. Regards, Sid -- [Denison University Logo]<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdenison.edu=E,1,3SbNFzUhQ1cH6_YJ_S_MgdUv2bQAdcJE20ihzEFSulcA0CnvyieJIGu9ddNCYI_GLMy3AeMp5gwCHqsuqX7y9OwV8bxgkwk9opmVKUTS=1> Sidharth S. Nandury Network Engineer Information Technology Services 100 West College Street, Granville, OH 43023<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdeniso.nu%2f2qF6h7M=E,1,V2G7R1vyiWtcQB3ly-PYWUU7J291jCALtZFeYgmVv7l6iR94Bj0GCw4pPxgnV9rzPPH5KQbHIsZ86gYOQYd220ayxc-jaIweLjo63_CGS2XiXalaq6Q3ABGJ=1> | Fellows 003C<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdenison.edu%2fmap=E,1,6MitBRcDdjxKiLUIU8aEWs_xpSvvxfkXvM3JRSDnEQbhnszUrJ7-F8fgTWsTq6b6Oj2VtrycdyDJ-9o_dPzhBisePSMH5rwoNy2P-FlEB4eMgrpeKQ,,=1> Office: 740-587-5533 | Mobile: 516-314-4413 nandu...@denison.edu<mailto:nandu...@denison.edu> https://denison.edu/campus/technology<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdenison.edu%2fcampus%2ftechnology=E,1,oLheI3NnrW-G-FZl319tjZwIagvq8A0Zh9NSrzKAm6ySX_zHxtyhxT3mrGS_cc4QXV289aOvH2idRvYnktvQLg8jIr3IeldKH-qcOvJ3TWQ0PA,,=1> Please consider the environment before printing this email. ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.educause.edu%2fcommunity=E,1,iyHWPoELYm0sy5dXaVv7Ez_A8r2zHFQyfTUG2dakocGNuhYkE7XGVKiX88z9WlqprbrBrSKw-0QXKT_H-p3EPuUwLGvjmwy83Mz98Hrscw,,=1> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
RE: [WIRELESS-LAN] Theater wifi - to have or not to have
Add me to the “install it” list as we’re going through this exact thing with our theater department. They have pushed back with concerns that “people would be using devices instead of watching the performances”. But that venue is used for more than just plays and we can’t stop people from looking at cell phones. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Dan Lauing Sent: Tuesday, October 22, 2019 12:14 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Theater wifi - to have or not to have I'll jump on the install train. Every time I try to save the university money, it only comes back to bite me in the rear. On Tue, Oct 22, 2019 at 12:11 PM Benedick, Jason mailto:bened...@stevenscollege.edu>> wrote: I’d install it, you can always disable SSIDs in those areas to prevent people from using it, but I’d bet there will be something that will require it sooner rather than later. Thanks, Jason R. Benedick IT Generalist Thaddeus Stevens College of Technology Office: (717) 391-6957 Cell: (717) 587-9065 From: The EDUCAUSE Wireless Issues Community Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> On Behalf Of Bull, Mary Sent: Tuesday, October 22, 2019 12:34 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Theater wifi - to have or not to have This email originated from outside of Thaddeus Stevens College. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hello all, I’m wondering if anyone here has dealt with a decision on wireless in the theaters, concert halls, or recital halls on their campus. We have a new arts complex coming on line in the next two years and there’s no clear direction from faculty on whether wireless for the audience is desirable. The previous main theater, and other currently used theaters on campus, did/do not have full connectivity for the audience (just a few aps tacked on the walls that were useless when the room was full). Facilities planning is favorable toward building it in, so I’d prefer that too, especially since it would be much harder or impossible to install if the faculty changes their mind in a few years once the building is complete. However, I’m not sure whether there is really an expectation from the audience that they should have wifi when they attend a show or concert. Has anyone dealt with this on their campus? What influenced your choice? Mary Bull William and Mary 757-221-2491 mb...@wm.edu<mailto:mb...@wm.edu> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.educause.edu%2fcommunity=E,1,XsLJ-nYhB1j4pWmapTeUPsS_DngRo5yaWiSEyIMxfqYW-pPqCceAo6u4a5snIDyMLEupSaQsyS0km8q_8IiLZXvsobhj_ABTwk1FhzgvAw,,=1> *This electronic communication from TSCT is confidential and intended solely for use by the individual to whom it is addressed. If you are not the named recipient do not forward, propagate or replicate this e-mail. Please notify the sender immediately by e-mail if you have received this message by mistake and remove from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action dependent upon the contents of this email or attachment is strictly prohibited.* ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.educause.edu%2fcommunity=E,1,J5PSEMrdu8sTESY3P9FJ3wZO4v-knMv9SphPMn_3yI75I583bL6Z9Ha52BGbz1HkGQfjhWZfPLTf5E0YKIHgufKHUrLaKY3VVSK3Rld50jM,=1> -- [https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.mc.edu%2fsignature%2flogo.gif=E,1,UlttKCmh_chxMciGwBGl8V4mHkWNPjmWGeSSlyv-zTFHDgwP1H2RoyMuuz6IvuuuEbDZh0wklrZm5xfAYrF6m995NfjAD0u-gYkbLeGiyrWKZR0Kp17NiQBKYg,,=1] dan b. lauing ii | CWAP, CWSP, CWDP Wireless Network Engineer Mississippi College CONFIDENTIALITY STATEMENT: This communication may contain confidential information. If you are not the intended recipient or if you are not authorized to receive this communication, please notify and return the message to the sender, then delete this communic
RE: Site Survey Tool (laptop/tablet/2-in-1)
We have something similar, only dual boot Windows 10 / Ubuntu (for promiscuous mode packet capture). While currently on a standard laptop, I really like the usability and flexibility of the latest 2-in-1s as compared to something like a Surface Pro (we have a few of those in users' hands) or a traditional laptop. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv On Behalf Of Lee H Badman Sent: Thursday, August 23, 2018 6:00 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Site Survey Tool (laptop/tablet/2-in-1) I'm frequently an Apple skeptic but love the dual-boot Mac paradigm. Run Ekahau on Windows side, native packet capture etc on OS X side. Lee Badman | Network Architect | CWNE #200 Information Technology Services 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 f 315.443.4325 e lhbad...@syr.edu<mailto:lhbad...@syr.edu> w its.syr.edu SYRACUSE UNIVERSITY syr.edu From: The EDUCAUSE Wireless Issues Constituent Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Gray, Sean mailto:sean.gr...@uleth.ca>> Sent: Thursday, August 23, 2018 12:07:20 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Site Survey Tool (laptop/tablet/2-in-1) Hi Everyone, I was just wondering what was everyone's weapon of choice for performing site surveys in terms of laptop/tablet/2-in-1. I'm currently using a Surface Pro 2 to run our Ekahau site survey software and it's performed very well for me over the years. But, alas it's starting to show its age, so it's time to look for its successor. Obviously based on my experience a Surface Pro 4 would be a logical choice, but I'm interested to hear what others are using. So over to you... Thanks Sean Sean Gray | B.Sc (Hons) Voice, Collaboration & Wireless Network Analyst ITS, University of Lethbridge ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Wireless Options
But in the specific case of cloud vs on-prem wireless, what is the case to save 1 FTE? I would contend the vast majority of day-to-day work in wireless isn't affected by the location of the controller. Thomas Carter From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Jeffrey D. Sessler <j...@scrippscollege.edu> Sent: Friday, May 18, 2018 12:30 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Options One of the difficulties in comparing TCO is around staffing. Both estimating how much time staff really spend on the current solution, but also taking into account base salary with benefits. At many colleges, benefits can add another 30%+ to the cost of a person. As such, the elimination (or reallocation) of one FTE has a huge impact on on-premise vs cloud comparisons. That single FTE could be $100K (salary + benefits) per year, saving (or reallocating) $700K over those 7 years. In a lot of our cloud shift, those FTE’s have been re-allocated into more important roles such as security. Jeff From: "wireless-lan@listserv.educause.edu" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Thomas Carter <tcar...@austincollege.edu> Reply-To: "wireless-lan@listserv.educause.edu" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Date: Friday, May 18, 2018 at 8:43 AM To: "wireless-lan@listserv.educause.edu" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Wireless Options For cloud to really take over, the costs need to drop. We just went through a similar thing and are of a similar size (~300 APs), and the cloud on-going OpEx costs dropped them out of the race. The simplicity of costs budgeting is nice, but 7 year TCO is no contest. Where they currently seem to be the best option is in the >25 to <100 AP market (<25 easily fits into Aruba Instant, Ruckus Unleashed, etc) or the small business vendor-managed market. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Jeffrey D. Sessler Sent: Friday, May 18, 2018 10:07 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Options Chuck has the right idea here. Our respective college strategic missions don’t mention running servers or wireless controllers as strategic to the mission of the college. Cloud/SaaS solutions free up folks from the mundane tasks, allowing them to focus on those higher-up technology layers that can benefit the strategic mission. I think it’s easy today to see the benefits of moving on-premise email systems to GAFE or O365, but that comfort level isn’t there yet with some other systems such a Wireless. From a support standpoint, a vendor like Meraki has global visibility of how their product is operating, meaning they can correlate/see/react to issues faster including patching. For the controller-based solutions, there is the isolation factor, capability of the customer to gather support info, and the vendor not knowing if other customers are having the issue. I suspect both options will be with us for years to come, but as more and more of our respective data centers move to the cloud, I predict the wireless cloud services will become more popular. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "Enfield III, Charles Albert" <cae...@psu.edu<mailto:cae...@psu.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Thursday, May 17, 2018 at 1:38 PM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Wireless Options I don’t want to put words in John’s mouth, but operating controllers requires time and effort beyond what’s required to manage configurations. Scaling, security, software upgrades, etc., all require resources but contribute nothing to the user experience. For us the benefits of hosting our own controllers is worth it, but I understand that isn’t true for everybody. I’m not even sure it will always be true for us. When the benefits of controllers as traffic aggregators can be easily replaced with SD fabrics, I’ll probably want cloud controllers too. The details will matter, but it’s where I think we’re
RE: [WIRELESS-LAN] Wireless Options
For cloud to really take over, the costs need to drop. We just went through a similar thing and are of a similar size (~300 APs), and the cloud on-going OpEx costs dropped them out of the race. The simplicity of costs budgeting is nice, but 7 year TCO is no contest. Where they currently seem to be the best option is in the >25 to <100 AP market (<25 easily fits into Aruba Instant, Ruckus Unleashed, etc) or the small business vendor-managed market. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Jeffrey D. Sessler Sent: Friday, May 18, 2018 10:07 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Options Chuck has the right idea here. Our respective college strategic missions don’t mention running servers or wireless controllers as strategic to the mission of the college. Cloud/SaaS solutions free up folks from the mundane tasks, allowing them to focus on those higher-up technology layers that can benefit the strategic mission. I think it’s easy today to see the benefits of moving on-premise email systems to GAFE or O365, but that comfort level isn’t there yet with some other systems such a Wireless. From a support standpoint, a vendor like Meraki has global visibility of how their product is operating, meaning they can correlate/see/react to issues faster including patching. For the controller-based solutions, there is the isolation factor, capability of the customer to gather support info, and the vendor not knowing if other customers are having the issue. I suspect both options will be with us for years to come, but as more and more of our respective data centers move to the cloud, I predict the wireless cloud services will become more popular. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "Enfield III, Charles Albert" <cae...@psu.edu<mailto:cae...@psu.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Thursday, May 17, 2018 at 1:38 PM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Wireless Options I don’t want to put words in John’s mouth, but operating controllers requires time and effort beyond what’s required to manage configurations. Scaling, security, software upgrades, etc., all require resources but contribute nothing to the user experience. For us the benefits of hosting our own controllers is worth it, but I understand that isn’t true for everybody. I’m not even sure it will always be true for us. When the benefits of controllers as traffic aggregators can be easily replaced with SD fabrics, I’ll probably want cloud controllers too. The details will matter, but it’s where I think we’re going. Chuck Enfield Manager, Wireless Engineering Enterprise Networking & Communication Services The Pennsylvania State University 119L, USB2, UP, PA 16802 ph: 814.863.8715 fx: 814.865.3988 From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> On Behalf Of Peter P Morrissey Sent: Thursday, May 17, 2018 4:30 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Wireless Options Same here. I was also curious as to why it would be limited to cloud based solutions. I would drill down a layer into the perceived benefits of cloud based, and define it that way. Easier management requiring less staff time and thus lower TCO and more ability to accomplish other activities? Etc. Maybe. One of the disadvantages of cloud based solutions besides losing some control and visibility is the ongoing costs. We love Meraki as much as anyone, but the annual recurring licensing costs are rather steep and should be carefully weighed against the benefits. Pete Morrissey From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jake Snyder Sent: Thursday, May 17, 2018 2:26 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Wireless Options I’m curious about the requirement that controllers be “cloud based” and what business requirement that maps to. Trying to understand wh
RE: [WIRELESS-LAN] Re-authentication times for guest wireless solutions
1 day (24 hours). Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Daniel Wurst Sent: Thursday, May 10, 2018 11:00 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Re-authentication times for guest wireless solutions Hi all! This summer we plan to make changes to our guest wireless solution. We plan to have users go to a captive portal page on our Aruba controllers. Currently we have our re-authentication interval set to 8 hours. We were wondering how often other universities are making wireless guests re-authenticate to their networks. Any feedback is greatly appreciated. Have a good one! Dan -- Daniel Wurst Network Engineer Denison University wur...@denison.edu<mailto:wur...@denison.edu> 740-587-6229 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: Anyone have experience with wireless lighting and contol systems?
Don't forget that interference flows both ways; as I understand it, 802.15.4 is much lower power than 802.11 and may get overwhelmed by the much "louder" 802.11 signals. As we all know, 2.4 GHz is already a wasteland of noise, so that will make it even worse. IIRC, however, there are a couple of channels in 802.15.4 that fall between 802.11 channels 1,6, & 11. We have a single instance of 802.15.4 for specialty door looks in one location (related to accessibility for special needs students) and we worked with the vendor to choose one of these channels. Doesn't seem to cause interference, but we don't have a wide spread deployment like this would be. What is it with vendors wanting to use 2.4 for everything? The 900MHz band is part of the 802.15.4 standard and should theoretically have longer range to boot. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Manuel Amaral Sent: Tuesday, April 3, 2018 1:46 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Anyone have experience with wireless lighting and contol systems? Our facilities department is looking to upgrade some of our lighting infrastructure to use lower power LED light fixtures. One of the proposals is to replace all the lighting and the existing Lutron lighting control system with a relatively new Eaton WaveLinx wireless lighting system. Unfortunately, the vendors who came in couldn't even explain what spectrum(s) the infrastructure would run on. A quick review indicates that the controllers operate on WiFi or wired LAN for control access and 802.15.4 for communication (@ 2.4MHz) between all the various devices (dimmers, switches, occupancy sensors, lights, etc). Each controller currently operates as a standalone since they still don't have a centralized management environment and they're single user access only. We're particularly concerned about any potential interference issues that might arise within our existing and future wireless environments. I was wondering whether anyone has any familiarity with this or similar environments and whether you'd be willing to share your thoughts and experiences on them. Regards, Manny --- Manuel (Manny) Amaral Director, Information Technology Operations 781-292-2433 | www.olin.edu<http://www.olin.edu> [Olin_Identifier_Gradient_Standard_Blue_RGB] Leading the Revolution in Engineering Education twitter | facebook<https://www.facebook.com/FWOlinCollege> | youtube<http://www.youtube.com/user/FranklinWOlinCollege> We will never ask you for your password! ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: Offline/Spare Gear Inventory Size
We’re a much smaller campus, but we keep a handful of the oldest models in stock as spares – in the range of 4-5 APs. These serve a couple of purposes: · Temporary expansion of coverage for occasional events; we have locations where we may additional capacity 1 or 2 times a year. · Immediate response for permanent expansion; e.g. we can put out an AP in an underserved area quickly while the purchase approval, shipping, etc for a new one is going on in parallel. · Even with warranty on the AP, it takes time to ship the old one back and get a new one in. A replacement may be put in place immediately. We don’t have as good of coverage as I would like, so a failure may leave a noticeable hole in coverage. We keep the oldest model as spares as they are so rarely needed. A newer model would serve us better being in day-to-day use instead of an occasional use backup. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trinklein, Jason R Sent: Monday, February 26, 2018 12:21 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Offline/Spare Gear Inventory Size Hi All, I’m curious to know the size of your spare gear inventories. Do you keep a percentage of each model of AP in inventory, and what is your reasoning? Storms? Last minute/emergency wireless coverage needs? What percentage of your live gear do you keep as offline inventory? (100 live APs with 1 inventory AP = 1% offline inventory). With Xirrus, we had an offline inventory of more than 10% of live inventory. We kept that inventory to cover the high failure rate of the equipment, the incidence of hurricanes and lightning strikes in our area, the broad range of AP models on campus, and last minute large events in low coverage areas. We are evaluating the minimum offline inventory for our new Aruba gear as we finish up the vendor switch. I have been thinking 1-2%, but I want to see what you guys do first, and why. Thank you, -- Jason Trinklein Wireless Engineering Manager College of Charleston 81 St. Philip Street | Office 311D | Charleston, SC 29403 trinkle...@cofc.edu<mailto:trinkle...@cofc.edu> | (843) 300–8009 DID YOU KNOW? The Princeton Review selected the College of Charleston as one of 50 schools focused on providing students with practical experiences that take their academics to the next level. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Xbox 360 connection issues?
We have had a few issues crop up (most recently a Google Home Mini) that seems to be rate related (won't connect even to an open network). What is the general rate configuration being used out there? What rates do you have disabled? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jonathan Groves Sent: Thursday, November 30, 2017 10:58 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Xbox 360 connection issues? Neil, I can confirm what Jess is saying. We had the exact same issue with our AeroHive APs deployed in our residence halls. Had to enable 5.5Mbps as an optional data rate before it would work. If you can get a hold of an Xbox 360 and do a wireshark of the wireless connection process, you can see it requesting that data rate from the AP and nothing higher. We had turned off this data rate per best practice, but have since turned it back on. When we did, we also found that it fixed some HP wireless printers as well that had similar issues. Regards, Jonathan Groves Network Engineer Arkansas State University On Nov 30, 2017, at 10:43 AM, Williams, Jess <jess-willi...@utc.edu<mailto:jess-willi...@utc.edu>> wrote: Neil, Support advised us to enable the 5.5Mbps basic rate on the g radio which resolved the issue. We encountered the issue only with XBOX 360 models 1439. Below was their explanation: The issue is with the specific model of the XBOX360 - 1439. AP-215 uses Broadcom driver and AP-105 uses Qualcomm driver. There is a behaviour difference between Broadcom driver Qualcomm drivers. Even though HT is enabled on AP105 (Qualcomm), it will fall back to the legacy rates if the client is not responding in HT rates. This is not the case for AP215 (Broadcom). Unless HT is disabled, legacy rate are not used. The issue will always happen with the particular x-box clients whenever it is connected to an AP which does not use legacy rate with HT enabled. (not specific to Aruba APs). This also seems to be a known issue with the client as it does not support HT rates. Jess Williams Sr. Network Engineer University of Tennessee at Chattanooga From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Johnson, Neil M <neil-john...@uiowa.edu<mailto:neil-john...@uiowa.edu>> Sent: Thursday, November 30, 2017 10:35 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Xbox 360 connection issues? - Aruba Just curious if anyone came up with a solution. We have a half a dozen Xbox 360s with connection issues. In our case they seem to work on AP 225’s but not AP 205H’s. From what my colleague has been able to gather, the AP205H is not passing the DHCP offer back to the 360 (We see the request come in to our DHCP server and it responds with an offer, but the 360 never sees it and keeps requesting, It is getting back to the Aruba Controller). We have no issues with newer Xbox’s (One, S, X) or other gaming consoles. Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319-384-0938 e-mail: neil-john...@uiowa.edu<mailto:neil-john...@uiowa.edu> From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "Osborne, Bruce W (Network Operations)" <bosbo...@liberty.edu<mailto:bosbo...@liberty.edu>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Friday, January 13, 2017 at 7:09 AM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Xbox 360 connection issues? - Aruba Correction: We run 20 MHz channels with HT & VHT modes enabled. Bruce Osborne Senior Network Engineer Network Operations - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Osborne, Bruce W (Network Operations) Sent: Friday, January 13, 2017 8:07 AM To: 'The EDUCAUSE Wireless Issues Constituent Group Listserv' <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: RE: Xbox 360 connection issues? - Aruba Curious. We are running 80 MHz channels in our dorms with game systems and no issues except for that one case with the Xbox 360s and we were able to resolv
RE: [WIRELESS-LAN] Wireless printers and other devices in residence halls
As Brian said, it is nice in theory; the reality is you don’t get the capital increase or the personnel. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman Sent: Thursday, October 19, 2017 12:45 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless printers and other devices in residence halls Or, spend 30+% in capital investment vs adding more workload to existing staff to track down rogue devices – which is probably more on par with what the bulk of our realities are. I am being pressured to support IoT devices over the previous -72dB/2.4GHz AP-in-hallways design with little to no funding to upgrade more areas to our current -50ish/5Ghz more localized radio design. CapEx goes to admin systems, not infrastructure. -Brian From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Thursday, October 19, 2017 1:39 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Wireless printers and other devices in residence halls The way to present that 30+% increase in capital investment is to talk about the FTE resources it frees up, caps, or eliminates i.e. by increasing density the need for residential life/IT to police personal devices is significantly reduced/eliminated, freeing up or eliminating [x]FTE for other mission-aligned activities. There isn’t a CBO/CFO alive that doesn’t react well to proposals that cap/reduce FTE investments in exchange for capital investment. Hardware doesn’t require 34% benefits, raises, and so on. Spend $10,000 for 20 more APs, or spend $650,000 in salary/benefits over five years to hire an RF engineer to go out and find these problems. Even when pitted against a $20/hr user support position, it’s still $10,000 for 20 APs, or $265,000 salary/benefits over five years for that person to do policing. In other words, you have to add a lot of APs before you get close to the cost of a single FTE. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Thursday, October 19, 2017 at 10:06 AM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Wireless printers and other devices in residence halls You’re correct, but it just sucks that we now have to justify a 30+% increase in capital spent on wireless infrastructure for something that (at least according to those who manage the budgets) worked fine 5 years ago, AKA why do you need to put 50 APs in a building that once had 30? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Thursday, October 19, 2017 11:13 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Wireless printers and other devices in residence halls If you move your design planning toward dense 5GHz and designate 2.4 as a legacy wasteland, these devices have little impact. Even if these devices more toward 5GHz, the abundance of channels coupled with low signal propagation and vendor channel management e.g. DCA in Cisco speak, greatly enhance coexistence. Since you mention Cisco, use of CleanAir equipped APs in residence halls (even in small quantities) provide significant RF visibility, and you’ll know exactly what’s out there and impacting your environment. That’s a long way of saying you will never legislate these devices out of existence, and it’s far better to invest resources in technology that help with coexistence vs expending energy on confiscating/banning them. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "Davis, Steve" <sda...@lo
RE: [WIRELESS-LAN] Wireless printers and other devices in residence halls
You’re correct, but it just sucks that we now have to justify a 30+% increase in capital spent on wireless infrastructure for something that (at least according to those who manage the budgets) worked fine 5 years ago, AKA why do you need to put 50 APs in a building that once had 30? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Thursday, October 19, 2017 11:13 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless printers and other devices in residence halls If you move your design planning toward dense 5GHz and designate 2.4 as a legacy wasteland, these devices have little impact. Even if these devices more toward 5GHz, the abundance of channels coupled with low signal propagation and vendor channel management e.g. DCA in Cisco speak, greatly enhance coexistence. Since you mention Cisco, use of CleanAir equipped APs in residence halls (even in small quantities) provide significant RF visibility, and you’ll know exactly what’s out there and impacting your environment. That’s a long way of saying you will never legislate these devices out of existence, and it’s far better to invest resources in technology that help with coexistence vs expending energy on confiscating/banning them. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "Davis, Steve" <sda...@lockhaven.edu<mailto:sda...@lockhaven.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Thursday, October 19, 2017 at 8:06 AM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: [WIRELESS-LAN] Wireless printers and other devices in residence halls I wanted to get an idea how everyone is handling students bringing in all types of wireless devices, which are basically access points. We have so many printers, TVs, Roku devices, game systems and who knows what else out there in the student rooms and these devices are causing issues with our campus wireless network. Do you allow these devices on your network? If not, how do you prevent the students from having them? I have Cisco wireless controllers where I can block rogue APs but that keeps the APs which are containing the rogue AP from servicing the clients and I don’t have dense enough coverage to be able to do this for every rogue device. Thanks in advance -Steve Steve Davis | Network Manager Department of Technology Infrastructure Lock Haven University 519 Robinson Hall 401 North Fairview Street, Lock Haven, PA 17745 Phone: 570-484-2290 | sda...@lockhaven.edu<mailto:sda...@lockhaven.edu> | www.lockhaven.edu<http://www.lockhaven.edu/> Connect with us: Facebook<https://www.facebook.com/LockHavenUniv/> | Twitter<https://twitter.com/LockHavenUniv> | YouTube<https://www.youtube.com/user/LHU1870> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: Wireless printers and other devices in residence halls
We were just having this conversation in-house this morning. The problem isn't APs - its printers, TVs, Rokus, Amazon Fire TVs, Playstations, etc. We don't have the people to manage the quantity that are out there (probably 1 in 4 or 5 rooms have something broadcasting). They don't realize their HP printer that is connected via USB is also broadcasting Wifi. And they don't know that their Roku/Fire Stick/Vizio TV is using WiFi for the connection to the remote control, and there's no way to turn it off. There's also no way to tell this many students to take those devices off campus (and there would probably be a riot about it). The terrible idea that is WiFi Direct is polluting the airwaves. And while it's primarily 2.4GHz now, I'm sure it's coming to 5GHz soon. We're at a bit of a loss for how to really handle this issue. Another increasing issue is mobile hotspots from phones. These only pop up on off hours and are difficult to track down and "prove" who was doing it. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hales, David Sent: Thursday, October 19, 2017 10:14 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless printers and other devices in residence halls Our residence hall policy and campus acceptable use policy specify that students are not allowed to connect routers, switches, or access points to the wired network, or operate independent wireless access points in campus facilities. Our NAC and switches are able to handle any that get plugged into wired drops. We don't have too many wireless issues caused by rogue APs, but when we detect an issue related to one, we locate them rather than mitigate them. We haven't run into one where the student was really trying to hide an AP, so we can usually localize it to a room or two, and then residential life finds them during one of their room inspections. Usually the student is just ignorant of the policy violation, and packs the device away. We haven't had any really rebellious students that insisted on bringing the device back online at a later time. David Hales Network Systems Administrator Information Technology Services 1010 N. Peachtree Clement Hall 117 Cookeville, TN 38505 P 931-372-3983 F 931-372-6130 E dha...@tntech.edu<mailto:dha...@tntech.edu> www.tntech.edu/its<http://www.tntech.edu/its> [Tennessee Tech Logo]<https://www.tntech.edu/> [TTU Facebook] <https://www.facebook.com/tennesseetech/> [TTU Twitter] <https://twitter.com/tennesseetech> [TTU Instagram] <https://www.instagram.com/tntechuniversity/> [TTU Youtube] <https://www.youtube.com/user/ttunews> [TTU Pintrest] <https://www.pinterest.com/tennesseetech/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Davis, Steve Sent: Thursday, October 19, 2017 9:56 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Wireless printers and other devices in residence halls I wanted to get an idea how everyone is handling students bringing in all types of wireless devices, which are basically access points. We have so many printers, TVs, Roku devices, game systems and who knows what else out there in the student rooms and these devices are causing issues with our campus wireless network. Do you allow these devices on your network? If not, how do you prevent the students from having them? I have Cisco wireless controllers where I can block rogue APs but that keeps the APs which are containing the rogue AP from servicing the clients and I don't have dense enough coverage to be able to do this for every rogue device. Thanks in advance -Steve Steve Davis | Network Manager Department of Technology Infrastructure Lock Haven University 519 Robinson Hall 401 North Fairview Street, Lock Haven, PA 17745 Phone: 570-484-2290 | sda...@lockhaven.edu<mailto:sda...@lockhaven.edu> | www.lockhaven.edu<http://www.lockhaven.edu/> Connect with us: Facebook<https://www.facebook.com/LockHavenUniv/> | Twitter<https://twitter.com/LockHavenUniv> | YouTube<https://www.youtube.com/user/LHU1870> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] RF Sensitivity
Great response. Maybe you should have them purchase some of these: http://www.safespaceprotection.com/electrostress-from-wireless-routers.aspx This magical sticker "radiates a six ft protective field". They can just stick one to their shoe or hat or whatever. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Healy Sent: Tuesday, October 17, 2017 4:05 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] RF Sensitivity Back when we first put WAPs in dorms, we drafted a FAQ for any parents that might give us pushback: http://web.suffieldacademy.org/ils/wlan/ Fortunately, we've not gotten any complaints. I apologize if it's out of date (haven't touched it in 3 years). However, it has some links that might be helpful for references. I authored it based on some other pages I'd found at other schools. Jason ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms
Sorry, I was mostly complaining about the one-per-room that vendors have been trying to push. If they really will cover multiple rooms, that’s a different option. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Daniel Brisson Sent: Wednesday, October 11, 2017 2:06 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms I have found with Cisco’s 1810Ws that we can get more than one room. Obviously, this depends greatly on building construction, but we can typically get at least 3 rooms covered with one Access Point. It’s really not that much more than deploying the larger APs. I am looking at between 2-3x number of 1810Ws to replace our aging 3502i’s, which doesn’t seem that bad really considering we just need to add one 48-port POE switch in most cases. -dan -- Dan Brisson Network Engineer University of Vermont From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Wednesday, October 11, 2017 at 3:03 PM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms I’ve complained to vendors about this before, but the problem is the one-per-room deployment can be 2-4x the cost of in-hall deployment. At smaller schools like ours, nebulous future support hours saved won’t make up for current costs now. The biggest issue is an in-hall AP that supports 4-6 rooms is only 2x the cost of a single in-room solution. For example, the dilemma I face is there is money to replace 6-8 year old APs and I can do one hall or 3-4 (with no guarantees of future money), which do you choose? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Stephen Belcher Sent: Wednesday, October 11, 2017 12:55 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms We started with an all wireless residence halls concept three years ago and will finish the last three (fairly small) installs next summer. We went with in-room access points supplemented with APs in common areas. For traditional residence halls we went with Cisco 702w initially changing to 1815w access points when they became available. For residence halls designed more as a suite concept we went with 2800 series access points. We pretty much blast the 5 GHz everywhere and disable 2.4 GHz in every other room (with a few exceptions). We have 6120 beds and the cost per bed for installs was about $370. I will be at Educause this year with a poster presentation on wireless dorms. If anyone is around stop by and say hi and grab some literature with the cost breakdown and FAQs. / Stephen Belcher Assistant Director of Network Operations WVU Information Technology Services (681) 214-3389 mobile From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Umut Arus Sent: Wednesday, October 11, 2017 11:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms Hello all, We have 500 Aruba APs for 3000 students in dorm building hallways however we are getting complaint still even if fine tuning because of walls. I think it is very contemporary issue for many. In every room with Aruba solution would be very expensive. We'd like to ask you what is your best solution that you have resolved it? thanks. -- Umut Arus System Specialist Information Technology Sabancı University Phone: +90216 483 9172 [mage removed by sender.] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. *
RE: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms
I’ve complained to vendors about this before, but the problem is the one-per-room deployment can be 2-4x the cost of in-hall deployment. At smaller schools like ours, nebulous future support hours saved won’t make up for current costs now. The biggest issue is an in-hall AP that supports 4-6 rooms is only 2x the cost of a single in-room solution. For example, the dilemma I face is there is money to replace 6-8 year old APs and I can do one hall or 3-4 (with no guarantees of future money), which do you choose? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Stephen Belcher Sent: Wednesday, October 11, 2017 12:55 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms We started with an all wireless residence halls concept three years ago and will finish the last three (fairly small) installs next summer. We went with in-room access points supplemented with APs in common areas. For traditional residence halls we went with Cisco 702w initially changing to 1815w access points when they became available. For residence halls designed more as a suite concept we went with 2800 series access points. We pretty much blast the 5 GHz everywhere and disable 2.4 GHz in every other room (with a few exceptions). We have 6120 beds and the cost per bed for installs was about $370. I will be at Educause this year with a poster presentation on wireless dorms. If anyone is around stop by and say hi and grab some literature with the cost breakdown and FAQs. / Stephen Belcher Assistant Director of Network Operations WVU Information Technology Services (681) 214-3389 mobile From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Umut Arus Sent: Wednesday, October 11, 2017 11:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Best Wireless Solution for Residence Hall Rooms Hello all, We have 500 Aruba APs for 3000 students in dorm building hallways however we are getting complaint still even if fine tuning because of walls. I think it is very contemporary issue for many. In every room with Aruba solution would be very expensive. We'd like to ask you what is your best solution that you have resolved it? thanks. -- Umut Arus System Specialist Information Technology Sabancı University Phone: +90216 483 9172 [Image removed by sender.] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Ruckus Users
We are evaluating new wireless vendors and I'm looking for current Ruckus clients who would be willing to send me their experiences and opinions off-list. I realize every vendor has occasional issues, but I'm more looking at show-stopping bugs, issues with support, day-to-day reliability, etc. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Defeating Android 8.X Captive Portal detection
Yes, we have had some who have had trouble in the past say they also sometimes had issues at Starbucks, et al. So the assumption that EDU is the only place they have issues may not be correct. I do think there should be better communication between wireless vendors, wireless device makers (esp Microsoft, Apple, and Google), and customers about these kind of changes. Why do we have to figure this out at all? It shouldn't be this hard. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Curtis K. Larsen Sent: Wednesday, September 6, 2017 1:51 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Defeating Android 8.X Captive Portal detection My comment had more to do with standardized captive browser behavior across operating systems than ease of use. Unless you are inferring that all of EDU go without a captive portal. Most of the public places I visit have a captive portal so I'd say the same questions apply there too. -Curtis From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Jeffrey D. Sessler <j...@scrippscollege.edu> Sent: Wednesday, September 6, 2017 11:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Defeating Android 8.X Captive Portal detection On 9/6/17, 8:46 AM, "The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf of Curtis K. Larsen" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of curtis.k.lar...@utah.edu> wrote: It would be really nice if Google would join the club and allow their captive browser to switch to a full browser after the internet is reachable, but until then I think it's the best we can do. I'd argue, that again, why are we in EDU making it so hard for users with these devices to get access to WIFi? It those devices work in every other setting, be it at Starbucks, Panara, Hospitals, HomeDepot, and so on... Then EDU is doing something wrong. The vendors will continue to support/do what's most compatible with "the rest of the world" so it's up to EDU to come to terms with why we are so different, and so device hostile. Jeff ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Backup power
I read “do you put your switches on a maintenance contract” as talking about the switches themselves, but I can see what you are saying as well. I agree that life/safety/phones, but a blanket “everything gets a UPS” can be wasteful. For example, switches that just support wired ports in dorm rooms. No guarantees of availability in the event of a power outage. Or switches that support little used buildings. We do use UPSes, but only where they make sense. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike King Sent: Friday, July 21, 2017 9:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Backup power Most UPS companies offer service contracts on the larger UPS (Symmetry line from APC is one example). That's what I think they were asking about. IE, If your putting cheap throwaway UPS's in there, is it worth having a service contract. I think it comes down to how you utilize your network. If you have what your department has determined as life/safety gear on there (And VoIP phones usually fall under this) then it should be considered. On Thu, Jul 20, 2017 at 5:23 PM, Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> wrote: I would ask why the connection between a UPS and maintenance contract? We have a mix of UPSes in important locations and *quality* surge supressors in others. We’ve had two switches fail due to power issues (out of roughly 100 on campus) over the past 5 years, and both were actually connected to a UPS (lightning strike killed the UPS and the switches behind it). Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564<tel:(903)%20813-2564> www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of Sandra Bury Sent: Thursday, July 20, 2017 10:02 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Backup power Good morning - I would be interested to know how many of you include UPS purchases for switches in each network closet in your campus deployments. If you do not build in backup power, do you put your switches on a maintenance contract, or do you pay to replace them when they fail outside of warranty? Thanks very much. Sandy Sandra H. Bury Executive Director, Computing Services Information Resources and Technology Bradley University 309-677-2808<tel:(309)%20677-2808> sa...@bradley.edu<mailto:sa...@bradley.edu> [Image removed by sender.] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Backup power
I would ask why the connection between a UPS and maintenance contract? We have a mix of UPSes in important locations and *quality* surge supressors in others. We’ve had two switches fail due to power issues (out of roughly 100 on campus) over the past 5 years, and both were actually connected to a UPS (lightning strike killed the UPS and the switches behind it). Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sandra Bury Sent: Thursday, July 20, 2017 10:02 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Backup power Good morning - I would be interested to know how many of you include UPS purchases for switches in each network closet in your campus deployments. If you do not build in backup power, do you put your switches on a maintenance contract, or do you pay to replace them when they fail outside of warranty? Thanks very much. Sandy Sandra H. Bury Executive Director, Computing Services Information Resources and Technology Bradley University 309-677-2808 sa...@bradley.edu<mailto:sa...@bradley.edu> [Image removed by sender.] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Older Apple devices and issues with 802.11N(2.4Ghz)
How are your data rates configured? I seem to recall something about Apple devices that used to be picky about it. We don't have Cisco, but we have 12 as Mandatory and everything lower disabled for NG. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dustin Howard Sent: Monday, July 17, 2017 3:28 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Older Apple devices and issues with 802.11N(2.4Ghz) I'm having an issue with some Apple devices and was wondering if anybody has experienced similar or if you have a similar environment and all is working well... My environment is 5508 controllers (8.0.140.17) with 1600 series and 1702i APs. We have 1242 AP so cannot upgrade past 8.0.. I am having an issue with what seems to be only older Apple devices on N(2.4Ghz). The devices authenticate/DHCP just fine but are very slow and only seem to work for a few minutes until you have to restart the wireless card. Loading a video is impossible...pings timeout and have very high latency. Most the time the client cannot even ping the gateway. I have been able to recreate this with iPad, 3rd and 4th Generations, an older Macbook Pro and an iPhone 5c while using 1602i, 1602e, and 1702i APs. I haven't confirmed any other brands having this problem. The devices mentioned above work great if I disable the N data rates on the AP radio. I had two users that were crippled with this issue, so I disabled the N data rates for one building over the weekend. The users said their devices worked great over the weekend. They also work well on the 5Ghz band but we have areas that rely on the 2.4Ghz coverage. If this issue is not resolved before school starts, then I'm afraid will have to disable N data rates globally for the 2.4Ghz band. Appreciate any feedback! -- Thanks, Dustin Howard Network Support Specialist Information Technology Services Truman State University 100 E. Normal Ave. Kirksville, MO 63501 Office - (660) 785-4165 Cell - (660) 341-7869 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment
Depending on the setup and purpose, the certs could be exported and shared to people/devices not intended; it may be assumed that will not happen. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Cappalli, Tim (Aruba Security) Sent: Wednesday, July 12, 2017 10:33 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment I’m curious about “…certs may give a false sense of security and identity”. Can you elaborate on that? Tim From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Wednesday, July 12, 2017 at 11:22 AM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment We use mac address auth (using Packetfence) for this reason. On-boarding is easy (there’s even a mac self-registration portal for devices that don’t understand the captive portal on connecting) through a captive portal, and the kids are used to captive portals at Starbucks/Target/McDonalds already . We formerly used Bradford Networks (long story, but we had some major issues with them) using a certificate based solution, and our opening of school support has gone from lines out the door of IT to almost nothing. While mac spoofing is a thing, EAP/PEAP/certs may give a false sense of security and identity. In a past life in the corporate world we did a PEAP solution with locked down certificates, but we tightly controlled all the end-points as well (only corporate owned devices allowed on the corp network). Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Tyler Sent: Tuesday, July 11, 2017 10:17 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment I think this is an excellent topic that has made me wonder. Given that so many users don’t secure their radius client profile, I have often thought mac address authentication might be a better option, but it would require a convenient registration method. If someone uses a man in the middle attack against a mac address, the consequences are minimal. If someone does it against usernames and password, they likely will have access to their other accounts as well. If people can on-board a full PEAP with certificate lock down solution, then it is the best. But if many of your clients are not getting the cert loaded and the client dependent on it, then it makes me wonder if mac address authentication isn’t better in the bigger picture of things. I am still using PEAP, but I am constantly thinking about mac address authentication. Tim From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of Jonathan Waldrep Sent: Tuesday, July 11, 2017 9:58 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment We acknowledged that many users are going to connect without using an on-boarding tool, and almost no one is going to secure their wireless profile manually. This leaves these users (on *all* platforms) open to a radius impersonation attack. Given this, we require a different password for network access. It's worth making a note of our security and business models (slightly over simplified, but sufficient for this topic). We treat ourselves as an ISP to our users. Everyone gets online with the same level of access. Our systems are secured at the server level. Guests self-register to access the network for a limited time. All this means that getting someone's network credentials means very little. If someone were doing something especially nefarious, using someone else's credentials would make it more difficult for us to find them. However, the attacker doesn't gain access to the compromised user's financial records, email, or anything else.
RE: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment
We use mac address auth (using Packetfence) for this reason. On-boarding is easy (there’s even a mac self-registration portal for devices that don’t understand the captive portal on connecting) through a captive portal, and the kids are used to captive portals at Starbucks/Target/McDonalds already . We formerly used Bradford Networks (long story, but we had some major issues with them) using a certificate based solution, and our opening of school support has gone from lines out the door of IT to almost nothing. While mac spoofing is a thing, EAP/PEAP/certs may give a false sense of security and identity. In a past life in the corporate world we did a PEAP solution with locked down certificates, but we tightly controlled all the end-points as well (only corporate owned devices allowed on the corp network). Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Tyler Sent: Tuesday, July 11, 2017 10:17 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment I think this is an excellent topic that has made me wonder. Given that so many users don’t secure their radius client profile, I have often thought mac address authentication might be a better option, but it would require a convenient registration method. If someone uses a man in the middle attack against a mac address, the consequences are minimal. If someone does it against usernames and password, they likely will have access to their other accounts as well. If people can on-board a full PEAP with certificate lock down solution, then it is the best. But if many of your clients are not getting the cert loaded and the client dependent on it, then it makes me wonder if mac address authentication isn’t better in the bigger picture of things. I am still using PEAP, but I am constantly thinking about mac address authentication. Tim From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of Jonathan Waldrep Sent: Tuesday, July 11, 2017 9:58 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] EAP-PEAP risk/benefit assessment We acknowledged that many users are going to connect without using an on-boarding tool, and almost no one is going to secure their wireless profile manually. This leaves these users (on *all* platforms) open to a radius impersonation attack. Given this, we require a different password for network access. It's worth making a note of our security and business models (slightly over simplified, but sufficient for this topic). We treat ourselves as an ISP to our users. Everyone gets online with the same level of access. Our systems are secured at the server level. Guests self-register to access the network for a limited time. All this means that getting someone's network credentials means very little. If someone were doing something especially nefarious, using someone else's credentials would make it more difficult for us to find them. However, the attacker doesn't gain access to the compromised user's financial records, email, or anything else. -- Jonathan Waldrep Network Engineer Network Infrastructure and Services Virginia Tech On Mon, Jul 10, 2017 at 8:24 PM, Mike King <m...@mpking.com<mailto:m...@mpking.com>> wrote: Marcelo, If windows 7 is just 4%, what is your highest percentage? Windows 10, or something else? On Mon, Jul 10, 2017 at 5:36 PM, Marcelo Maraboli <marcelo.marab...@uc.cl<mailto:marcelo.marab...@uc.cl>> wrote: Hello David we did this last month and "secured" PEAP by minimizing the risk in Windows 7 clients. We used this guide and it worked very well. http://www.defenceindepth.net/2010/05/attacking-and-securing-peap.html We did not use "step 4" because it didn't leave the user ID in our AAA, they were all "anonymous". We also studied every operating system that connected to our WIFI and found out that Windows-7 is just 4%, so we hope this problem will die on it's own. Windows 10 can use PAP-TTLS, even though that is another deal. hope it helps. best regards, On 7/10/17 3:55 PM, LaPorte, David wrote: I was wondering if anyone has done a risk/benefit assessment of using EAP-PEAP in your environment. If so, would you be willing to share? We have a solid understanding of the security/usability tradeoffs that come with PEAP, but were hoping to not re-invent the wheel :) Thanks, Dave David LaPorte david_lapo...@harvard.edu<mailto:david_lapo...@harvard.edu> ** Participation and subscription inf
RE: [WIRELESS-LAN] Consumer devices - SSID or AP blocking/excluding
It is better, but notice this list is only on specific devices. For example, I have an iPad 4th gen that works great and runs iOS 10 fine, but doesn’t get this roaming improvement. I also know of a number of iPhone 5 users. Since users don’t often know what they have, we often ask them to turn WiFi off and back on and see if it improves the signal or performance. That is interesting that the AirPort utility has a WiFi scanner; having an iPhone myself that can come in handy. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Friday, May 12, 2017 3:30 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Consumer devices - SSID or AP blocking/excluding Have you checked back on this since iOS 8 came out? Apple's phones seem to be the smartest about this, in my experience. They even released a document detailing their roaming logic: https://support.apple.com/en-us/HT203068 On Thu, May 11, 2017 at 1:39 PM Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> wrote: And mobile devices, especially Apple’s, tend to be very sticky clients and stay connected to an AP as long as they can see it. We don’t have Cisco, but I’m sure there are settings to help encourage roaming of clients. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564<tel:(903)%20813-2564> www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of Jeffrey D. Sessler Sent: Thursday, May 11, 2017 11:11 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Consumer devices - SSID or AP blocking/excluding Glenn, Cisco Prime Infrastructure (PI) product can assist with a lot of this diagnosis since it collects trend data including information specific to the client such as AP associations, roaming, RSSI, etc. It is a indispensable tool for getting to the bottom of reported client issues. If you don’t have it, I’d look at getting it. Your life will be far better. That said, a few comments: • SSIDs – have you confirmed that they are all setup identically? Lots of knobs can be turned for each SSID that can impact the client • Do you have client band steering or load balancing enabled? In general, while clients have gotten better about honoring the trickery, many still don’t. In most cases, clients (especially Apple’s) do a great job now in picking the best SSID, so the need for controller tricks is diminished. In other words, disable these if you have them enabled and see if client happiness improves. • Code – Get off of 8.0 (or at least get to 8.0.140.0). Preferably, get to 8.2MR5 where you will benefit from a lot of improvements, not only in client-AP compatibility, but additional features that will make your life a lot easier. Jeff From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Glenn Rodrigues Sent: Thursday, May 11, 2017 7:36 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Consumer devices - SSID or AP blocking/excluding Hello Peers Fairly new to the business of Wi-Fi for Higher Ed and was recommended to join Edu cause Would appreciate if anyone can provide feedback for the following Main theme: It seems to be like client Wi-Fi devices have some weird logic in blocking an SSID or AP if they had a bad experience on one of them I am aware we can’t control client roaming decisions, but just wondering if you guys have done anything to minimize it (I have implemented RF profiles..etc) Scenario 1 Physical area: In-doors in Dorms/reshall Infrastructure : Cisco 702W(80%) AND 3702I(20%) with WISM 8.0.133 Customer report: One SSID works better than the other (All APs are broadcasting 3 SSIDs ) Observation: User idle time outs are different per SSID Client devices – Apple/Samsung/ laptops/tablets/smartphones Troubleshooting – it is not intuitive to view trends via debug client via Cisco cli Recommendations -? Scenario 2 Physical area: In-doors in Dorms/reshall Infrastructure : Cisco 702W(80%) AND 3702I(20%) with WISM 8.0.133 Customer report: I get slow internet Observation: Customer device not connected to the strongest/closest AP • They might have been until an event happened (rogue AP or channel change) , but they don’t go back Client devices – Apple/Samsung/ laptops/tablets/smartphones
RE: Consumer devices - SSID or AP blocking/excluding
Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Thursday, May 11, 2017 11:11 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Consumer devices - SSID or AP blocking/excluding Glenn, Cisco Prime Infrastructure (PI) product can assist with a lot of this diagnosis since it collects trend data including information specific to the client such as AP associations, roaming, RSSI, etc. It is a indispensable tool for getting to the bottom of reported client issues. If you don't have it, I'd look at getting it. Your life will be far better. That said, a few comments: * SSIDs - have you confirmed that they are all setup identically? Lots of knobs can be turned for each SSID that can impact the client * Do you have client band steering or load balancing enabled? In general, while clients have gotten better about honoring the trickery, many still don't. In most cases, clients (especially Apple's) do a great job now in picking the best SSID, so the need for controller tricks is diminished. In other words, disable these if you have them enabled and see if client happiness improves. * Code - Get off of 8.0 (or at least get to 8.0.140.0). Preferably, get to 8.2MR5 where you will benefit from a lot of improvements, not only in client-AP compatibility, but additional features that will make your life a lot easier. Jeff From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Glenn Rodrigues Sent: Thursday, May 11, 2017 7:36 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Consumer devices - SSID or AP blocking/excluding Hello Peers Fairly new to the business of Wi-Fi for Higher Ed and was recommended to join Edu cause Would appreciate if anyone can provide feedback for the following Main theme: It seems to be like client Wi-Fi devices have some weird logic in blocking an SSID or AP if they had a bad experience on one of them I am aware we can't control client roaming decisions, but just wondering if you guys have done anything to minimize it (I have implemented RF profiles..etc) Scenario 1 Physical area: In-doors in Dorms/reshall Infrastructure : Cisco 702W(80%) AND 3702I(20%) with WISM 8.0.133 Customer report: One SSID works better than the other (All APs are broadcasting 3 SSIDs ) Observation: User idle time outs are different per SSID Client devices - Apple/Samsung/ laptops/tablets/smartphones Troubleshooting - it is not intuitive to view trends via debug client via Cisco cli Recommendations -? Scenario 2 Physical area: In-doors in Dorms/reshall Infrastructure : Cisco 702W(80%) AND 3702I(20%) with WISM 8.0.133 Customer report: I get slow internet Observation: Customer device not connected to the strongest/closest AP * They might have been until an event happened (rogue AP or channel change) , but they don't go back Client devices - Apple/Samsung/ laptops/tablets/smartphones Troubleshooting - it is not intuitive to find root cause via status codes Additional notes: I am using RF profiles controller power and data rates in an attempt to force them to connect to the strongest and closest AP Recommendations -? Thanks ___ Glenn Rodrigues, PMP|CWNA|CWAP|CWSP|CWDP Senior Wireless & Mobility Architect OIT Network Engineering & Operations T 303 492 2193 C 720 934 2565 [tmb_logo] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Dorm Wireless Authentication
Is it restricted to only "gadgets and games", or is it used for laptops as well? A majority of the services our students use are Internet facing also, so Internet-only access would still give them access to the services they need. I assume there is an authenticated SSID also? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, March 28, 2017 8:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Dorm Wireless Authentication After kicking tires on leading classification engines and weighing solution dollars and support costs, we opted to pilot a wide open "gadget and games" SSID in the dorms that only have Internet access for all the oddballs. With almost a full year in, it's been very well used and received and we've been able to answer all of our own security questions that anyone would be contemplating. I think we'll be moving forward with this model. Lee Badman (mobile) On Mar 28, 2017, at 7:48 AM, Osborne, Bruce W (Network Operations) <bosbo...@liberty.edu<mailto:bosbo...@liberty.edu>> wrote: Here is another vote for ClearPass with Aruba wireless. When an Apple TV is registered, it is also registered as an AirGroup personal device so the owner's 802.1X Apple device can use AirPlay to display content on the device. We also use Aruba's Dynamic Multicast Optimization to provide multicast IPTV over wireless. Bruce Osborne Senior Network Engineer Network Operations - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Robert Spellman [mailto:rsp...@bates.edu] Sent: Monday, March 27, 2017 9:33 AM Subject: Re: Dorm Wireless Authentication We use Aruba Clearpass, and have two SSID's on campus, one which is 802.1X, and the other open, doing MAC based authentication. Clearpass allows users to register their own devices for MAC authentication by logging into the Clearpass guest portal. Students can register devices for a year, while guests can register devices for 2 days. Rob Robert Spellman Bates College Information and Library Services On Mon, Mar 27, 2017 at 9:16 AM, Chris Brezil <brez...@newschool.edu<mailto:brez...@newschool.edu>> wrote: Good morning everyone, We are planning a larger scale roll out of wireless in our dorms. Currently we mainly just cover some of the common areas and students for the most part bring in their own routers. As most folks can appreciate, this has caused years of technical problems and is also not seen as great customer service. On our main campus wifi, we have people authenticate using 802.1x radius authentication using their university username and password. We have some concerns about doing this in the dormitories however. We know that students bring all sorts of consumer grade devices that require network access into their rooms, such as Apple TV, Amazon Echos, etc. Many of these devices will not work with username and password authentication and we are not looking to Mac exclude these devices on the network, given the overhead of setting this up. So we are looking possibly at doing WPA Personal with a passphrase that would be given to students. What are others doing? Has this come up as an issue for any of you? Best, Chris -- CHRIS BREZIL ASSISTANT VICE PRESIDENT, ENTERPRISE OPERATIONS INFORMATION TECHNOLOGY<http://www.newschool.edu/information-technology> 71 FIFTH AVENUE, 9th FLOOR, NEW YORK, NY 10003 brez...@newschool.edu<http://www.newschool.edu/marketing-communication/email-signature.html> | 212.229.5300 x4512 [https://docs.google.com/uc?export=download=0Bz9BzY1rvKW_bDQ4SU1RUmpfMTQ=0Bz9BzY1rvKW_cWtOekJTQ2RIdFFhQ3h1T0h3a3p3Vk9KT2pVPQ] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Ubiquiti per dorm room WIFI
The specs do say you can power it by PoE+ (802.3at). Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jonathan Miller Sent: Wednesday, March 15, 2017 10:32 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Ubiquiti per dorm room WIFI You may already aware of this, but Passive PoE is not the compatible with 802.3af, at, etc. You'll either need switches that provide passive PoE or a separate power supply for the APs. I've seen a few posts around the Internet where people got stung by trying to use industry standard PoE with passive PoE UBNT APs. Jonathan Miller Network Analyst Franklin and Marshall College On Sat, Mar 11, 2017 at 11:01 AM, Michael Blaisdell <mblaisd...@francis.edu<mailto:mblaisd...@francis.edu>> wrote: Has anyone looked at the new Ubiquiti IN WALL WAP? It has what I need. I also believe it answers some of the questions that came up in past posts about residence hall WIFI. UAP-AC-IW - Ubiquiti UniFi In-Wall 2.4 / 5GHz AC Access Point I read some of the specs at the baltic network site. Product Specifications • Dimensions: 139.7 x 86.7 x 25.75 mm (5.5 x 3.41 x 1.01 ") • Weight: 200 g (6.43 oz) • Networking Interface: (3) 10/100/1000 Ethernet Ports • Buttons: Reset • Power Method: Passive Power over Ethernet (48V), 803.2at Supported (Supported Voltage Range: 44 to 57 VDC) • Power Supply: UniFi Switch (PoE) • Power Save: Supported • PoE Out: 48V Pass-Through (Pins 1,2+; 3,6-) • Maximum Power Consumption: 7W • Maximum TX Power: 2.4 GHz: 20 dBm 5 GHz: 20 dBm • Antennas: (1) Dual-Band Antenna, Single-Polarity 2.4 GHz: 1 dBi 5 GHz: 2 dBi • Wi-Fi Standards: 802.11 a/b/g/n/ac • Wireless Security: WEP, WPA-PSK, WPA-Enterprise (WPA/WPA2, TKIP/AES) • BSSID: Up to Four per Radio • Mounting: 1-Gang Electrical Wall Box (Not Included) • Operating Temperature: -10 to 50°C (14 to 122°F) • Operating Humidity: 5 to 95% Noncondensing • Certifications: CE, FCC, IC Advanced Traffic Management • VLAN: 802.1Q • Advanced QoS: Per-User Rate Limiting • Guest Traffic Isolation: Supported • WMM: Voice, Video, Best Effort, and Background • Concurrent Clients: 250+ I didn't post the link to the data sheet but is listed on the site. -- Michael Blaisdell Director of Network Services IT Services Learning Commons/Library Saint Francis University 117 Evergreen Drive Loretto, PA 15940 814-472-3242<tel:(814)%20472-3242> http://www.francis.edu The best way to predict the future is to invent it. - Obadiah Bumbly ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Wireless Door lock systems
We have a small deployment of Stanley locks for special needs students; they aren't 802.11 wireless, but are 802.15.4 (on 2.4GHz) wireless. I only bring this up as it uses dedicated Stanly gateways, and we had to work to minimize the cross-interference between the two systems. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian David Sent: Saturday, March 11, 2017 5:59 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Wireless Door lock systems All, I was wondering what other Universities experience with wireless door locks? How have the door locks been working? Is there a lot of maintenance with your systems? For example battery life, wifi connection problems, broken locks. Brian ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Disney's Free Wi-Fi
But density and usage patterns are much different. Someone is a Disney park is much less likely to be streaming Netflix in HD compared to someone on a college campus, for example. Additionally they are covering lots of open spaces without as many pesky walls to block signals. I suspect their average bandwidth usage per guest is much lower than the average bandwidth usage per student. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh Sent: Friday, March 3, 2017 2:04 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Disney's Free Wi-Fi > On Mar 3, 2017, at 13:22, Bob Brown <bbr...@nww.com> wrote: > > According to a wireless engineer at Disney, the WLAN infrastructure in > Orlando consists of about 3,500 Cisco and Aruba APs across resorts, 4 theme > parks etc. That seems like a low number to me, considering the AP counts I’ve seen us throw around here on the list for our campuses. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] In room WIFI - second example
Sorry for the comment spam. I think my ideal is for someone like Aruba, Cisco, etc to have lower cost options that can be mixed in with the better APs. I want those for the high capacity locations like classrooms, etc and the lower cost options for low usage areas, better density for dorms, etc. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Philippe Hanset Sent: Tuesday, February 21, 2017 9:21 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] In room WIFI - second example Thomas et al., For people looking for creative/more affordable systems (not discussing all the drawbacks etc ;-), you could also look at Benu Networks. http://benu.net/solutions/ It seems to be based on White Label APs with Open Source code and centrally managed offering. (I met their CTO at a conference and it seemed pretty interesting, but I have never tested) Has anyone on the list investigated this system? Philippe Philippe Hanset, CEO www.anyroam.net<http://www.anyroam.net> www.eduroam.us<http://www.eduroam.us> +1 (865) 236-0770 On Feb 21, 2017, at 10:12 AM, Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> wrote: Yes, or in some cases, no budget cuts but increased requirements/demands for wireless. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian Lyons Sent: Tuesday, February 21, 2017 8:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@listserv.educause.edu> Subject: Re: [WIRELESS-LAN] In room WIFI - second example A better way to ask the question (perhaps?): Your budget was cut in half but your requirements of installing/having AC Wireless was not changed? Simple answer is something has to give. I understand your pain. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Tuesday, February 21, 2017 9:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] In room WIFI - second example In the example I used below, there wasn’t an FTE to eliminate. There is no way that Meraki, Aerohive, and Ruckus can be cheaper, especially when TCO is concerned. That annual license/controller cost for Meraki and Aerohive wouldn’t be there. I guess I’m not making my point well. It seems like most of the responses assume there is enough budget for a top tier solution and this is just about not spending all of it. Imagine your budget for wireless was cut in half. What would you do? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.austincollege.edu%2F=02%7C01%7Cilyons%40ROLLINS.EDU%7Cd7de358c1cef494f5cbf08d45a68ee6a%7Cb8e8d71a947d41dd81dd8401dcc51007%7C0%7C0%7C636232854208154442=fRj0Ny06vnlMGanBNTm8Gz8qwYgaEtNN4zo%2BfxYHits%3D=0> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Monday, February 20, 2017 3:52 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] In room WIFI - second example In the k-12 space, Cisco Meraki, Aerohive, and Ruckus continue to be the big players even in small districts, with others, including Ubiquiti, not making much of a dent. Those solutions also tend to come in at or lower than Ubiquiti. One of the drivers for solutions such as Meraki is that from management’s perspective, the cloud-based platform and extensive support channel means you don’t need all those expensive FTE’s to run it, while at the same time gaining many of the enterprise features you care most about. The reduction of even a single FTE costing say $100K per year including benefits purchases a whole lot of additional wireless hardware. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-L
RE: [WIRELESS-LAN] In room WIFI - second example
Yes, or in some cases, no budget cuts but increased requirements/demands for wireless. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian Lyons Sent: Tuesday, February 21, 2017 8:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] In room WIFI - second example A better way to ask the question (perhaps?): Your budget was cut in half but your requirements of installing/having AC Wireless was not changed? Simple answer is something has to give. I understand your pain. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Tuesday, February 21, 2017 9:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] In room WIFI - second example In the example I used below, there wasn’t an FTE to eliminate. There is no way that Meraki, Aerohive, and Ruckus can be cheaper, especially when TCO is concerned. That annual license/controller cost for Meraki and Aerohive wouldn’t be there. I guess I’m not making my point well. It seems like most of the responses assume there is enough budget for a top tier solution and this is just about not spending all of it. Imagine your budget for wireless was cut in half. What would you do? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.austincollege.edu%2F=02%7C01%7Cilyons%40ROLLINS.EDU%7Cd7de358c1cef494f5cbf08d45a68ee6a%7Cb8e8d71a947d41dd81dd8401dcc51007%7C0%7C0%7C636232854208154442=fRj0Ny06vnlMGanBNTm8Gz8qwYgaEtNN4zo%2BfxYHits%3D=0> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Monday, February 20, 2017 3:52 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] In room WIFI - second example In the k-12 space, Cisco Meraki, Aerohive, and Ruckus continue to be the big players even in small districts, with others, including Ubiquiti, not making much of a dent. Those solutions also tend to come in at or lower than Ubiquiti. One of the drivers for solutions such as Meraki is that from management’s perspective, the cloud-based platform and extensive support channel means you don’t need all those expensive FTE’s to run it, while at the same time gaining many of the enterprise features you care most about. The reduction of even a single FTE costing say $100K per year including benefits purchases a whole lot of additional wireless hardware. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Monday, February 20, 2017 at 12:08 PM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] In room WIFI - second example I’m not questioning the cost, just the available options. I feel like I sometimes want to tow a 15’ travel trailer and my options from the established vendors are a Peterbuilt, Mack, and Freightligner at 4x the cost of an F-150 that is adequate to the task. Because of that, there are a lot of small schools, businesses, etc, that are now turning to Ubiquiti, Open Mesh, Mikrotik, etc for their good-enough. I do believe you get what you pay for, but there are limits on what you can afford. Here’s the story of a friend; a campus of APs between 5-10 years old. Over the next 5 years he could only get the budget to replace only ½ of them with a Cisco/Aruba/Ruckus/etc. Over the next 3 years, he could replace all of them with Ubiquiti. What choice do you make? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.austincollege.edu%2F=02%7C01%7Cilyons%40ROLLINS.EDU%7Cd7de358c1cef494f5c
RE: [WIRELESS-LAN] In room WIFI - second example
In the example I used below, there wasn’t an FTE to eliminate. There is no way that Meraki, Aerohive, and Ruckus can be cheaper, especially when TCO is concerned. That annual license/controller cost for Meraki and Aerohive wouldn’t be there. I guess I’m not making my point well. It seems like most of the responses assume there is enough budget for a top tier solution and this is just about not spending all of it. Imagine your budget for wireless was cut in half. What would you do? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Monday, February 20, 2017 3:52 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] In room WIFI - second example In the k-12 space, Cisco Meraki, Aerohive, and Ruckus continue to be the big players even in small districts, with others, including Ubiquiti, not making much of a dent. Those solutions also tend to come in at or lower than Ubiquiti. One of the drivers for solutions such as Meraki is that from management’s perspective, the cloud-based platform and extensive support channel means you don’t need all those expensive FTE’s to run it, while at the same time gaining many of the enterprise features you care most about. The reduction of even a single FTE costing say $100K per year including benefits purchases a whole lot of additional wireless hardware. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Monday, February 20, 2017 at 12:08 PM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] In room WIFI - second example I’m not questioning the cost, just the available options. I feel like I sometimes want to tow a 15’ travel trailer and my options from the established vendors are a Peterbuilt, Mack, and Freightligner at 4x the cost of an F-150 that is adequate to the task. Because of that, there are a lot of small schools, businesses, etc, that are now turning to Ubiquiti, Open Mesh, Mikrotik, etc for their good-enough. I do believe you get what you pay for, but there are limits on what you can afford. Here’s the story of a friend; a campus of APs between 5-10 years old. Over the next 5 years he could only get the budget to replace only ½ of them with a Cisco/Aruba/Ruckus/etc. Over the next 3 years, he could replace all of them with Ubiquiti. What choice do you make? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [ttp://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Monday, February 20, 2017 1:44 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] In room WIFI - second example On the cost of devices. Some enterprise vendor solutions may be nothing more than the same off-the-shelf design that the consumer models use, including using the same radio code. When there are radio code issues, the vendor goes back to Broadcom, Marvell, or Qualcomm for a fix. Other enterprise vendors go as far as to license the radio source code, where you get unique features not otherwise available with off-the-shelf designs. That said, the enterprise WAP vendor does write the code that does all the rest of the magic in the WAP e.g. interface, controller connectivity, and so on. In general, the cost you are paying for the enterprise WAPs involves a lot more than just the hardware cost with most of it in the value/development cost of the IP (software underpinning the system). Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: "wireless-lan@listserv.educause.edu&
RE: [WIRELESS-LAN] In room WIFI - second example
I’m not questioning the cost, just the available options. I feel like I sometimes want to tow a 15’ travel trailer and my options from the established vendors are a Peterbuilt, Mack, and Freightligner at 4x the cost of an F-150 that is adequate to the task. Because of that, there are a lot of small schools, businesses, etc, that are now turning to Ubiquiti, Open Mesh, Mikrotik, etc for their good-enough. I do believe you get what you pay for, but there are limits on what you can afford. Here’s the story of a friend; a campus of APs between 5-10 years old. Over the next 5 years he could only get the budget to replace only ½ of them with a Cisco/Aruba/Ruckus/etc. Over the next 3 years, he could replace all of them with Ubiquiti. What choice do you make? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Monday, February 20, 2017 1:44 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] In room WIFI - second example On the cost of devices. Some enterprise vendor solutions may be nothing more than the same off-the-shelf design that the consumer models use, including using the same radio code. When there are radio code issues, the vendor goes back to Broadcom, Marvell, or Qualcomm for a fix. Other enterprise vendors go as far as to license the radio source code, where you get unique features not otherwise available with off-the-shelf designs. That said, the enterprise WAP vendor does write the code that does all the rest of the magic in the WAP e.g. interface, controller connectivity, and so on. In general, the cost you are paying for the enterprise WAPs involves a lot more than just the hardware cost with most of it in the value/development cost of the IP (software underpinning the system). Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Monday, February 20, 2017 at 9:01 AM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] In room WIFI - second example It does bring up a problem that I’ve been complaining about for a long time – the top tier vendors don’t really offer any low cost single-room solutions, especially when it comes to ac. For example, what is there between this Mikrotik device at $50 and an Aruba AP-205H for $400? I see they have a 203H coming, but I don’t know the pricing on that. It seems the Cisco 1810 is a little better at $300, but for less than double that cost I can support 3 rooms with a traditional ceiling mount. And that doesn’t include the extra controller licensing and capacity required. From the point of view of someone with a small, challenging budget, I could get the Aruba or Cisco and then have to keep them in service for 10+ years, or go for the cheaper models and replace them every 3. I realize there are other issue, but cost is a big driver. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [ttp://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mark Elley Sent: Monday, February 20, 2017 10:24 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] In room WIFI - second example IMHO what you potentially save upfront will probably cost you dearly in maintenance, support issues and customer (dis)satisfaction. Wireless Service Manager IT Services, University of Bristol On 20 February 2017 at 14:55, Michael Blaisdell <mblaisd...@francis.edu<mailto:mblaisd...@francis.edu>> wrote: Hmm. How many rooms, buildings, and end devices, Michael? 700 rooms over 10 buildings and about 3000 end devices. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Con
RE: [WIRELESS-LAN] In room WIFI - second example
It does bring up a problem that I’ve been complaining about for a long time – the top tier vendors don’t really offer any low cost single-room solutions, especially when it comes to ac. For example, what is there between this Mikrotik device at $50 and an Aruba AP-205H for $400? I see they have a 203H coming, but I don’t know the pricing on that. It seems the Cisco 1810 is a little better at $300, but for less than double that cost I can support 3 rooms with a traditional ceiling mount. And that doesn’t include the extra controller licensing and capacity required. From the point of view of someone with a small, challenging budget, I could get the Aruba or Cisco and then have to keep them in service for 10+ years, or go for the cheaper models and replace them every 3. I realize there are other issue, but cost is a big driver. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mark Elley Sent: Monday, February 20, 2017 10:24 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] In room WIFI - second example IMHO what you potentially save upfront will probably cost you dearly in maintenance, support issues and customer (dis)satisfaction. Wireless Service Manager IT Services, University of Bristol On 20 February 2017 at 14:55, Michael Blaisdell <mblaisd...@francis.edu<mailto:mblaisd...@francis.edu>> wrote: Hmm. How many rooms, buildings, and end devices, Michael? 700 rooms over 10 buildings and about 3000 end devices. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: EXTERNAL: [WIRELESS-LAN] Guest WLAN capabilities/policies
All of a-e would be classified as a "guest"; essentially anyone but faculty/staff/students. It is much more locked down for traffic (basically web traffic only) and is bandwidth limited (per device, and as a whole). It also can only connect to the Internet with no connection to the internal network. We also have a similar time limit (1 day) for most guests. The exception is long term guests (professor visiting for a week, week long summer basketball camp, etc); these get special extended time guest accounts specific to the situation and only good for the duration of the visit. For faculty/staff/students, I see very little reason why they would want to use the guest network instead of the standard on campus network. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Eriks Rugelis Sent: Thursday, January 5, 2017 7:51 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: EXTERNAL: [WIRELESS-LAN] Guest WLAN capabilities/policies Happy New Year to all! York University needs to create a guest WLAN service suitable for use by: a) individuals enrolled in on-campus 1-day to 5-day professional development courses but they bring their own locked-down corporate laptops for which the end-user has no administrative rights (making it difficult for them to configure their 802.1x supplicant) b) VIP guests (potential donors to the University) visiting the campus for the day c) suppliers visiting for the day to make presentations or to provide support for products and services used by the University d) prospective students (and parents) visiting the campus for the day e) guests of on-campus conferences (using residences and meeting spaces rented by our hotel operation) We intend to have the guest user self-register for time-limit (12 hours at a stretch) access via email address or mobile phone number (which may be reached via SMS.) We have an existing temporary/sponsored account mechanism which is suitable for use by individuals who require 'full WLAN service' and whose arrival is pre-arranged. However, this does not support self-registration and is perceived by our clientele as too cumbersome for use by this group of users. We have eduroam deployed but most of the users in the target market do not have high-education userids elsewhere and thus are not able to leverage that service. Our corporate IT policies are such that we prefer to have all users with a long-term relationship to the University (enrolled students, faculty, staff, researchers) use our standard 802.1x authenticated service which is tied to our corporate ID management systems. This permits us to link any abuse or data breach back to a particular individual and apply one of a number of standard response procedures to mitigate the malware found in the client device or the in head of the end-user as appropriate. How does your institution define guest WLAN service vs. corporate WLAN services? How does your institution encourage use of the corporate WLAN service vs. Guest WLAN service by those individuals who are known to corporate ID management? How do the capabilities of your Guest WLAN service differ from those of the corporate WLAN service? (e.g. throughput limits? restricted TCP/UDP ports? application restrictions? other?) Thanks in advance for any and all input. Eriks "In God we trust; all others must bring data." - attributed to W. Edwards Deming --- Eriks Rugelis | Manager, Network Development | University Information Technology 010 Steacie Science and Engineering Library | York University | 4700 Keele St. , Toronto ON Canada M3J 1P3 T: +1.416.736.5756 | F: +1.416.736.5830 | er...@yorku.ca<mailto:er...@yorku.ca> | www.yorku.ca<http://www.yorku.ca/> York UIT will NEVER send unsolicited requests for passwords or other personal information via email. Messages requesting such information are fraudulent and should be deleted.<http://www.yorku.ca/> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Outsourcing ResNet wireless and wired networks
One additional note I forgot in my original – how are issues reported? Can students report issues to the vendor directly, or must they go through your help desk first? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman Sent: Monday, November 14, 2016 10:46 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Outsourcing ResNet wireless and wired networks Thanks for the responses so far. Just to clarify, this isn’t my RFP. The draft was written and handed to me Thursday afternoon to review. I’m not clear on the timeline yet. I am trying to make sure we present the best value to the students. I know I can offer a solid service at a lower cost than an outsourcing agency (I already have the labor, and as a union shop, they cannot bring in a 3rd party and then lay off employees). However, I have been horribly underfunded for years (I still have 7 year old wireless units in many areas). If this will get the upgrades/density, then it is a good idea. What I am working to do is ensure we aren’t locked into a perpetual outsource. Let’s face it, those firms are not in the business to donate, they are in business to make money. As such, I’ll treat anything offered to me with considerable skepticism. As the contract nears end, I need to make sure we aren’t forced to renew, because the alternative would be unaffordable. I am VERY concerned of outsourcing agencies who cut costs (e.g inventing their own standards) to make them appear more palatable (and increase margin). It is also my experience that complaints don’t go away, they just go somewhere else. Keep the ideas flowing. I’ll incorporate whatever is relative into my response to the draft. If there are people on here who have outsourced, can you tell me the size of your student population in your Res Halls (number of buildings and number of residents)? I suspect this project doesn’t scale for our size (6 halls; 2300 resident students), but I’d like to understand if it would. Thanks, Brian From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Philippe Hanset Sent: Monday, November 14, 2016 11:03 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Outsourcing ResNet wireless and wired networks Brian, Each school has existing strength that you might not want to outsource. (existing commodity internet access, help desk, cable plant, Firewalls, …) When you mention Wired and Wireless, will this be completely independent from main campus or will it be connected to your existing core network? A few item to consider: -Ownership of cable plant (wireless lasts 5 years, cables last 20 years or more) -QoS -SLA (response time, help desk options, incident handling) -Data Privacy (authentications and traffic) -Policies -Cost of changes (you want an extra SSID) -Access to system ( a user has problems on campus but never in Residence, you want to compare) -Access to building for contractor, access to bedrooms (at UTK we had to have an opposite gender escort to access residence) Outsourcing is a loaded word ;-) Why don’t you do an RFI or RFQ first then based on responses do an RFP. Philippe Philippe Hanset www.eduroam.us<http://www.eduroam.us> www.anyroam.net<http://www.anyroam.net> On Nov 14, 2016, at 10:41 AM, Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> wrote: While we haven’t outsourced operations, as a small school we have often leaned on the expertise of vendors in RFPs. For example, “here are the floor plans, how would you put wireless here and why would you do it that way?” It also gives additional viewpoints you might not have considered. On one project we even took the best ideas from multiple vendors and created a v2 of the RFP (this possibility was stated in the original RFP). They’ve (hopefully) done this other places and may be able to tell you what works and what doesn’t. You might need to think through the non-technical things that could be big issues. As a small campus, most of our policies are built around an assumption that no major functions like this are outsourced, so policies would probably have to change (e.g. outside vendors have to be escorted in residential buildings by an employee). Another thing to consider is access - if the vendor has access to residential buildings, should their employees go through background checks? Can you essentially say “we don’t want that employee on campus”? What about number of employees – for example, our internal policy i
RE: Outsourcing ResNet wireless and wired networks
While we haven't outsourced operations, as a small school we have often leaned on the expertise of vendors in RFPs. For example, "here are the floor plans, how would you put wireless here and why would you do it that way?" It also gives additional viewpoints you might not have considered. On one project we even took the best ideas from multiple vendors and created a v2 of the RFP (this possibility was stated in the original RFP). They've (hopefully) done this other places and may be able to tell you what works and what doesn't. You might need to think through the non-technical things that could be big issues. As a small campus, most of our policies are built around an assumption that no major functions like this are outsourced, so policies would probably have to change (e.g. outside vendors have to be escorted in residential buildings by an employee). Another thing to consider is access - if the vendor has access to residential buildings, should their employees go through background checks? Can you essentially say "we don't want that employee on campus"? What about number of employees - for example, our internal policy is individual employees can go in public spaces of residential halls (within certain hours of the day), but at least 2 must be together for private spaces (rooms, apartments, etc). I'm sure you realize this, but don't forget your own employees in all of this. Even just a feasibility study can affect moral in your department ( outsourcing = layoffs to many ). I went through this on an almost annual basis in the corporate world to justify our existence; lots of communication helps. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Monday, November 14, 2016 9:16 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Outsourcing ResNet wireless and wired networks Brian- If you're outsourcing the entire operation, it sounds like much of what you're trying to specify is best left to the vendors that would bid. Many of them are far from new to this and would come with their own proposed approaches. I can see specifying: * basic density/coverage requirements including ISP links and minimum .11 tech to use * a list of "these are not allowed" kinda constraints (hallway designs. External antennas, etc) * elements of campus policy that have to be met * basic SLA for monitoring and response and then let them propose to you what they have to offer. Otherwise the level of detail you are trying to hit sounds more like you are making up policy as you go in the RFP, telling them not just what you need but explicitly how to do it, and more looking for someone to be your contract workers than to be an autonomous third party that owns the responsibility and system. Just my two cents. I don't envy you on this. -Lee Lee Badman | CWNE #200 | Network Architect Information Technology Services 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 f 315.443.4325 e lhbad...@syr.edu<mailto:lhbad...@syr.edu> w its.syr.edu SYRACUSE UNIVERSITY syr.edu From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman Sent: Monday, November 14, 2016 9:54 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Outsourcing ResNet wireless and wired networks We are in the process of issuing an RFP to investigate the feasibility of outsourcing our ResNet services (both wired and wireless). The RFP is in its first draft. I need to sit down this week and make edit suggestions - identify omissions and additions, as well as verify technology and requirements. I haven't read the draft yet. My thought processes was to identify what was important, in my opinion, first and then read the draft to make sure they are there and/or clearly defined. There are a few items I'm not sure about. I'm trying to wrap my head around how it would work. The following is a list of thoughts (in no particular order other than how they popped into my head). I've commented briefly on a couple items, to clarify my reasoning. If I could get comments (offline is fine, if you'd prefer), it would be most appreciated. * Lease-to-own option - if we do outsource, I want to make sure we don't have to install wireless in every dorm simultaneously if we don't renew the contract. * Stipulate the RFP may not necessarily result in a contract - if the bids are insufficient or too expensive * Verify
RE: Question about Cisco 1810w APs in residential buildings
What's the density of these? With 700 beds, it doesn't sound like one AP per room. Just curious about the trade-offs in cost vs coverage compared to more traditional APs. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Daniel Brisson Sent: Thursday, October 27, 2016 8:07 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Question about Cisco 1810w APs in residential buildings We've deployed around 150 or so in one complex although we're fortunate to have them mounted just to the left or right of the door at about waist level. Still have the concerns about getting knocked around with furniture, but so far so good. Hopefully the DNS discovery issues have been resolved as we have another 180 or so going in this winter into a new 700 bed building. -dan Dan Brisson Network Engineer University of Vermont From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian Lyons Sent: Thursday, October 27, 2016 8:52 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Question about Cisco 1810w APs in residential buildings They are designed to cover the room itself. Rollins has found that it does do that, even with the furniture covering it. It actually helps limit the signal propagation (2.4). Ian From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, October 27, 2016 8:36 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Question about Cisco 1810w APs in residential buildings One of my biggest concerns has always been the height at which these WAPs get installed (as you mentioned, 1.5ft). In most of our residential buildings, the data ports happen to be right behind desks that are provided by ResLife and the desks have covers in the back that essentially would bump against the WAP. Not to mention the fact that as furniture gets moved around, there is always the potential of knocking down the WAP. I wonder how has already deployed them in a similar fashion and what the experience has been? If you end up using them, I'd be curious to see how things work out. Best, Hector Rios Louisiana State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Devyn Moore Sent: Tuesday, October 25, 2016 9:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Question about Cisco 1810w APs in residential buildings All, Our housing department wants us to look at these for wide-scale deployment in 11 residence halls within the next 2-3 years due to cost reduction in cable installation with our previous designs. This will be a one AP per room deployment utilizing current wiring infrastructure, where Aps were previously in the hallways (2600, 3500). We're planning to configure the cells to a lower transmit power as well as assigning channels based on zero occupancy with 20MHz channels. Our ability to get into these buildings in order to resolve rogue issues is severely limited already because we are required to have a Residential Technician (from the housing department) with us when visiting student rooms. That's only going to get worse when we lose visibility that we currently have with our current deployments in the halls. We're also not planning to enable the ethernet ports because those aren't in scope for the Proof of Concept due to crashed timelines provided by the department. We're currently running 8.0.133.0 and have been incredibly stable (no AVC, no IPv6, 802.1x for primary SSID, web auth guest). We don't use ISE, but use FreeRADIUS for wireless auth. We're running two pairs of Hot/Standby 8510s with a mixture of 2600, 2700, 3500, 3600 and 3700 series APs, but would like to start integrating 2800 and 3800 series APs - separate from the housing request. I am targeting 8.2.121.7 for our upgrade in order to get around some bugs that I've seen mentioned here as we also start testing 2800/3800 in our environment. Has anyone had any issues with 1810w in dense cell deployments like residential hall buildings? Issues with damaged devices due to installation locations on wall approximately 1.5ft (45cm) from the floor? Have there been any issues with SSO HA with 8.2.121.7? Anything else you'd like to share about the 1810ws? Thanks in advance for the feedback. -- Devyn Moore Network Enterprise Systems Team Leader Camp
RE: Question about Cisco 1810w APs in residential buildings
Not to speak for Hector, but I think the concern here is physical damage. That's an interesting topic as here we're used to ceiling mount APs that are generally out of the way. However, we have a few hallway phones (admittedly higher on the wall), and probably 15%-20% get damaged or knocked off the wall every year. Would the students be any more careful about APs at outlet or desk level? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian Lyons Sent: Thursday, October 27, 2016 7:52 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Question about Cisco 1810w APs in residential buildings They are designed to cover the room itself. Rollins has found that it does do that, even with the furniture covering it. It actually helps limit the signal propagation (2.4). Ian From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, October 27, 2016 8:36 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Question about Cisco 1810w APs in residential buildings One of my biggest concerns has always been the height at which these WAPs get installed (as you mentioned, 1.5ft). In most of our residential buildings, the data ports happen to be right behind desks that are provided by ResLife and the desks have covers in the back that essentially would bump against the WAP. Not to mention the fact that as furniture gets moved around, there is always the potential of knocking down the WAP. I wonder how has already deployed them in a similar fashion and what the experience has been? If you end up using them, I'd be curious to see how things work out. Best, Hector Rios Louisiana State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Devyn Moore Sent: Tuesday, October 25, 2016 9:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Question about Cisco 1810w APs in residential buildings All, Our housing department wants us to look at these for wide-scale deployment in 11 residence halls within the next 2-3 years due to cost reduction in cable installation with our previous designs. This will be a one AP per room deployment utilizing current wiring infrastructure, where Aps were previously in the hallways (2600, 3500). We're planning to configure the cells to a lower transmit power as well as assigning channels based on zero occupancy with 20MHz channels. Our ability to get into these buildings in order to resolve rogue issues is severely limited already because we are required to have a Residential Technician (from the housing department) with us when visiting student rooms. That's only going to get worse when we lose visibility that we currently have with our current deployments in the halls. We're also not planning to enable the ethernet ports because those aren't in scope for the Proof of Concept due to crashed timelines provided by the department. We're currently running 8.0.133.0 and have been incredibly stable (no AVC, no IPv6, 802.1x for primary SSID, web auth guest). We don't use ISE, but use FreeRADIUS for wireless auth. We're running two pairs of Hot/Standby 8510s with a mixture of 2600, 2700, 3500, 3600 and 3700 series APs, but would like to start integrating 2800 and 3800 series APs - separate from the housing request. I am targeting 8.2.121.7 for our upgrade in order to get around some bugs that I've seen mentioned here as we also start testing 2800/3800 in our environment. Has anyone had any issues with 1810w in dense cell deployments like residential hall buildings? Issues with damaged devices due to installation locations on wall approximately 1.5ft (45cm) from the floor? Have there been any issues with SSO HA with 8.2.121.7? Anything else you'd like to share about the 1810ws? Thanks in advance for the feedback. -- Devyn Moore Network Enterprise Systems Team Leader Campus Wireless Network Engineer Information Technology Services http://directory.uark.edu/people/devyn ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://w
RE: Captive portal trouble with LG phones
I forgot to mention we're currently running 5.4. We've had this trouble 3-4 times in the past few weeks, and every time it is a brand new LG phone. Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sullivan, Don Sent: Wednesday, October 12, 2016 7:17 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Captive portal trouble with LG phones We use Packetfence also and we have not heard of or seen this issue. We are running version 6.0.3. Don Sullivan Network Administrator 205-726-2111 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Monday, October 10, 2016 2:40 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Captive portal trouble with LG phones We use PacketFence as our NAC and have a captive portal to allow users to self-register their devices. In the past couple of weeks we've had problems with the latest LG phones (other Androids work fine) disconnecting in the middle of a captive portal session; it won't stay connected long enough to register the device. It seems similar to the old Apple "success.html" test for internet connectivity, but I haven't been able to determine if that is the case. Has anyone else seen this issue with new LG phones? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.austincollege.edu_=DQMFAg=GTxgfYI6i4KYikqC6GK_Jzn2mYGEh-v4HEPYCyQcJzU=gESFfxkz83JEIAAPJ78hwRDbYXa0egqYOhaeRMDNKZQ=VmAIWM1H1bafDXC1xfAJrpNfaTmkC2aJfv3MfpC6J9o=n_egKFSrHhhZTmUkaQJjN7qRIEmd-ie0z2zj9YuqWus=> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_groups_=DQMFAg=GTxgfYI6i4KYikqC6GK_Jzn2mYGEh-v4HEPYCyQcJzU=gESFfxkz83JEIAAPJ78hwRDbYXa0egqYOhaeRMDNKZQ=VmAIWM1H1bafDXC1xfAJrpNfaTmkC2aJfv3MfpC6J9o=lE0xsh9dBHmyRRP31Lrv05l_4ec5XCoSPOF9bzN6M2Q=>. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Captive portal trouble with LG phones
We use PacketFence as our NAC and have a captive portal to allow users to self-register their devices. In the past couple of weeks we've had problems with the latest LG phones (other Androids work fine) disconnecting in the middle of a captive portal session; it won't stay connected long enough to register the device. It seems similar to the old Apple "success.html" test for internet connectivity, but I haven't been able to determine if that is the case. Has anyone else seen this issue with new LG phones? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] About the Guest wireless network and account
We kept the captive portal, but we also create “special” guest accounts for longer term needs. For example, we recently held a weekend volleyball tournament and the athletic department had a guest account for visiting coaches that was valid for the duration of the tournament. The guest network is essentially outside our firewall as well – it goes through the firewall, but is blocked from everything but the internet. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tony Skalski Sent: Thursday, September 8, 2016 2:18 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] About the Guest wireless network and account Prior to this year, we had open guest SSID with a captive portal where users had to accept an AUP every 8 hours. This year we removed the captive portal and merged it with another SSID that was used for consoles and other devices that do not support 802.1x. The new guest SSID is open and effectively outside our firewall. ajs On Thu, Sep 8, 2016 at 1:59 PM, Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> wrote: We use PacketFence as well; while faculty, staff, and student accounts are tied to AD, guest accounts reside only in packetfence. What is nice for us is accounts can have limited time frames and limited expirations to help prevent abuse. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of Max McGrath Sent: Thursday, September 8, 2016 1:09 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] About the Guest wireless network and account We use PacketFence (https://packetfence.org/) as our NAC. It has built-in guest functionality and works fairly well. Guests can register either via SMS or email. Max -- Max McGrath [https://static.licdn.com/scds/common/u/img/webpromo/btn_profile_greytxt_80x15.png] <https://www.linkedin.com/pub/max-mcgrath/1b/3a6/a21> Network Administrator Carthage College 262-552-5512 mmcgr...@carthage.edu<mailto:mmcgr...@carthage.edu> On Thu, Sep 8, 2016 at 1:01 PM, Linchuan Yang <linchuan.y...@concordia.ca<mailto:linchuan.y...@concordia.ca>> wrote: Dear All We are doing research for the wireless Guest network. Currently, we create temp employee account for the Guests in our AD and using a separate captive portal for the Guest login. For the group Guests (e.g. external event), we allow them to share the same guest account. However, we found that it’s not easy to manage and track the temp wireless guest accounts. Could you please share how your institute setup and manage the wireless guest network and the accounts? Thank you, and have a good afternoon. Yours, Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664<tel:%28514%29848-2424%20ext.%207664> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Tony Skalski Systems Administrator a...@stolaf.edu<mailto:a...@stolaf.edu> 507-786-3227 St. Olaf College Information Technology 1510 St. Olaf Avenue Northfield, MN55057-1097 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] About the Guest wireless network and account
We use PacketFence as well; while faculty, staff, and student accounts are tied to AD, guest accounts reside only in packetfence. What is nice for us is accounts can have limited time frames and limited expirations to help prevent abuse. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Max McGrath Sent: Thursday, September 8, 2016 1:09 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] About the Guest wireless network and account We use PacketFence (https://packetfence.org/) as our NAC. It has built-in guest functionality and works fairly well. Guests can register either via SMS or email. Max -- Max McGrath [https://static.licdn.com/scds/common/u/img/webpromo/btn_profile_greytxt_80x15.png] <https://www.linkedin.com/pub/max-mcgrath/1b/3a6/a21> Network Administrator Carthage College 262-552-5512 mmcgr...@carthage.edu<mailto:mmcgr...@carthage.edu> On Thu, Sep 8, 2016 at 1:01 PM, Linchuan Yang <linchuan.y...@concordia.ca<mailto:linchuan.y...@concordia.ca>> wrote: Dear All We are doing research for the wireless Guest network. Currently, we create temp employee account for the Guests in our AD and using a separate captive portal for the Guest login. For the group Guests (e.g. external event), we allow them to share the same guest account. However, we found that it’s not easy to manage and track the temp wireless guest accounts. Could you please share how your institute setup and manage the wireless guest network and the accounts? Thank you, and have a good afternoon. Yours, Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664<tel:%28514%29848-2424%20ext.%207664> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Camouflaging AP's
What about a vinyl wrap, similar to this: https://www.amazon.com/Black-Matte-Vinyl-Release-3MIL-VViViD8/dp/B00L9JAS80 Get it in a wood pattern to match a wood ceiling or a different color to better blend in. May be how they did the Cisco that Alan posted. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Samuel Clements Sent: Wednesday, September 7, 2016 11:18 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Camouflaging AP's Using external antenna model of APs and painting the antennas in approved fashions is usually workable as well. You pay more, but don't we all pay extra to mitigate aesthetics concerns? :) -Sam On Wed, Sep 7, 2016 at 10:59 AM, Bob Brown <bbr...@nww.com<mailto:bbr...@nww.com>> wrote: I feel like I’ve seen a collection of clever/crazy camouflages on Reddit or a site like that, but not able to put my finger on it right now Bob Brown Online Executive Editor, News T: 508.766.5418 LinkedIn<http://www.linkedin.com/in/bobbrownboston> | Twitter: @alphadoggs<https://twitter.com/alphadoggs> | Facebook profile<https://www.facebook.com/NetworkWorld> | Instagram<http://instagram.com/nwwinstagram> NETWORK WORLD 492 Old Connecticut Path | PO Box 9002 | Framingham, MA 01701-9002 NetworkWorld.com<http://www.networkworld.com> | idgenterprise.com<http://idgenterprise.com/> media kit | Conferences & Events<http://events.networkworld.com> From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Brian Williams <bwilli...@gsu.edu<mailto:bwilli...@gsu.edu>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Wednesday, September 7, 2016 at 11:58 AM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Camouflaging AP's We ran into the same issue when our new law school building was built. They paid a lot of money for ornate ceilings in the moot courtrooms and thought the exposed access points were an eye sore. Aruba sells covers for the AP200 series that are designed to be painted (obviously you should avoid lead based or metallic based paints). We only had to use them in a few areas but it made the customer happy. http://community.arubanetworks.com/t5/Wireless-Access/AP-215-CVR-20-picture/td-p/222463 Brian D Williams Georgia State University | II - Network Engineering | bwilli...@gsu.edu<mailto:bwilli...@gsu.edu> | innovation.gsu.edu<http://innovation.gsu.edu> From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Brian Helman <bhel...@salemstate.edu<mailto:bhel...@salemstate.edu>> Sent: Wednesday, September 7, 2016 11:47 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Camouflaging AP's Aside from enclosures, how are people hiding their AP’s in areas where aesthetics are very important? As we bring up new buildings or renovate old ones, the typical response from architects to hanging an AP in plain sight is .. you want hang that where!? My current situation is a renovated theatre. The ceilings will be greyed out, so placing a glossy white Aruba AP on there could be an issue. The ceiling is high (accessible via catwalk), so I’m not ruling out something as low-rent as black gaffer’s tape, or possibly grey contact paper, but I thought I’d throw the question out to the group as I may have units on side-walls that I’ll need to somehow mask. BTW, loving the tongue-and-cheek answers to recent posts. It would appear we are all a bit punchy at the start of the new academic year! -Brian Brian Helman, M.Ed | Director, ITS/Networking Services | •: 978.542.7272 Salem State University, 352 Lafayette St., Salem Massachusetts 01970 GPS: 42.502129, -70.894779 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.educause.edu%2fgroups%2f=01%7c01%7cbwilliams%40GSU.EDU%7c8d94739df1564565d02708d3d736d026%7c515ad73d8d5e4169895c9789dc742a70%7c0=CbA8Q1Ms7P6EnfhNrlYN0BLxzgByCqsr3hMGMlTnwLk%3d>. ** Participation and subscription information for this EDUCAUSE Constituent Group di
RE: [WIRELESS-LAN] Disabling LEDs on APs
Well you are one Bad-man *ba-dum-tish* Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, September 6, 2016 10:32 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Disabling LEDs on APs I use my x-ray vision to see what the innards are doing, and if I don’t like what I’m seeing I melt it with my heat vision. Then I carve a new one, on the spot- out of driftwood. I’m pretty much the whole package. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of GT Hill Sent: Tuesday, September 06, 2016 11:26 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Disabling LEDs on APs Here’s an AWESOME idea (if I do say so myself). Vendors could put an infrared status light in their APs. Of course not visible to the naked eye BUT, if you get an older phone etc, it will see IR lights (many newer phones have IR filters). Point your phone camera to the IR source and you’ll see the blinking lights. Mic drop. GT From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of James Helzerman <jarh...@umich.edu<mailto:jarh...@umich.edu>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Tuesday, September 6, 2016 at 10:13 AM To: <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Disabling LEDs on APs We disable all the LEDs in residence halls on our Cisco APs. It hasnet caused us much of a problem troubleshooting, you have the ability flash or turn on individual lights if needed in case you have to identify an AP. -Jimmy University of Michigan On Tue, Sep 6, 2016 at 10:03 AM, Julian Y Koh <kohs...@northwestern.edu<mailto:kohs...@northwestern.edu>> wrote: On Tue Sep 06 2016 08:57:08 CDT, Lee H Badman <lhbad...@syr.edu<mailto:lhbad...@syr.edu>> wrote: > > First-world problems… Curious if others have gone down this road in Residence > Halls. We’re not really being asked to, but are considering wholesale > disabling LEDs on our Cisco APs in the dorms as a quality of life step. Has > this caused anyone any pain when it comes to not being able to see the colors > on the AP as status indication? Have you actually had requests to disable the > LEDs? Overall experience with accommodating or denying the request? > I can't remember the exact sequence of how all the conversations went, but when we did a redesign to start moving the APs into the residence hall rooms, we turned off the lights on those units. I think we got a couple of reports where residents were wondering if the APs were working, but overall not a big deal. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- James Helzerman Wireless Network Engineer University of Michigan - ITS Communications Systems and Data Centers Phone: 734-615-9541 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Servers on Guest Networks
I have a couple of concerns with solutions like that. Why special treatment for Xboxes? Or would this be open to anything a student wanted to place on there? And are you setting up unrealistic expectations of workarounds for anything that doesn't play nice on the network? Maybe it boils down to fairness to me - spend time and energy (and IP space) for a subset of our students. Is that fair? I don't know, but it's something to think about. Thomas Carter Network & Operations Manager Austin College -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Wednesday, June 8, 2016 4:46 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Servers on Guest Networks We are looking at giving users the option to use a wide-open ESSID for their Xboxes. The user would register the MAC, and we would put them into a wide-open-inbound area with public addresses, for the best experience. But we would limit some outgoing stuff (Google, our LMS, etc.) to try to nudge people toward eduroam (our 802.1X solution). None of this is in production but it's the direction I think we are leaning when we discontinue our legacy PSK ESSIDs. -- Hunter Fuller Network Engineer VBRH Annex B-1 +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure On Tue, Jun 7, 2016 at 6:34 PM, Curtis K. Larsen <curtis.k.lar...@utah.edu> wrote: > Hello, > > We're looking at a default deny inbound and possibly opening ports as > required later on the guest wireless network. If you have already done this > I am curious to know what you and your user community defined as being > required on the guest network. > > I think primary drivers might include devices that are not capable of > WPA2-Enterprise *and* needing to run a service. Google cloud printers come > to mind, someone also mentioned multi-player Xbox? Do you have other > examples or use cases for allowing services like http/https from the internet > to your guest wireless network? If so, please share. > > Thanks, > > Curtis > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] One more round- finer point on Open Networks in Dorm
Can you explain why you made the switch? Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John Rodkey Sent: Friday, May 13, 2016 1:45 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] One more round- finer point on Open Networks in Dorm Westmont was wide open and is now non-open in the dorms. There are selected placed on campus and selected times on campus when wireless is opened up. John On Fri, May 13, 2016 at 8:50 AM, Brian Helman <bhel...@salemstate.edu<mailto:bhel...@salemstate.edu>> wrote: Lee, I posed this question back at NERCOMP. You may want to also know the answer to “who has done this and switched back to a non-open environment?”. -Brian From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of Lee H Badman Sent: Friday, May 13, 2016 9:02 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] One more round- finer point on Open Networks in Dorm I asked this back in February, and would like to go one more round with some specifics applied. Direct response off-list is OK if you prefer. Let me ask it two ways: • Who runs a wide-open WLAN in their dorms? I’m talking no encryption, no portal, no nothing. Just get on and go, baby. • Same question, but with simple PSK/WPA2 added. No ISE, no Clearpass, no MAC registrations. For those doing this, do you rate-limit? Restrict access only to Internet? Block WLAN clients from directly reaching each other? Any other restrictions/policy configs applied? Thanks, Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] WLAN planning strategy for new buildings?
We did this a couple of years ago - we shipped CAD drawings of the building being built to our vendor with info about construction materials, room use, etc. They gave us back a detailed layout of APs. Once installed, they came back and did 2 surveys - one with the building empty and one later with the building under normal use. This was all part of the bid for wireless for the building. I will say the initial design was pretty accurate; we had to make minor changes because we forgot to include ceiling information, and some were moved from hard ceiling locations to dropped ceiling locations for easier use. Doing this earlier in the project allowed the cabling for wireless APs to be included in the network cabling bid so there already was a cable (with a generous service loop) in the ceiling when we were ready for installation. The vendor also pre-configured the APs on our controllers prior to installation for smoother install. This allowed us to do the mounting of APs ourselves; two people put up 65 APs in about a day and a half and all were working correctly when they were done. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Eriks Rugelis Sent: Wednesday, April 13, 2016 9:12 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLAN planning strategy for new buildings? I would like to hear opinions from this community about how to approach WLAN planning for new construction projects. We are in the midst of a constructing a series of new buildings and I am not pleased with the early results. 1. Do you take a stab at a best-guess predictive survey from construction drawings (AutoCAD) and then do post-build survey and adjustments? (Can result in sub-optimal initial deployment requiring re-work. How do you estimate the re-work cost?) 2. Do you wait until the new building is standing to create a post-build survey and deployment? (Can be costly in terms of implementation budget as well as elapsed time to running service.) FWIW, we have several years of internal experience with Ekahau Site Survey for predictive surveys. However, our ESS-literate staff resources are spread very thin. So far, we have had trouble identifying competent contractors to hire for creation predictive surveys on our behalf. It seems most of them do not understand high-density client workloads such as are found in typical university buildings. Worse, some do not really understand Wi-Fi at all. 3. If you use ESS: a) Can you describe your experience with making use of its auto-import feature for reading AutoCAD files? b) Can you describe your experience/success with obtaining AutoCAD models (from your facilities dept.) which classify building materials into unique layers to ease auto-import by ESS? The latest Big Think in the construction industry is BIM (Building Information Modeling.) Our Facilities Development department has adopted AutoDesk's Revit tool for creating/managing BIM for new buildings. While Revit has an export function to create AutoCAD .dwg files, there is a terrifying degree of flexibility in how this export can be done. 4. Do you have any experience in creating AutoCAD exports from Revit BIM which are suitable for import by Ekahau Site Survey? Thanks in advance for your input. Eriks "In God we trust; all others must bring data." - attributed to W. Edwards Deming --- Eriks Rugelis | Manager, Network Development | University Information Technology 010 Steacie Science and Engineering Library | York University | 4700 Keele St. , Toronto ON Canada M3J 1P3 T: +1.416.736.5756 | F: +1.416.736.5830 | er...@yorku.ca<mailto:er...@yorku.ca> | www.yorku.ca<http://www.yorku.ca/> York UIT will NEVER send unsolicited requests for passwords or other personal information via email. Messages requesting such information are fraudulent and should be deleted.<http://www.yorku.ca/> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Turning off 2.4 on a select SSID?
We’re a fairly small campus, but we have almost a 50/50 split: na – 34% ng – 24% a - 22% g – 20% so that gives 56% on 5GHz and 44% on 2.4GHz. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, April 7, 2016 8:24 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? I guess this brings up another good question, and that is, what is the percentage of 5GHz vs 2.4GHz you all see in your institutions? For us is still 50-50. And it’s been like that for a while. I still see new laptops that only come with 2.4GHz adapters. I would love to start turning off 2.4GHz in some areas of our campus, but I don’t think that’s an option for us at the moment. [cid:image001.png@01D190AE.46186C50] Hector Rios Louisiana State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Perry Correll Sent: Thursday, April 07, 2016 7:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Chris, Not ‘chuckling’, just smiling as we are actually glad to see other vendors supporting this capability. Today we are seeing 70, 80, 90, even up to 95% clients supporting 5Ghz capabilities and the advancement of SDR capabilities enables IT administrators to more efficiently and effectively address this evolution. However Wi-Fi in the 2.4Ghz spectrum isn’t going away anytime soon either Best Regards, Perry Perry Correll | Xirrus Principal Technologist o: 805 376 5437 | m: 321 505 7726 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chris Adams (IT) Sent: Thursday, April 07, 2016 8:31 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Kees, I think your skepticism is well founded. We have many locations with multiple 5ghz radios in the same room, but multiple 5ghz on the same device will be a more “uncharted” territory for our deployment. I am in the process of getting a few AP250 to throw into a few of our smaller auditoriums, which should be a good test of their performance. I do believe that the channel width may be a differentiator in how well the deployment works – we are using 20mhz in most locations, which eliminates many of the spectrum and channel availability issues found with 40mhz+ channel widths. PS: I’m sure some of the Xirrus guys are chuckling at this conversation as Xirrus has been well known for having large SDR arrays for many years now ☺ Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kees Pronk Sent: Thursday, April 7, 2016 7:45 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Hi Chris, “you could in theory double the airtime available” I would be interested in your actual experience with this. Now that a few vendors have taken this approach and others stay away from this. Arguments in favor of 5/5 you will find these abundant on the vendors marketing pages, but how about : Extra COGS (band pass filters etc), extra complexity with your channels plans (need a lot of separation between the 5/5 radios), you must enable DFS channels on every AP but what about false positive radar detects? What about the 2 radio’s ‘deafening’ each other while trying so send/receive at the same time. Please keep us posted and maybe others testing with this 1. Innovation 2. Marketing gimmick (pick one ;-) Best regards, Kees Van: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] Namens Larry Dougher Verzonden: donderdag 7 april 2016 03:11 Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Onderwerp: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Thanks Chris! Larry Dougher Chief Information Officer Information Technology Services<http://its.wsesu.net> Windsor Southeast Supervisory Union<http://wsesu.net> 127 State Street, Windsor, VT 05089 Email<mailto:ldoug...@wsesu.net> | Google+<http://goo.gl/gEAdt> | Twitter<http://twitter.com/larrydougher> | LinkedIn<http://www.linkedin.com/in/larrydougher> | 802.674.8336 On Wed, Apr 6, 2016 at 2:45 PM, Chris Adams (IT) <chris.ad...@ung.edu<mailto:chris.ad...@ung.edu>> wrote: Larry, We have deployed 802.11ac WAPs in many l
RE: [WIRELESS-LAN] backhaul wifi comparison/suggestions
I use the ENH500 (http://www.amazon.com/EnGenius-Technologies-Wireless-Bridge-ENH500/dp/B006M1PM22); I’m not sure of the difference between the ENH500 and ENS500, but this has been extremely reliable to run across a 4 lane street that we have no wiring across. We’ve had this solution in place for 2 ½ years or so. It’s been dead reliable for the past 1 ½ years (earlier firmware would occasionally lock up). If you want reliability, run 2 pair as an LAG between switches at each end. One thing to note, it uses 24v non-standard “PoE”. It comes with an injector, but I found a 48v->24v converter that sits between this and a standard PoE port. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Coehoorn, Joel Sent: Tuesday, April 5, 2016 4:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] backhaul wifi comparison/suggestions I've used Engenius bridges in that scenario. Just $70 each, no licensing: http://www.amazon.com/EnGenius-Technologies-Wireless-Bridge-ENS500/dp/B00BOVOM0S/ [http://www.york.edu/Portals/0/Images/Logo/YorkCollegeLogoSmall.jpg] Joel Coehoorn Director of Information Technology 402.363.5603 jcoeho...@york.edu<mailto:jcoeho...@york.edu> The mission of York College is to transform lives through Christ-centered education and to equip students for lifelong service to God, family, and society On Tue, Apr 5, 2016 at 4:52 PM, John Rodkey <rod...@westmont.edu<mailto:rod...@westmont.edu>> wrote: That's what I've got in place now, but it also costs because of the yearly license fees. It hasn't been 100% reliable, either (interference on 2.4MHz, I'm pretty sure), so going 5 is desirable. John On Tue, Apr 5, 2016 at 2:42 PM, Ian McDonald <i...@st-andrews.ac.uk<mailto:i...@st-andrews.ac.uk>> wrote: A pair of (cisco) access points from your scrap pile in bridge mode? 100% inexpensive ☺ -- ian From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of John Rodkey Sent: 05 April 2016 22:36 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] backhaul wifi comparison/suggestions I have need for a fairly inexpensive, low bandwidth (10Mbps), short distance (<200 ft) point to point wireless connection . I am aware of the Cambrium ePMP 1000 and Ubiquiti nano. Would anyone like to compare these items or propose other good solutions to this type of situation? John ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: NERCOMP Conference -- Wireless-LAN/NETMAN session summary
I wonder if Cisco is propped up by the corporate enterprise market. I came from a company using Cisco wired switches and had a handful of Cisco wireless APs around (conference rooms, etc). The corporate wireless environment is, as you can imagine, vastly different from the higher ed wireless environment. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Thursday, March 31, 2016 7:15 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] NERCOMP Conference -- Wireless-LAN/NETMAN session summary “While Aruba is #2, their market share and installed base is but a tiny fraction of Cisco’s,…” Here is an interesting counterpoint. There is a Wi-Fi vendor straw poll on this list. Current results list Aruba at 36% (59 votes) and Cisco at 35% (57 votes). To me, at least, that does not look like a distant second. Bruce Osborne Wireless Engineer IT Network Services - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Jeffrey D. Sessler [mailto:j...@scrippscollege.edu] Sent: Wednesday, March 30, 2016 11:46 AM Subject: Re: NERCOMP Conference -- Wireless-LAN/NETMAN session summary Bruce, so it stands to reason that the conversation here is going to be predominantly Cisco. If you are a customer of the #1 vendor you’ll likely be more open to discussing the pain points given management is unlikely to be concerned. If you have something else, then it may call into question the decision to go that direction. Right or wrong, that’s just how it sees to work. So sure, I don’t see Aruba customers debating their pain points here, but I do see Aruba cheerleading – especially from you. I’m in a fortunate position of having both in my consortium, and the Aruba folk have had to deal with a number of show stopping bugs over the years. So It’s not unique to Cisco, but the Cisco people seem more open to sharing – which to me is a good thing. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "bosbo...@liberty.edu<mailto:bosbo...@liberty.edu>" <bosbo...@liberty.edu<mailto:bosbo...@liberty.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Wednesday, March 30, 2016 at 4:35 AM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] NERCOMP Conference -- Wireless-LAN/NETMAN session summary Brian, Thank you for offending Lee. This is a WLAN list, not a *Cisco* WLAN list. Although there are many Aruba customers here, you do not see us debating the latest bugs, etc. Perhaps that is a compliment to Aruba’s Engineering & TAC Support teams. Bruce Osborne Wireless Engineer IT Network Services - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Brian Helman [mailto:bhel...@salemstate.edu] Sent: Tuesday, March 29, 2016 2:46 PM Subject: NERCOMP Conference -- Wireless-LAN/NETMAN session summary (cross-posted to NETMAN group) As promised, here is a summary of the combined Wireless-LAN/NETMAN session from the NERCOMP Conference last week. In preparation for these sessions, I review the hot topics (based purely on number of comments) from the listservs that occurred over the previous year. I keep a running PowerPoint on these topics (1 slide per year). I’m happy to post that PowerPoint, if there is a good place to do it. I believe DropBox has a bandwidth cap, so I’d prefer not to distribute that way. Also, I tend to avoid vendor-specific topics .. so you won’t see the billions of discussions on Cisco WAPs (sorry Lee). This year I tried to mix up the conversation a bit and gave a quick (10 minute) demonstration of the JDSU OLP-820p fiber scope/power meter. In the session I said I thought it was around $7,000 (give or take). I see it on Amazon for $5,132. While I don’t want to recommend specific products, I would recommend acquiring this unit or another that performs the same core functions. When I demo’d my JDSU with an old multimode ST connection we recently replaced, the comment “you still had light passing through that!?” says a lot. Overall, the session went well. There were 17 people (a good number for a small conference!) from 15 different institutions. Hot topics: · NAC just doesn’t want to go away. · There are still a large number of people who don’t know th
RE: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?
This may be getting a bit off topic for the wireless discussion, but we use the "Security Risk" category of web filtering on our Fortigate firewall (http://www.fortiguard.com/webfilter). It works very well; it even alerted a faculty member to a hijack of their personal web site when they couldn't access it from campus and got the "malicious site" warning from our firewall. Thomas Carter Network & Operations Manager Austin College -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dale W. Carder Sent: Tuesday, March 1, 2016 12:43 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Thus spake Lee H Badman (lhbad...@syr.edu) on Tue, Mar 01, 2016 at 06:19:55PM +: > Interesting discussion- so on the free and open WLAN, do you send them off to > only the Internet, and deny important apps on campus? Do you require VPN or > 2-factor for bursar account access etc from that network? We do block things that I would characterize as ddos amplification vectors, and we block inbound SYN so discourage (unintentional) servers. We have started to look into some filtering capabilities on a firewall where there is some sort of blacklist for known malware sites (I am highly skeptical of such things, but if we can do it for low cost and provide a high value to our users, so be it). VPN is pretty much not used in the general case. Security is handled at the application layer. Your IP address is not an authorization token, and none of the few hundred virtual firewalls we run blindly allow much of anything through be it from wireless or from dept 'a' to dept 'b'. Dale > -Original Message- > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dale W. > Carder > Sent: Tuesday, March 01, 2016 1:06 PM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the > headaches? > > There are of course lots of vendors selling lots of products to solve > lots of "problems". > > I will also echo everything that Jeff has said below. We read what > our requirements were and the educause community at the time was quite > active on this front, leading to the excellent summary on their site. > > So, yes, we operate one of these big open wireless love fests. ;-) > > Dale > > Thus spake Lee H Badman (lhbad...@syr.edu) on Tue, Mar 01, 2016 at 05:45:18PM > +: > > So... you open up a big wireless free love ranch, and let everything and > > everything on. How to keep 10K users off of each others devices? I'm not > > poo-pooing, just asking! > > > > > > -Lee > > > > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > > <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Jeffrey D. Sessler > > <j...@scrippscollege.edu> > > Sent: Tuesday, March 1, 2016 12:37 PM > > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > > Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the > > headaches? > > > > I think your legal needs to revisit their position. There are a number of > > great articles about the EDU requirements of DMCA. A university is every > > bit the ISP, and in fact, there is no legal obligation under the DMCA for > > student enforcement as you are but the transit for their data. Most all > > campuses use it as a teaching moment, but it’s not a requirement. You also > > have no obligation to identify someone – If you rotate logs every 15 days > > and the request comes in on the 16th day, you can respond that you have no > > data. This is also no obligation to match an IP with a person. > > > > Jeff > > > > From: > > "wireless-lan@listserv.educause.edu<mailto:wireless-...@listserv.edu > > cause.edu>" > > <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:wireless-...@listserv.edu > > CAUSE.EDU>> on behalf of Mike Cunningham > > <mike.cunning...@pct.edu<mailto:mike.cunning...@pct.edu>> > > Reply-To: > > "wireless-lan@listserv.educause.edu<mailto:wireless-...@listserv.edu > > cause.edu>" > > <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:wireless-...@listserv.edu > > CAUSE.EDU>> > > Date: Tuesday, March 1, 2016 at 9:31 AM > > To: > > "wireless-lan@listserv.educause.edu<mailto:wireless-...@listserv.edu > > cause.edu>" > > <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:wireless-...@listserv
RE: Self-registered MAC device bypass- worth the headaches?
I meant on a label on the device itself. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Tuesday, March 1, 2016 11:58 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Who keeps the original boxes? Bruce Osborne Wireless Engineer IT Network Services - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Thomas Carter [mailto:tcar...@austincollege.edu] Sent: Tuesday, March 1, 2016 10:01 AM Subject: Re: Self-registered MAC device bypass- worth the headaches? This is something we struggle with, especially being a small school. Keeping up with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A big thank you to product designers who put the MAC on a label on the outside. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, March 1, 2016 8:12 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Hi Everyone, Not looking for a lot of input on all of the things you CAN do- just asking a focused question for those that are doing it. We're piloting the ability for students to self-register games, TVs, Roku, etc. but am astounded at how hard some devices are to find MAC addresses for from the user side. Amazon Echo is notorious, also fighting with a Roku 2. No labels, not easy to find in menu. Sure, you can find all of this on APs, but that isn't "self-service" for self-registration. Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE can fingerprint, but I'm finding that's far from accurate at times, and again- doesn't help with "register YOUR device by MAC" for users that can't see what network admins use. -Lee Badman Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?
Not really. That why I qualified it as a small school perspective. The on-boarding cost is mostly inconvenience for users and some help desk time. Unfortunately, that can’t be translated into dollars that can be shifted to bandwidth. And we currently use free, open source solutions for wireless (PacketFence). Additionally, there is the legal obligation, and there is the internal requirement. If “Something Happens”, we may be asked to track down student/faculty/staff doing “Something.” It’s not required by law, but there would be reluctance from leadership to lose that ability. For example, (I have not had this come up yet here) in my past life in the corporate world, I was asked to trace down someone sharing insider information as part of an SEC investigation into insider trading. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Tuesday, March 1, 2016 11:46 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? If you get rid of the cost of on-boarding or all the other barriers to getting someone on WiFi, then could you put that money into more bandwidth? DMCA – Read this, it’s enlightening as to the real obligations e.g. That you don’t have to know who is responsible for a particular device. http://www.educause.edu/focus-areas-and-initiatives/policy-and-security/educause-policy/issues-and-positions/intellectual-property/dmca-faq Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Thomas Carter <tcar...@austincollege.edu<mailto:tcar...@austincollege.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Tuesday, March 1, 2016 at 8:59 AM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? From the perspective of a small school: · Bandwidth; we barely have enough as it is. Should I pay more for more bandwidth for a marginal amount of simplicity? · We do not have free wifi in our library. We do have a guest account process, but that is generally limited to someone with campus business. The general public doesn’t get access. As a side note, Sr. Leadership does not want free wifi. From a campus security perspective, do you want something to attract the public at large to come spend time in campus buildings? · As a small school, I don’t want to have to fight a DMCA battle with the MPAA/RIAA. Right now we theoretically know who is responsible for a particular device. · I don’t think free wifi is a good comparison – the service is usually mediocre to pathetic at most places I go. They just accept that it’s worth what they paid for it. Our students have an expectation of better performance in their dorm room than using free wifi in McDonalds. · “Would the resident prefer a weaker signal from our WAPs over their local WiFi?” Yes, because they would realize they can cancel their internet service and prefer our weaker signal over a bill from the cable company. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Tuesday, March 1, 2016 10:38 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? I struggle with this all the time, and I have a distinct feeling that we’ve got it wrong. Who made the decision to limit the campus WiFi to the campus community only? That’s really a Sr. Leadership question and not IT, and would it simplify the operation of the network if it was more open? Is potential free guest access for the surrounding neighborhoods a terrible idea? We allow community use of our Library, and they get free WiFi when visiting, so is it that much of a stretch? Why do we care if smart devices aren’t using a secure network? Sure, you can desire that state for say a college-owned device, but if everyone in the world is OK with Starbucks free WiFi, Hotel/Convention WiFi, etc. will enforcement within one ecosystem impact the overall safety of the device? Does it have an impact on the safety of the WAN? We’re surrounded by residential, and we’re asking the same q
RE: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?
My biggest issue is to avoid being the ISP for the neighborhood around the school and a place where everyone comes and camps at the library or student center for free wifi. If it’s as simple as a PSK, that will get out to the community at large Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Tuesday, March 1, 2016 10:03 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Playing devils advocate, I have to ask the opposite, which is why put up a barrier in the first place to the student on-boarding their device(s)? Is there sufficient history to suggest that having to register/on-board the device has a positive impact on the operation of the network? Should the goal be to have the experience be as close to what they had at home? I continue to focus on BYOD and IoT, where implementing something like PPSK (personal pre-shared key) is probably “good enough.” I imagine a state where the student gets their key via the student portal and then uses it for all of their devices. Jeff From: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "lhbad...@syr.edu<mailto:lhbad...@syr.edu>" <lhbad...@syr.edu<mailto:lhbad...@syr.edu>> Reply-To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Tuesday, March 1, 2016 at 6:11 AM To: "wireless-lan@listserv.educause.edu<mailto:wireless-lan@listserv.educause.edu>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Hi Everyone, Not looking for a lot of input on all of the things you CAN do- just asking a focused question for those that are doing it. We're piloting the ability for students to self-register games, TVs, Roku, etc. but am astounded at how hard some devices are to find MAC addresses for from the user side. Amazon Echo is notorious, also fighting with a Roku 2. No labels, not easy to find in menu. Sure, you can find all of this on APs, but that isn't "self-service" for self-registration. Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE can fingerprint, but I'm finding that's far from accurate at times, and again- doesn't help with "register YOUR device by MAC" for users that can't see what network admins use. -Lee Badman Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Self-registered MAC device bypass- worth the headaches?
Yep, but it feels like we're always playing catch up. Especially in spring after everyone brings back their latest Christmas gift. BTW, the instructions for the Echo are "contact Amazon support and they will email you the MAC". Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew Sent: Tuesday, March 1, 2016 9:22 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Our helpdesk folks sat down and wrote up documents on how to find the MAC addresses for as many devices as they could. We haven't done any instructions for the Amazon Echoes yet. We hit the most common devices and are waiting to see what tickets we get for devices that we missed so we can build them into our registration page. Our registration page was written in-house and the developers set it up to display the instructions for finding the MAC address, including screen shots, based on the device that you selected in the drop down. Respectfully, Matt From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Tuesday, March 1, 2016 10:01 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? This is something we struggle with, especially being a small school. Keeping up with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A big thank you to product designers who put the MAC on a label on the outside. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, March 1, 2016 8:12 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Hi Everyone, Not looking for a lot of input on all of the things you CAN do- just asking a focused question for those that are doing it. We're piloting the ability for students to self-register games, TVs, Roku, etc. but am astounded at how hard some devices are to find MAC addresses for from the user side. Amazon Echo is notorious, also fighting with a Roku 2. No labels, not easy to find in menu. Sure, you can find all of this on APs, but that isn't "self-service" for self-registration. Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE can fingerprint, but I'm finding that's far from accurate at times, and again- doesn't help with "register YOUR device by MAC" for users that can't see what network admins use. -Lee Badman Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Self-registered MAC device bypass- worth the headaches?
This is something we struggle with, especially being a small school. Keeping up with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A big thank you to product designers who put the MAC on a label on the outside. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, March 1, 2016 8:12 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Hi Everyone, Not looking for a lot of input on all of the things you CAN do- just asking a focused question for those that are doing it. We're piloting the ability for students to self-register games, TVs, Roku, etc. but am astounded at how hard some devices are to find MAC addresses for from the user side. Amazon Echo is notorious, also fighting with a Roku 2. No labels, not easy to find in menu. Sure, you can find all of this on APs, but that isn't "self-service" for self-registration. Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE can fingerprint, but I'm finding that's far from accurate at times, and again- doesn't help with "register YOUR device by MAC" for users that can't see what network admins use. -Lee Badman Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Rogue AP's
Any type of over-the-air containment risks the wrath of the FCC. In light of
recent rulings and fines, I’m not risking any manipulation on the airwaves;
whether it’s deauths or jamming or whatever. We take care of it at a purely
wired level (disable the port the APs/routers are connected to). As others
mentioned printers/Roku/PS4s, etc are still an issue, but we try our best at
the beginning of every semester to quash as many as possible (Fall – incoming
freshmen, spring – new Christmas presents). We also use communication and
social pressure to help with the issue. We’ve even had issues resolved without
our input – dorm residents see an “unapproved” SSID, find out who has it, and
utilize RAs, etc to get it removed.
Thomas Carter
Network & Operations Manager
Austin College
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John
Sent: Friday, February 26, 2016 9:50 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Rogue AP's
We are a Cisco shop that uses the Airwave AMPs for management. We let the AMPs
contain the rogues. It works reasonably well and certainly beats trying to it
do it manually on the controllers. Right now we are seeing 2,279 rogues on our
campus with the biggest category being HP printers.
We do have a policy that tells folks not to do this. But, there is really no
penalty to them for ignoring the policy.
On a related note our legal folks are considering whether to let us continue to
try to contain rogues on campus. Has any other campus been told not to do rogue
containment?
-jcw
[UA Logo]
John Watters The University of Alabama
Office of Information Technology
205-348-3992
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Tyler
Sent: Friday, February 26, 2016 8:40 AM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [WIRELESS-LAN] Rogue AP's
Wireless managers, {cross referenced with NETMAN}
I am wondering if anyone has found an automatic way to block rogue AP’s on your
network. I know I can get a report from Airwave on rogue AP’s, but it seems
like it would be time consuming to go after each of them individually. I am
curious how some of you handle this. Do you have a method for blocking them?
Also, there are other products beginning to broadcast their own ssid as well
including printers, connectify, etc. How do you handle them? Do you even
have policy restricting those from your network?
Tim Tyler
Network Engineer
Beloit College
** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
RE: Naming conventions for WLAN devices
We do something similar to what you are thinking of. With a smaller campus, we have an IT standard 3-letter naming convention for all buildings (e.g. LIB might mean library, etc). This is used across IT for naming (printers, switches, APs, etc). Then, like you, room number and an optional location description (more later) for multiples in one room. Our room numbers always denote floor, so floor number is redundant. And a majority of APs are the only one in a room, so we leave off the optional location for those. So in your case, the ap might be BSD101. If there are multiple in one larger room, we use compass directions, so the one on the south side of the room would be BSD101S and the north side BSD101N (we have a couple of SW / NE / etc). We also don't care to have the function in the name. When dealing with names, we generally already have narrowed the function - for example, AP id BSD101 has failed and needs to be replaced. We haven't had a problem with confusing an AP with a similarly named switch or PC or printer. YMMV. Maybe it's my aging brain, but the short names are easier to remember, work with, and communicate. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Norman Chu Sent: Tuesday, February 2, 2016 11:38 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Naming conventions for WLAN devices We're looking for ideas to improve our current naming convention for network devices. For an access point, it currently consists of: --ap e.g. burnside-1-ap24 For controllers, we use: wireless--wmc e.g. wireless-local1-wmc (wmc = wireless mobility controller) For access points, we're thinking of adding location info instead of the arbitrary number, so something like: burnside-1-ap101a where 101a is the first AP in room 101 (101b would be the second AP, etc.) Switches: burnside-sw1, burnside-sw2 UPS's: burnside-ups-1, burnside-ups2-1 PoE midspans: burnside-poe-1, burnside-poe2-1 What do other organizations use for naming conventions for their network devices? Thanks. Norman Chu Network Analyst - Network Infrastructure group Systems Engineering - McGill NCS (514) 398-7299 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Purpose-Built Wireless Coverage in Stairwells and Elevators
Our newest building, completed in 2013, has network drops in the stairwells, but a good fireproof caulking to seal the cabling seemed to satisfy the inspection. If you think about it, there are power cables for lights, low voltage cabling for fire alarms, etc in stairwells; why would an additional cat6 cable be special? However, we did not actually place APs in the stairwells as we don't want to encourage them as a place for congregation - i.e. a student sitting on the stairs surfing the web. Realistically, is an always/everywhere connectivity too high of an expectation? I know of no phones in any stairwells on campus; where buildings drastically unsafe before people had cellphones? Just some of the things we considered. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Manon Lessard Sent: Wednesday, November 18, 2015 10:36 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators Hi group! Back when we initially deployed I had discussions with the building guys, esp. the Elevator team. Back then, our main goal was seamless voice over wifi. I was told that it was (at least in my province and country, Quebec, Canada) against Safety Code IV to put any such device in the "elevator pit" or on the cab itself. As for the stairwells, apparently it was also against code since they must provide some fireproof barrier. Back then, mesh wasn't something considered so we took the best effort approach. I'd be curious to see, either in the US or Canada, if it is allowed now. My info on the matter dates back 5+ years... Looking fordward to the replies, it's a very interesting question! Manon Lessard Technicienne en développement de systèmes CCNP Direction des technologies de l'information Pavillon Louis-Jacques-Casault 1055, avenue du Séminaire Bureau 0403 Université Laval, Québec (Québec) G1V 0A6, Canada 418 656-2131, poste 12853 Télécopieur : 418 656-7305 manon.less...@dti.ulaval.ca<mailto:manon.less...@dti.ulaval.ca> www.dti.ulaval.ca<http://www.dti.ulaval.ca/> Avis relatif à la confidentialité | Notice of Confidentiality<http://www.rec.ulaval.ca/lce/securite/confidentialite.htm> [Description: Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Description : Logo de l'Université Laval] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sullivan, Don Sent: 18 novembre 2015 11:28 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators It's a really great question just considering new/major re-work. I'm wondering if the elevator manufacturers might start remodeling the elevators to allow for wireless access points in addition to the emergency phones already required. To that point I wonder if it will eventually become part of the local building codes. Don Sullivan Network Administrator 205-726-2111 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, November 18, 2015 10:21 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators Hi Don- I agree on the costs. I'm thinking opportunistically, like where a major re-work or new building might be in work versus retrofit. There's a lot of technical and philosophical points to be considered, for sure. -Lee From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sullivan, Don Sent: Wednesday, November 18, 2015 11:15 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators Lee, Our thoughts and planning on this subject started about the time I read your email. :) I have not given any thought to this before but your email has raised questions as to what we might need to consider going forward. Considering how we would implement something like this in our current buildings/facilities would be a challenge and a potentially costly one. Don Sullivan Network Administrator 205-726-2111 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, November 18, 2015 9:26 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIREL
RE: [WIRELESS-LAN] Desktop projection to classroom display
We have a ClickShare - it works well, but was very pricy. It basically is an AP (luckily it can do 5GHz so interference wasn’t a problem) that talks to the dongles. The benefit is the simplicity for Windows and Mac users; we get no support calls on it. The down side is the cost (4 digits for the device and USB dongles). Thomas Carter Network & Operations Manager Austin College -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh Sent: Tuesday, October 27, 2015 8:27 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Desktop projection to classroom display On Tue Oct 27 2015 07:49:31 CDT, "Ashfield, Matt (NBCC)" <matt.ashfi...@nbcc.ca> wrote: > > We’d like to try and standardize on a technology so we can manage it (ha!). > I’m just wondering if anyone has solved this one yet? We’ve looked briefly > at AirParrot but wondering if anyone else has had any luck in this area. One of our groups just showed up with the Barco ClickShare. I know it's been discussed here in the past a couple of times, but any idea how it compares with some of the other solutions mentioned here already? Just at a first glance I'm not too wild about it since it basically looks like an AP that gets connected to a projector or display. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Desktop projection to classroom display
Look into the BlackBox device I posted earlier (http://www.blackbox.com/Store/Detail.aspx/Wireless-Presentation-System/AVX-HDMI-WI ) - it's suspiciously similar to the AirMedia (we have a handful of those), but about 1/3 to 1/4 the price. We've purchased a couple to trial. Thomas -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Oliver, Jeff Sent: Wednesday, October 28, 2015 8:40 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Desktop projection to classroom display We looked at the barco but it was pricey, we use the crestron air-media which has the added benefit of not needing wifi. It in fact plugs in wired and you simply access it via any network route. Jeff On 2015-10-28, 7:35 AM, "The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf of Thomas Carter" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of tcar...@austincollege.edu> wrote: >We have a ClickShare - it works well, but was very pricy. It basically is an >AP (luckily it can do 5GHz so interference wasn’t a problem) that talks to the >dongles. The benefit is the simplicity for Windows and Mac users; we get no >support calls on it. The down side is the cost (4 digits for the device and >USB dongles). > > >Thomas Carter >Network & Operations Manager >Austin College > > > >-Original Message- >From: The EDUCAUSE Wireless Issues Constituent Group Listserv >[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh >Sent: Tuesday, October 27, 2015 8:27 PM >To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >Subject: Re: [WIRELESS-LAN] Desktop projection to classroom display > >On Tue Oct 27 2015 07:49:31 CDT, "Ashfield, Matt (NBCC)" ><matt.ashfi...@nbcc.ca> wrote: >> >> We’d like to try and standardize on a technology so we can manage it (ha!). >> I’m just wondering if anyone has solved this one yet? We’ve looked briefly >> at AirParrot but wondering if anyone else has had any luck in this area. > >One of our groups just showed up with the Barco ClickShare. I know it's been >discussed here in the past a couple of times, but any idea how it compares >with some of the other solutions mentioned here already? > >Just at a first glance I'm not too wild about it since it basically looks like >an AP that gets connected to a projector or display. > > >-- >Julian Y. Koh >Associate Director, Telecommunications and Network Services Northwestern >Information Technology > >2001 Sheridan Road #G-166 >Evanston, IL 60208 >847-467-5780 >NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public >Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> > > > > > > >** >Participation and subscription information for this EDUCAUSE Constituent Group >discussion list can be found at http://www.educause.edu/groups/. > > >** >Participation and subscription information for this EDUCAUSE Constituent Group >discussion list can be found at http://www.educause.edu/groups/. > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Desktop projection to classroom display
We've been testing these: http://www.blackbox.com/Store/Detail.aspx/Wireless-Presentation-System/AVX-HDMI-WI They are similar to an expensive Crestron device we've successfully trialed in classrooms. The downside is they are not great for video as their refresh rate isn't fast enough for a video framerate. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ashfield, Matt (NBCC) Sent: Tuesday, October 27, 2015 7:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Desktop projection to classroom display Good Morning Like I'm sure most of you have experienced, we are dealing with technology like AppleTVs and Chromecasts showing up in our classrooms and being asked to "make it work". Obviously we run into the roadblocks of those devices not fitting into our network well, or working with certain OS's, not to mention security implications. We'd like to try and standardize on a technology so we can manage it (ha!). I'm just wondering if anyone has solved this one yet? We've looked briefly at AirParrot but wondering if anyone else has had any luck in this area. Any info/advice is appreciated. Thanks, Matt NBCC ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
NAC / Wireless Access solutions
We are reviewing our environment in concert with the school's overall 5 year plan, and evaluating how well existing solutions work compared to what's available in the market. Along those lines, I wanted to poll the group about wireless access control solutions. All input is greatly appreciated: https://www.surveymonkey.com/r/LV737BL I will share the results with the list in a week or so. Thanks, Thomas Carter Network & Operations Manager Austin College ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Smart TVs and other "smart" devices
Yes, wiFi direct is growing in use – Playstation 4s broadcast wifi direct to connect to Playstation portables. Some Roku players use wifi direct for remote controls. We have a blanket statement disallowing anything that we deem interference with the campus wireless. As a smaller private institution, we work with the students to remove the wireless network. It’s no different than most HP wireless printers that broadcast a wireless network for setup. Thomas Carter From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeremy Gibbs Sent: Monday, September 7, 2015 2:26 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Smart TVs and other "smart" devices I have been seeing more and more students coming to campus with "smart" tv's. We allow them to register the TV on our wireless network. Recently, I have been seeing a lot of "Hidden" networks when doing some WiFi scans. Turns out, many of these TVs are broadcasting their own SSID, some hidden and some not. This is obviously causing interference with our production wireless network in the dorms. Also, I have seen xbox one devices broadcasting their own SSID, hidden but it is broadcasting. On many of these "Smart" TVs and devices, I cannot find a way to turn off the broadcast of these networks. Anyone have any experience mitigating problems like these? It just appears that every new device these days broadcasts some sort of 2.4 Ghz network. Thanks -- Jeremy L. Gibbs Sr. Network Engineer Utica College IITS ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] LTE over Wi-Fi spectrum sets up industry-wide fight over interference
Don’t forget the WiFi SLA discussion – another source of interference outside of our control. Thomas Carter Network and Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Philippe Hanset Sent: Thursday, August 27, 2015 2:17 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] LTE over Wi-Fi spectrum sets up industry-wide fight over interference We can now combine three threads that we have had over the summer on this list 5 GHz, Containment, and the LTE-U controversy (this thread just started) LTE-U and Jamming…will my Wi-Fi equipment provider enable LTE-U “containment” and as a University/College how can I prevent LTE-U from interfering with my 5GHz deployment. Oh boy… Philippe Philippe Hanset www.eduroam.ushttp://www.eduroam.us On Aug 27, 2015, at 2:55 PM, Hinson, Matthew P matthew.hin...@vikings.berry.edumailto:matthew.hin...@vikings.berry.edu wrote: Source: http://arstechnica.com/information-technology/2015/08/verizon-and-t-mobile-join-forces-in-fight-for-wi-fi-airwaves/#p3 It was only a matter of time. Thank you! Matthew Hinson Supervisor, Network Operations ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] WiFi Service Level Agreement
I do not have the same confidence in wireless as I do wired. There is no control over the airwaves like there is over physical cabling, and some interference cannot be dealt with (like visitor's mobile hotspots). Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Tuesday, August 25, 2015 5:40 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WiFi Service Level Agreement On Tue, Aug 25, 2015 at 11:10 AM, Chuck Enfield chu...@psu.edu wrote: If so, why would we focus on saying, wireless might not work. It's not helpful to us or our users. A much more constructive approach would be to tell faculty to plan for when wireless doesn't work - to have a back-up plan for that iPad app, to download the PowerPoint presentation before class begins instead of during class, to plug into a wired connection if that's an option, etc.. The way I read this, it seems to imply a lack of confidence in the service. Since our wireless and wired infrastructures are separate to some degree, it's possible that a wireless connection would not work - but it's just as likely that a wired drop would not work, too. Therefore, I'd estimate that I am equally confident in both services. Maybe if it was phrased differently, like make sure to test wired and wireless ahead of time, in case one fails - but I see wireless and wired as equals. Just my two cents. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] 6-month follow-up to Marriott/FCC Wifi blocking stories
We really need the vendors to step up on this one; they are selling the ability to do this. Why are they selling me an option that, if turned on, is illegal. Cisco, HP/Aruba, Ruckus, etc need to get off their butts and get involved in this. Maybe they are behind the scenes, but I don’t see or hear about it. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bob Brown Sent: Thursday, August 20, 2015 10:21 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] 6-month follow-up to Marriott/FCC Wifi blocking stories Actually, I can’t claim to have had any inside info about the Smart Holdings situation: Guess it was just good intuition. But am on vacay this week, so will pick things back up next week and catch up on related comments. Thanks, Bob Bob Brown Online Executive Editor, News T: 508.766.5418 LinkedInhttp://www.linkedin.com/in/bobbrownboston | Twitter: @alphadoggshttps://twitter.com/alphadoggs | Facebook profilehttps://www.facebook.com/NetworkWorld | Google + profilehttps://plus.google.com/104712908618368674642/posts | Instagramhttp://instagram.com/nwwinstagram NETWORK WORLD 492 Old Connecticut Path | PO Box 9002 | Framingham, MA 01701-9002 NetworkWorld.comhttp://www.networkworld.com | Media Kithttp://www.networkworldmediakit.com | Conferences Eventshttp://events.networkworld.com An IDG Enterprisehttp://www.idgenterprise.com/ Brand From: Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thursday, August 20, 2015 at 10:16 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] 6-month follow-up to Marriott/FCC Wifi blocking stories I'm trying to get the FCC's attention on this: https://wirednot.wordpress.com/2015/08/19/an-open-letter-to-the-fcc/ -Lee Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 From: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of Mike King m...@mpking.commailto:m...@mpking.com Sent: Wednesday, August 19, 2015 9:01 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] 6-month follow-up to Marriott/FCC Wifi blocking stories I know it's two weeks later, but Smart Holdings just got smacked by the FCC for the same thing. (Which is probably why you were asking) http://gizmodo.com/its-about-damn-time-fcc-says-convention-centers-cant-b-1724805719?dfp_pp_ab=ondfp_desktop_three=offutm_expid=66866090-43.E9Bjfd6NTuSlXJewu2e_Ig.1utm_referrer=https%3A%2F%2Fwww.google.com%2F On Thu, Aug 6, 2015 at 10:30 AM, Bob Brown bbr...@nww.commailto:bbr...@nww.com wrote: I’m looking to follow up on a series of stories we ran in late 2014/early 2015http://www.networkworld.com/article/2879142/wireless/fcc-still-has-ton-of-explaining-to-do-on-wi-fi-blocking-rules.html on the Marriott Wifi blocking issue. To refresh, the FCC fined Marriott for blocking a Wifi hotspot (or hotspots) at one of its hotel convention centers. The incident sparked quite a bit of discussion on this listserv, as university/college network pros wondered whether their own Wifi management/security practices would now be considered legit and whether the products they were using could still be used. *I’ve followed up with Marriott, whose CIO kicked me over to public relations, which naturally declined to comment. *The hospitality industry trade group had said at the time of the FCC/Marriott decisions that it was going to launch a cybersecurity task force to study this topic further, but they haven’t responded to my inquiries, so I’m not sure whether such a task force was formed and if so, whether it has accomplished anything. *The FCC has been unresponsive on this matter entirely. *I’ve contacted WLAN vendors that I spoke to for some of the original articles to see if anything has changed on their end since the start of the year and they haven’t had much to say so far. So, based on all this, I don’t have much of an update to write about at this point…perhaps exactly what these parties would like. But, I’m also wondering if any of you who were trying to figure out earlier this year what the FCC decision/Marriott response meant to you, have taken any new approaches to managing/security Wifi on your campuses. If so, and you’d be willing to share your story, please touch base (or feel free to share with the listserv if appropriate). Regards, Bob Brown Online Executive Editor, News T
RE: [WIRELESS-LAN] 6-month follow-up to Marriott/FCC Wifi blocking stories
We are almost identical to this. We did active rogue prevention in the past, but it never worked as well as advertised anyway. The rogue device and the active prevention was just more noise pollution; too many students just stopped using their personal routers, etc but left them powered on and broadcasting. And there are too many devices interfering (*stink eye at HP printers*) without the students knowing they have an interfering device. We do a sweep early in the year to ferret out the rogues, and slip an information sheet under their door. This takes care of 90% of the cases. We do a follow up and the remaining 10% get handed over to our student life who usually convince them with just a talking to. Our best indicator throughout the year are complaints from students that wireless performance has dropped. That helps pinpoint the rogue as it's usually a room nearby. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser Sent: Thursday, August 20, 2015 10:48 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] 6-month follow-up to Marriott/FCC Wifi blocking stories We don't call out the variants (MiFis, hotspots, Nintendo DS WiFi USB adapter, etc...). Instead we just focus on anything broadcasting an SSID as interfering with or degrading WPI network service, in that it's competing for scarce airtime. That said, we *don't* launch countermeasures against anything that comes up. We simply have far too many edge cases (networks from adjacent buildings in residential areas, misconfigured Windows machines silently creating ad-hoc networks, legitimate research projects that didn't know any better...), especially in any kind of automated fashion. Instead we monitor the reports, both in the system and word of mouth. Anything we find we then address with a light hand, typically no more than a light slap on the wrist unless we find evidence that they're willfully going against the rules. Having the AUP in place and enforceable (at least on our own community members, as opposed to random visitors) does give us critical leverage to make this all work. Frank Sweetser fs at wpi.edu| For every problem, there is a solution that Manager of Network Operations | is simple, elegant, and wrong. Worcester Polytechnic Institute | - HL Mencken On 08/20/2015 11:25 AM, Lee H Badman wrote: Does that include MiFis? Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 From: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of Frank Sweetser f...@wpi.edu Sent: Thursday, August 20, 2015 11:22 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] 6-month follow-up to Marriott/FCC Wifi blocking stories Students should be a relatively easy case. At least here, we make them sign an AUP, which references explicit provisions about not running unauthorized APs. Frank Sweetser fs at wpi.edu| For every problem, there is a solution that Manager of Network Operations | is simple, elegant, and wrong. Worcester Polytechnic Institute | - HL Mencken On 08/20/2015 11:19 AM, Philippe Hanset wrote: We need to wait on an unfortunate school to be sued by a student due to Mi-Fi blocking in a Residential Property -Student: I pay rent, I can do whatever I want in my room -School: We provide “free” Wi-FI to all rooms and the interferences are becoming unmanageable to a point where we have more trouble tickets than packets being successfully sent or received. We had to do something. -Lawyers: Either way, we will cash on this! -FCC: So, we have an Interferer being interfered by another interferer. Could Scott Adams please give us some wisdom on this Philippe Philippe Hanset On Aug 20, 2015, at 10:40 AM, Lee H Badman lhbad...@syr.edu mailto:lhbad...@syr.edu wrote: It's a good point, and there was a bit of chatter on this on Twitter. The FCC has left the whole thing way too open-ended given the popularity of Wi-Fi, and a lot of topics bleed over on to each other. I'd be surprised if they responded in any way- the preference seems to be to ambush users with fines. *Lee H. Badman* Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 -- *From:*The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of Philippe Hanset phan...@anyroam.net mailto:phan...@anyroam.net *Sent:*Thursday, August 20, 2015 10:34 AM *To:*WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
RE: Outdoor PoE
We haven’t had any problems, but we’ve used these: http://www.l-com.com/surge-protector-outdoor-10-100-1000-base-t-cat6-poe-compatible-lightning-protector-rj45-jacks with great success. They also have a punch down version as well if you want to mess with that. We have them mounted outside with the APs and a good copper ground wire. If you haven’t looked at them, l-com.com has a wide array of antennas, cabling, etc. No connection to them, just a happy customer. Thomas From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, August 6, 2015 8:24 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Outdoor PoE For those doing outdoor wireless, here are two products we have purchased that we have found very useful: Microsemi Outdoor PoE Surge Protector PD-OUT/SP11https://www.amazon.com/gp/product/B00NMU85PM/ref=od_aui_detailpages00?ie=UTF8psc=1 http://www.newegg.com/Product/Product.aspx?Item=17B-00A5-1nm_mc=KNC-GoogleAdwords-PCcm_mmc=KNC-GoogleAdwords-PC-_-pla-_-Surveillance+Accessories-_-17B-00A5-1gclid=CIOKgobGlMcCFQmNaQodJ_0C0Qgclsrc=aw.ds Microsemi PowerDsine 9001GO - PoE injector - 30 Watt http://www.cdw.com/shop/products/Microsemi-PowerDsine-9001GO-PoE-injector-30-Watt/2578417.aspx?cm_cat=GoogleBasecm_ite=2578417cm_pla=NA-NA-PWD_NEcm_ven=ShoppingFeedsef_id=VLgjcQAABAHVQD8U:20150806132234:sgclid=CKyxxczGlMcCFQgtaQodCO8PhQ Regards, Hector Rios Louisiana State University ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Wireless Door Locks
We have some of these from Stanley; we already have wired badge readers from them so the wireless was a nice fit. It is nice to remove any responsibility from IT for managing connectivity, troubleshooting, etc. We use these primarily for accessibility for individual dorm rooms where a traditional key may be difficult to use. They’re tied to our rfid ID cards so the students can hold the card near the lock to unlock the door. I believe they do a similar periodic update, and will continue to work with local (to the lock) info even if the wireless is down. The wireless unit does connect back to the central monitoring system via the wired network, but I get the impression that it’s pretty rock solid reliable. Thomas Carter Network Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike Cunningham Sent: Thursday, July 2, 2015 1:37 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Door Locks Stanley makes a door lock that is wireless but does not run on 802.11 so does not interface with the campus data wi-fi network. I think it’s 802.15 but not sure of that. I know it works with Tyco and their iStar controllers. You do have to deploy a Tyco proprietary access point that is just for the locks. We don’t have any wireless locks yet but probably will be moving in that direction and when we do we will deploy this system since we already have all of our wired locks using Tyco iStar hardware. Mike Cunningham From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Rossella Mariotti-Jones Sent: Thursday, July 2, 2015 2:27 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Door Locks We have ASSA ABLOY locks too. I agree with Aaron, as that is exactly the reason why we went with the wifi locks. One argument that might have a little more traction is that we, for example, are not able to send and immediate lock to our wifi locks because they connect to the controller for a very short amount of time at midnight (or whatever time they're programmed to do it), at which time the sync occurs, and after that they disconnect from wifi, once they disconnect, the controller is not able to access them because they are offline. So in an emergency situation this doesn't work very well at all, especially if you have, or are looking into a system integrated with your locks (like informacast for example) that can lock down your whole campus with the push of a button. Now, our locks are about 4 or 5 years old so it might be that the new ones are smarter, but this has been our experience with these so far. rossella mariotti-jones | network analyst | information technology | chemeketa community college | p: 503-589-7775tel:503-589-7775 | e: rmari...@chemeketa.edumailto:rmari...@chemeketa.edu On Thu, Jul 2, 2015 at 11:07 AM, Aaron Abitia aabi...@calpoly.edumailto:aabi...@calpoly.edu wrote: Yeah, this thread is summing up the issues with doing the door locks over WiFi, but in the near term it's unlikely that any arguments will deter most organizations because it's all about initial financial layout. The cost of retrofit for a hardwire connection is so high, they will not want to pay for that when wireless is available. They don't yet know about the pitfalls, but since it's all about the initial layout, none of that matters until disasters start to occur. Here there's a push to do the same thing in our dorms. The only buildings that will get hardwire to the door locks are the ones already in construction. -Aaron On Thu, Jul 2, 2015 at 10:33 AM, Derek Johnson djohn...@fhsu.edumailto:djohn...@fhsu.edu wrote: Our campus planners are looking to standardize modernize lock systems across campus, and they're drooling over my worst nightmare wireless door locks that connect to our existing wifi network. 2.4GHz only, of course. I'm against this idea for too many reasons to list (technical security-based), but I'm curious to hear perspectives from the community. Has anyone deployed or had to support a wifi-based door lock system? What's been your experience? On the flip side, have you successfully fended off a push for wireless door locks? If so, do tell... :) Thinking back to Lee's recent drone discussion... perhaps I can get administration interested in drone surveillance instead of wifi door locks. That's an idea I could get behind... Derek Johnson | Data Communications Coordinator FORT HAYS STATE UNIVERSITY 415 Lyman Dr. TH 101, Hays, KS 67601 (785) 628 - 5688tel:%28785%29%20628%20-%205688 | dpjohn...@fhsu.edumailto:dpjohn...@fhsu.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Aaron Abitia Network
RE: Favourite Wifi Dongles
We've used a number of the Netgear WNA1000M adapters and have been happy, but the use has just been Windows. It seems USB wifi dongles seem hit or miss with OSX (is anything officially supported?). We liked these units due to the small size so they could be used inconspicuously to avoid disappearing. We've used them frequently in situations where temporary, ad-hoc labs were created with desktops in an area without easy access to wired connections. Thanks, Thomas Carter Network Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Cook Sent: Thursday, June 25, 2015 12:36 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Favourite Wifi Dongles Just putting out a question to see if anyone has preferences when it comes to USB dongles. We typically like to have a number available and they have helped out of few times over the years to deal with broken internal cards, 2.4ghz only cards and temporary setups etc. We've often purchased a couple of varieties, tested them and stocked up on our favourite. Considering things like performance, stability, included drivers in OS, supporting multiple OS's. Our most recent was a few years ago now Edimax AC1200 (EW-7822UAC) but have also been pretty happy with Linksys. The edimax performs pretty well and supports Windows, Mac and Linux. But it's time to get a few more. -- Jason Cook Technology Services The University of Adelaide, AUSTRALIA 5005 Ph: +61 8 8313 4800 JabberCall Mehttps://ts-plaza-guest-exp-e.voip.net.adelaide.edu.au:9443/call/jason.c...@adelaide.edu.au browser-based video chat e-mail: jason.c...@adelaide.edu.aumailto:jason.c...@adelaide.edu.aumailto:jason.c...@adelaide.edu.au%3cmailto:jason.c...@adelaide.edu.au CRICOS Provider Number 00123M --- This email message is intended only for the addressee(s) and contains information which may be confidential and/or copyright. If you are not the intended recipient please do not read, save, forward, disclose, or copy the contents of this email. If this email has been sent to you in error, please notify the sender by reply email and delete this email and any copies or links to this email completely and immediately from your system. No representation is made that this email is free of viruses. Virus scanning is recommended and is the responsibility of the recipient. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Wireless Bridge Recommendations
For relatively temporary solutions, we've utilized the EnGenius ENH500. Extremely cheap at $100 per end, and they're rated for external mounting. Like others, they use 24v PoE, but we've found 48v - 24v PoE converters to allow hanging these off our existing PoE switches (and allow for remote reset if necessary). Early on, these had some stability issues, but the latest firmware has been extremely reliable; the only problem we've had was a lightning-strike caused surge that went through the power on one unit. Since they are cheap we keep a spare on hand that can be dropped in place quickly. With careful set up, two pair of these could be a long-reach LACP/Etherchannel solution for redundancy and bandwidth. Thomas Carter Network Operations Manager Austin College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike Ricci Sent: Thursday, June 18, 2015 12:38 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Wireless Bridge Recommendations As our campus rapidly changes and grows, we began placing office spaces in our offsite residential housing. Initially, we built out a large two story office area that has a fixed connection back to our main campus. Networking within the same building was simple as we did this during the renovation. With our growth, the administration is now planning on throwing together another Ad Hoc office space in a separate building. This building is relatively close to our main office space (+-50 feet), however we have no cabling between buildings and no conduits in place. I'm interested in testing out a low latency line of site wireless bridge, one that I could utilize to distribute to multiple buildings as our growth continues, across up to 1000 feet and from 100-1000mbps speeds. Can you share what vendors you've had success with? Engenius, Ubiquiti, etc., come to mind initially. [MCU_Logo_641 433] Mike Ricci Operations Mgr/Infrastructure Architect 310.303.7263, Direct Sent from MarymountAnyware - Access your virtual apps today @ http://remote.marymountcalifornia.eduhttp://remote.marymountcalifornia.edu/ __ This email has been scanned by Marymount California University email security service __ ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Rogue Devices
We’ve done this through word of mouth before. We’ve told students that we can’t improve their wifi speed because the people in a room nearby have a PS4 broadcasting an ad-hoc network (as an example). We also inform RAs or other campus housing people to put pressure on the rogues running rogues. I have also knocked on doors and asked them to turn it off (when it’s something that can’t be taken care of by disabling a wired port). That is also very effective (after they deny having anything and I point to the device in their room and say “there it is”). Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew Sent: Friday, May 15, 2015 11:45 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Rogue Devices Haha, nothing like a good public shaming to get what you want. Respectfully, Matthew Williams IT Manager, Wireless Kent State University Office: (330) 672-7246 Mobile: (330) 469-0445 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Thursday, May 14, 2015 4:25 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Rogue Devices Part of the rogue defense posture is very much non-technical. Many years ago, we drafted policy that was endorsed by our CIO and we did a lot of education with across our admin spaces and with our distributed support folks. Once they bought in to removing rogues as being in everybody’s interest (and as we grew a really good WLAN), they become partners and enforcers to us in the networking group. We’ve had extremely good luck on a very large campus for several years keeping rogues out based *mostly* on crafting a good message and providing solid, reliable Wi-Fi. Then there’s the dorms… All of the above applies, except buy-in isn’t as uniform. We do a lot of education at move-in time, and have various tricks to find and have the students remove their rogues without leaving the office. In all cases, the response is “I didn’t know!” despite many, many communications of various types on the topic. My dream: a digital sign in each dorm lobby that scrolls network news, tips, etc- and spreads some shame. Like “If your Wi-Fi seems slow near rooms 625-629, it may be because someone has a network called Frankie’s Airport creaming the campus network.” Using PI/MSE to get close to signal then let peer pressure fix the problem. ☺ Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Christopher Michael Allison Sent: Thursday, May 14, 2015 3:17 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Rogue Devices We are in the same boat we use Prime and MSE. Resources are in issue. I wish we could still use the containment feature that Prime and the AP's have for the Rogues. We are currently doing a building by building sweep of our Academic Buildings to remove all the Rogues that aren't managed by our department. Its a slow and long process. CHRISTOPHER ALLISON Network Engineer I Information Technology Mail Code 4622 625 Wham Drive Carbondale, Illinois 62901 chris.m.alli...@siu.edumailto:%20chris.m.alli...@siu.edu P: 618 / 453 - 8415 F: 618 / 453 - 5261 INFOTECH.SIU.EDUhttp://infotech.siu.edu/ [http://asset.siu.edu/_assets/images/email_sig/SIU_email_2line.gif] Choose a job you love, and you will never have to work a day in your life. Confucius From: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of Reams, Lane lane.re...@vanderbilt.edumailto:lane.re...@vanderbilt.edu Sent: Thursday, May 14, 2015 10:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Rogue Devices We use Prime Infrastructure and MSE. With Prime, if you add both APs and switches, you can shut off wired port to disconnect rogue, but you still have the RF interference to deal with. Works pretty good other than all the issues with Prime, but as a whole, this solution works. Just wish we had resources to go after all the rogues . . . they are everywhere. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bibin George Sent: Thursday, May 14, 2015 9:11 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Rogue Devices Thanks for the reply.. We have cisco 3700/3600 Aps, looking for the solution
RE: Copper Cable Field Terminations for Access Points
Yes, and I've replaced a handful (5-10) of these unreliable RJ45 terminations with jacks in the past couple of years. For a sense of scale, we have 275 APs and only about 20% of those have the service cable terminated with a plug instead of a jack. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield Sent: Thursday, May 14, 2015 12:28 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Copper Cable Field Terminations for Access Points Traditionally, plug terminations on solid conductor cables have been considered unreliable, but recently there have been some new products introduced to address that problem. While I can't speak to longevity, one design that caught my attentions was OCC'shttp://www.google.com/url?sa=trct=jq=esrc=ssource=webcd=1ved=0CB4QFjAAurl=http%3A%2F%2Fwww.occfiber.com%2Fmain%2Fdownload.php%3Fd%3D232ei=udlUVcLtGKGSsQThjoHACwusg=AFQjCNE6lbaeho8I_31bKjk52zkyQjhRvAsig2=elTAAn1hMUOt-XwNkPyyWQbvm=bv.93112503,d.cWccad=rja. It's a little larger than the traditional plug, which could be an issue in tight spaces, but it looks promising. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mark H. Wehrle Sent: Thursday, May 14, 2015 1:06 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Copper Cable Field Terminations for Access Points Good afternoon all, We are faced with some challenges in upgrading our access points in our residence halls this summer. Our existing installation has access points wall mounted and we terminate Cat5E cable on a Cat5E type biscuit jack on the wall near where the access point is mounted. From there we place a short cable from the jack to the access point. In current state, this makes for easier troubleshooting to decipher cable versus AP problems, however it's understood that there could be other problems associated with multiple termination points etc. In our current project, we are looking install access points with internal antennas and we are looking to move these to ceiling mounts in most/all of these rooms where we can. We made this choice because we've found that some students will vary the positions of antennas, which have impacted RF coverage and we have added more access points in some areas to compensate (we cannot easily get into student rooms to inspect access points). The question I was asked before we move these jacks is whether we should save costs and time by just making a field termination of the Cat5E cable with an RJ45 connector crimped right on the cable then plug this cable directly into the access point and avoid the biscuit jack and short station cable. I'm wondering if anyone is doing this, was doing this and stopped, plans to do this etc? Does this present any problems like bad mechanical connection problems etc? Thanks for your feedback. --Mark Wehrle Phone: (215) 898-9664 Technical Director, ISC Network Telecom Operations Fax: (215) 898-9348 University of Pennsylvania 3401 Walnut Suite 221a Email:weh...@isc.upenn.edumailto:weh...@isc.upenn.edu Phila. PA 19104-6228 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] To provide (wireless) service, or not to provide (wireless) service...
We're looking at our options with wireless as well, so this is of interest to me. We have all Juniper wireless, and since they're getting out of the wireless game, this is an opportunity to make a large change rather than just switching vendors and sticking with the same architecture. We've tossed around #1, but we worry it would come back on us and cause more trouble than it solves. Everyone brings a router and everyone's wireless is stepping on everyone else's wireless, and we'll get the blame for it not working well. We have apartments on campus that have an off-campus experience - they pay utilites, etc and are not on the school network but get cable internet. The boxes supplied by the cable company are all set to channel 6, so everyone had slow, unreliable service (except the few smart enough to change the channel). Even though we're not supposed to have any responsibility there, we (IT) had to end up working with the cable company to resolve the issue. If these routers belong to students, all we could say is change your channel or talk to the guy in the room next door and see if he will. For managed services, at our size (1,300 students on one campus) the costs always seem to be too high compared to running it ourselves. We don't have a large enough staff to reduce headcount if we outsourced wireless, and I can't justify a large jump in spending on wireless. One thing I would like to see from vendors is more cheap ( like $200) devices that can help fill in gaps. We have a number of small holes that we can't yet justify putting in one of our usual devices. For example, decades ago, one res hall was remodeled and a small addition was added to include an elevator, stairwell, and 2 single occupancy rooms on each floor. Because this was an addition, a solid brick wall separates these rooms from other rooms in the hall, so they get no wireless. It's painful to put in a device for just 2 students. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman Sent: Friday, May 01, 2015 10:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] To provide (wireless) service, or not to provide (wireless) service... A few weeks ago we made a pitch for funding to upgrade our res halls to 802.11ac. This request for funding has had an unforeseen effect. I'm not being asked to investigate NOT providing wireless networking in our res halls. Here are the options, as it has been described to me: -No institutional wireless. Let the students bring in their own AP's -Some kind of managed service (wireless as a service) with 802.11 -Some kind of institutionally owned/leased mobile wireless (e.g we provide our own 4G) -Hybrid -Continue with 802.11n 2.4GHz and fill in holes as they pop up I'm not going to put my thoughts up here just yet. These are the options/thoughts as presented by the levels above me. Let the discussion begin Brian Helman, M.Ed | Director, ITS/Networking Services | *: 978.542.7272 Salem State University, 352 Lafayette St., Salem Massachusetts 01970 GPS: 42.502129, -70.894779 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: netflix question
We don't charge students based on usage or tiered levels of service and currently don't have major bandwidth issues, but are keeping a close eye on it. That being said, for a 24 hour period, streaming video is approximately 2/3 of all bandwidth usage. That includes Netflix, YouTube, etc. 40% just for Netflix is approximately accurate for us as well. We use a Procera PacketLogic but don't explicitly limit streaming media. That will be the first controls we add if bandwidth does become an issue. During class/business hours, the overall streaming video is closer to ½ of all bandwidth and doesn't start increasing until about 7pm, peaks at 1am, and falls off a cliff to nothing about 1:30am. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Alexander, David Sent: Thursday, March 19, 2015 10:46 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] netflix question I wanted to know if Netflix has been a problem for other schools, specifically those with large residential campuses. We've seen usage on our campus grow a lot over the past few years, and our response has been to implement a bandwidth cap on Netflix from 8 am to 10 pm. This pretty much makes Netflix unusable during the day. When we lift the bandwidth cap at night, Netflix takes up around 40% of our total traffic. I'm curious if other schools are dealing with Netflix bandwidth issues and what solutions you have implemented that allows students to enjoy Netflix without impacting the usability of the network. Thanks, Dave ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Question about wireless outdoor APs
We use a few of these: http://www.l-com.com/surge-protector-compact-weatherproof-10-100-1000-base-t-cat6-hi-power-lightning-protector-rj45-jacks on a wireless bridge we have. Thankfully we haven’t had anything test the protection. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sullivan, Don Sent: Tuesday, March 03, 2015 10:56 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Question about wireless outdoor APs We are currently installing new wireless outdoor APs (Cisco 1532s). These require POE+ connections. I was wondering if anyone who has gone through a similar implementation has identified a good POE+ surge protector against lightning strikes that they would recommend. I would like to see what experiences other have had. Appreciate any feedback you can give. Thanks. Don Sullivan Network Administrator Technology Services 205-726-2111tel:205-726-2111 | office 205-566-1432tel:205-566-1432 | mobile 205-726-2524 | fax dsulli...@samford.edumailto:dsulli...@samford.edu www.samford.eduhttp://www.samford.edu 800 Lakeshore Drive, Birmingham, AL 35229http://maps.google.com/maps?q=800+Lakeshore+Drive,+Birmingham,+AL+35229,+US [Samford University Logo]
RE: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks
I kept telling our Dell reps that Dell needs to buy into wireless and grab Aerohive or Ruckus. They would just mention the Aruba deal; we'll see what happens with that. I do think this can be good for Aruba. I see it as this - Cisco is a company that does $50B revenue annually and spends $6B in RD. I know that's not all wireless, but Aruba has $725M annual revenue with $170M RD. They need the financial backing to stay in second and maybe close the gap on Cisco. If integrated well, HP could have a compelling package with ProCurve and Aruba all managed under AirWave with some magic SDN sprinkled in there somewhere. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey Sessler Sent: Thursday, February 26, 2015 10:59 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks Makes sense. Aruba is #2 in the market (but pretty distant from Cisco), and HP is 4th depending on who to talk with, so acquiring Aruba would put their combined market share well past the other competition, and a tad closer to Cisco. Then again, it could go all wrong under HP. I thought Dell would have been a better match - I wonder what happens to the Aruba/Dell oem relationship if this happens? Or the Alcatel oem agreement. Jeff On Wednesday, February 25, 2015 at 1:07 PM, in message b46a050c-963c-4838-acec-6c890472e...@exchange.louisville.edumailto:b46a050c-963c-4838-acec-6c890472e...@exchange.louisville.edu, Trent Hurt trent.h...@louisville.edumailto:trent.h...@louisville.edu wrote: http://mvnoblog.com/hp-is-reportedly-trying-to-buy-aruba-networks/ ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.http://www.educause.edu/groups/ ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks
But at the time, HP had the bigger market share compared to 3Com already. This time Aruba is the much bigger market share. And that was like 2-3 HP CEOs ago. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Coehoorn, Joel Sent: Thursday, February 26, 2015 2:25 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks I do think this can be good for Aruba If integrated well, HP could have a compelling package with ProCurve and Aruba all managed under AirWave with some magic SDN sprinkled in there somewhere. We'll see how it works out. We had a 3Com system once upon a time. Remember 3Com? [http://www.york.edu/Portals/0/Images/Logo/YorkCollegeLogoSmall.jpg] Joel Coehoorn Director of Information Technology 402.363.5603 jcoeho...@york.edumailto:jcoeho...@york.edu The mission of York College is to transform lives through Christ-centered education and to equip students for lifelong service to God, family, and society
RE: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks
Yes, edge switches, but HP can sell the whole campus from firewalls to routers to core switches to APs to software (clearpass, airwave, etc) to truly compete with the likes of Cisco. They're pushing the converged campus to sound like a marketing wonk. Whether or not they screw it up is what we'll have to wait and see. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser Sent: Thursday, February 26, 2015 2:44 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks On 02/26/2015 02:23 PM, Thomas Carter wrote: I kept telling our Dell reps that Dell needs to buy into wireless and grab Aerohive or Ruckus. They would just mention the Aruba deal; we'll see what happens with that. I do think this can be good for Aruba. I see it as this - Cisco is a company that does $50B revenue annually and spends $6B in RD. I know that's not all wireless, but Aruba has $725M annual revenue with $170M RD. They need the financial backing to stay in second and maybe close the gap on Cisco. If integrated well, HP could have a compelling package with ProCurve and Aruba all managed under AirWave with some magic SDN sprinkled in there somewhere. But Aruba already has their own package with their MAS switches! My biggest fear is that HP is buying Aruba the wireless company, not Aruba the client access company. This would lead them to keeping the APs and controllers, while putting all of the rest of the goodies that let us to selecting them (Clearpass, Airwave's cross vendor capabilities, their switches) in jeopardy of either being tossed outright or left hanging around atrophying. -- Frank Sweetser fs at wpi.edu| For every problem, there is a solution that Manager of Network Operations | is simple, elegant, and wrong. Worcester Polytechnic Institute | - HL Mencken ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks
I don't know that I agree with converged campus either, but I have known CIOs who want one neck to wring when there are problems or fall for the it will all work together seamlessly pitch. I just don't want to assume that this will ruin Aruba, and looking at their financials, it might help. I see lots of losses on Aruba's income statements (although a small income this last quarter). Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew Sent: Thursday, February 26, 2015 3:48 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks I've heard from multiple CIOs that they don't want a converged campus solution. They don't want to end up beholden to a single vendor for financial and security reasons. They want best-of-breed products that provide the most bang for the buck without the caveats of, Well if you want that that feature then you'll have to buy this appliance/plugin/thing-a-ma-bob, too. I find the potential merger a bit disappointing because Aruba was a wireless company (with a few switches) and that's what they did. I'd hate to see them end up getting lost in the shuffle of HP's portfolio of solutions. Hopefully, if this all goes through, that won't happen. Respectfully, Matthew Williams IT Manager, Wireless Kent State University Office: (330) 672-7246 Mobile: (330) 469-0445 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Thursday, February 26, 2015 4:33 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks Yes, edge switches, but HP can sell the whole campus from firewalls to routers to core switches to APs to software (clearpass, airwave, etc) to truly compete with the likes of Cisco. They're pushing the converged campus to sound like a marketing wonk. Whether or not they screw it up is what we'll have to wait and see. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser Sent: Thursday, February 26, 2015 2:44 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks On 02/26/2015 02:23 PM, Thomas Carter wrote: I kept telling our Dell reps that Dell needs to buy into wireless and grab Aerohive or Ruckus. They would just mention the Aruba deal; we'll see what happens with that. I do think this can be good for Aruba. I see it as this - Cisco is a company that does $50B revenue annually and spends $6B in RD. I know that's not all wireless, but Aruba has $725M annual revenue with $170M RD. They need the financial backing to stay in second and maybe close the gap on Cisco. If integrated well, HP could have a compelling package with ProCurve and Aruba all managed under AirWave with some magic SDN sprinkled in there somewhere. But Aruba already has their own package with their MAS switches! My biggest fear is that HP is buying Aruba the wireless company, not Aruba the client access company. This would lead them to keeping the APs and controllers, while putting all of the rest of the goodies that let us to selecting them (Clearpass, Airwave's cross vendor capabilities, their switches) in jeopardy of either being tossed outright or left hanging around atrophying. -- Frank Sweetser fs at wpi.edu| For every problem, there is a solution that Manager of Network Operations | is simple, elegant, and wrong. Worcester Polytechnic Institute | - HL Mencken ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Annual Exercise in Frustration: Printers that do wireless 1x?
I came from the corporate world a couple of years ago, and there is a similar need in business. We sometimes just had to say “no” because sometimes just a temp/quick thing violates policy that may be tied to law (security policies related to Sarbanes Oxley, for example). Or, depending on who you asked, you went out of your way to set up a laptop with the printer directly connected and acting as a temporary print server (not proud of it, but when a CxO asks, you jump). Thomas Carter Network and Operations Manager Austin College 903-813-2564 [AusColl_Logo_Email] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey Sessler Sent: Friday, February 13, 2015 2:18 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Annual Exercise in Frustration: Printers that do wireless 1x? If this was a common need in business, then I would expect someone like HP to build it in. I suspect however, that this is one of those edge-cases where EDU's act differently than business, but use business features with 1.x. On your open network, couldn't you use Cisco's built-in device profiling/policy classification to drop it into a different vlan (no need for radius) and avoid routing tricks? You could drop it into the same network as .1x. Again, if this is just a temp/quick thing - popping up a PSK WLAN on a couple of AP's using an AP Group (in Cisco terms) is two minutes of work. Far less time then trying to convince HP (or others) to add .1x support. Jeff On Friday, February 13, 2015 at 11:35 AM, in message 5efd60133fa74c6397d63beef9ccc...@ex13-mbx-10.ad.syr.edumailto:5efd60133fa74c6397d63beef9ccc...@ex13-mbx-10.ad.syr.edu, Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu wrote: Depends on your topology. We don’t have or want a PSK WLAN, and don’t want to pop them up either. Single open network is a guest network, would have to change how it works and do some routing tricks to let printers work from behind it. We don’t do RADIUS attributes either to drop into different VLANs. All environments aren’t the same and .1X support for business devices in business settings seems appropriate. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey Sessler Sent: Friday, February 13, 2015 12:57 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Annual Exercise in Frustration: Printers that do wireless 1x? Lee, I'm curious about the need to be on 1.x. Is there something compelling that can't be accomplished using PSK, or even an open network that 1.x can? If the printer supports IPPS or other SSL/TLS encrypted communication channel, then does 1.x matter especially in a temp/quick situation? Just my quick thought would be to drop it into a open, wep, or psk, and if required, use device profiling/policy classification to drop into desired VLAN. Jeff On Thursday, February 12, 2015 at 11:56 AM, in message dfc7c8b7b2234e159805f94e47fcd...@ex13-mbx-10.ad.syr.edumailto:dfc7c8b7b2234e159805f94e47fcd...@ex13-mbx-10.ad.syr.edu, Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu wrote: Not looking to debate the merit- sometimes the need is quick /temp and there’s not time to cable. No disrespect, but looking for actual verified 1x printers with the question. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian McDonald Sent: Thursday, February 12, 2015 2:50 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Annual Exercise in Frustration: Printers that do wireless 1x? If the cost of an outlet was more than the cost of a decent printer it'd be an issue. Otherwise, the cost of the outlet is incidental to the cost of providing the service and the 'value add'. Can print / can't print cost difference of $100. Value add of same? -- ian Sent from my phone, please excuse brevity and/or misspelling. From: Lee H Badmanmailto:lhbad...@syr.edu Sent: 12/02/2015 19:40 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Annual Exercise in Frustration: Printers that do wireless 1x? It comes up as a request often enough to keep tabs on, for either temporary placement or for locations that have power but not UTP. Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
RE: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi
I see no exemption for that type of issue. The FCC rulings seem to be about use of frequency for communication, not the protocol details (unless the protocol prevents the communications as in this case). Additionally, who owns the SSID name? The FCC sees all users as the same, so I suspect you have no more right to the SSID than the user does. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh Sent: Wednesday, February 11, 2015 9:47 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi On Wed Feb 11 2015 09:22:55 CST, Bob Brown bbr...@nww.com wrote: Thought my recent interview with head of wireless for Partners Healthcare might be of interest re: the FCC de-authing discussion http://www.networkworld.com/article/2881540/careers/how-not-to-get-sla mmed-by-the-fcc-for-wi-fi-blocking.html One thing that I haven't seen mentioned (or it's just as likely that I missed it) is the situation where a user's AP is configured to broadcast the same network name as one of our SSIDs. Is there justification to use deauth as a protective measure in those cases? -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: latest from FCC on de-authing Mi-Fi
I'm disappointed in the statement from the FCC. This was a chance to clarify their position on this, but it's still as vague as ever. What is a commercial establishment? Does that include K-12 or Higher Ed? What about a corporate HQ? I'm also disappointed that the wireless vendors have been quiet on this issue as well. Where is Cisco, Aruba, Rukus, et. al who provide us with these tools? One reading of the FCC notice is that the product they market and sell is illegal. I feel they should be leading the charge with the FCC for clarification for us, their customers. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, January 27, 2015 5:38 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi http://www.fcc.gov/document/warning-wi-fi-blocking-prohibited Which would imply that a subset of our tools are illegal: https://wirednot.wordpress.com/2015/01/06/are-wlan-vendors-selling-illegal-jammers/ Complicated times. -Lee ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi
We do have that requirement, but the problem is really implementation. Would you rather: a) Spend time and manpower running all over campus hunting down all these rogue devices b) Use technology to encourage students not to use these rogue devices Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Wednesday, January 28, 2015 10:06 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi You can't deauth the users, but you can make one of the requirements for living in the dorms don't put up a hotspot. (I assume this is where most of us see problems.) -- Hunter Fuller Network Engineer VBRH M-9B +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure I am part of the UAH Safe Zone LGBTQIA support network: http://www.uah.edu/student-affairs/safe-zone On Wed, Jan 28, 2015 at 10:03 AM, Chuck Anderson c...@wpi.edu wrote: What if our users see this news and start pushing back on bringing their own Wi-Fi to campus? If we have to allow it, and the WLAN becomes unusable due to all the overlapping channel 2 and channel 5 devices etc., what do we tell our users and the administration? Sorry, the FCC says we can't force these users to abstain from using their own Wi-Fi devices, even if they interfere. That's the problem with FCC Part 15--“must accept interference from other sources”. The best we can do is nicely ask them to change channels... On Wed, Jan 28, 2015 at 02:44:16PM +, Hector J Rios wrote: Agree. A clearer definition as to what a commercial WiFi network operator would help. I don't know what to do with this information. Do these FCC laws trump our WiFi policies? I can see where users could take advantage of this advisory. Too many questions. Hector Rios Louisiana State University -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Wednesday, January 28, 2015 8:32 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi I'm disappointed in the statement from the FCC. This was a chance to clarify their position on this, but it's still as vague as ever. What is a commercial establishment? Does that include K-12 or Higher Ed? What about a corporate HQ? I'm also disappointed that the wireless vendors have been quiet on this issue as well. Where is Cisco, Aruba, Rukus, et. al who provide us with these tools? One reading of the FCC notice is that the product they market and sell is illegal. I feel they should be leading the charge with the FCC for clarification for us, their customers. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, January 27, 2015 5:38 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi http://www.fcc.gov/document/warning-wi-fi-blocking-prohibited Which would imply that a subset of our tools are illegal: https://wirednot.wordpress.com/2015/01/06/are-wlan-vendors-selling-il legal-jammers/ Complicated times. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Meru Networks In Financial Trouble
But what is that honest talk worth? Two years ago I had this talk with our vendor (not in financial trouble) who swore they were in the wireless business for the long haul. 12-18 months later they changed their mind. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01D03650.64DE53C0] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Thursday, January 22, 2015 1:08 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Meru Networks In Financial Trouble In fairness, I did get contacted by a Meru exec said that some of this is being overblown, and dire is an overstatement when it comes to Meru's condition. If you are a potential Meru customer, I'd have a frank and honest talk with them before writing them off... -Lee Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 From: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of Van Jones vjo...@mc.edumailto:vjo...@mc.edu Sent: Thursday, January 22, 2015 1:54 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Meru Networks In Financial Trouble This is an additional confirmation that we made the right choice by moving away from Meru. Van K. Jones Network Support Manager Mississippi College P: 601.925.3493 | F: 601.925.3955 [http://www.mc.edu/signature/email-facebook.jpg] Facebookhttp://www.facebook.com/mississippicollege | [http://www.mc.edu/signature/email-twitter.jpg] Twitterhttp://www.twitter.com/misscollege | [http://www.mc.edu/signature/email-vimeo.jpg] Vimeohttp://www.vimeo.com/misscollege [http://www.mc.edu/signature/logo.gif]http://www.mc.edu/ On Tue, Jan 20, 2015 at 11:30 AM, Frank Sweetser f...@wpi.edumailto:f...@wpi.edu wrote: The acquisition part of this story has been around for a while: http://www.crn.com/news/networking/300072802/investor-presses-meru-networks-for-a-sale-says-company-is-hopelessly-subscale.htm We looked at them last year, and I was personally unimpressed when several weeks after the initial meeting, they were still in the working on the paperwork phase of getting us evaluation gear of any kind. I realize it was just one experience, but it just did not give me a warm fuzzy feeling about how well the company was operating. Frank Sweetser fs at wpi.eduhttp://wpi.edu/| For every problem, there is a solution that Manager of Network Operations | is simple, elegant, and wrong. Worcester Polytechnic Institute | - HL Mencken On 01/20/2015 12:10 PM, Lee H Badman wrote: http://www.heraldonline.com/2015/01/06/6677042/meru-networks-reports-preliminary.html Company trying to be sold... many experts saying Meru is imploding. Not sure how dire it really is, but passing along to the list in case anyone has or is considering Meru. -Lee *Lee H. Badman* Network Architect/Wireless TME ITS, Syracuse University 315.443.3003tel:315.443.3003 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Trying to get the Wi-Fi Alliance's Attention
Well written and definitely on point. Our users think wireless should “just work”. Roaming, Dot 1X, etc is a foreign language to them. It works at home with their Linksys, why can’t it work here? They think (and sometimes say) “the problem must be your wireless network and not my wireless device.” Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01D03651.605023A0] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hinson, Matthew P Sent: Thursday, January 22, 2015 2:27 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Trying to get the Wi-Fi Alliance's Attention Lee, Good write-up. I found myself nodding in agreement frequently as I read along. The biggest problem I see in the trenches of WLAN administration is a lack of knowledge about the Alliance at all. Their marketing has been so successful that “Wi-Fi” has become synonymous with 802.11 wireless networking. I cannot tell you the number of times a user brings a particular device on our network that can’t do .1X or some other critical standard. 10/10 times, you can check the Alliance’s database and find out that it isn’t certified. Of course, when you explain to them that their device isn’t working, they immediately default to “Well I’ve never even heard of that Wi-Fi Alliance thing.” TL;DR: I see the biggest problem as people not caring whether the device is certified or not, to say nothing of the quality of said certification. -Matt Matthew Hinson CWAP From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Thursday, January 22, 2015 2:47 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Trying to get the Wi-Fi Alliance's Attention I know self-promotion is in poor taste, but wanted to share this http://www.networkcomputing.com/wireless-infrastructure/the-case-for-wlan-interoperability/a/d-id/1318718? and encourage anyone of like (or opposing) mind to add comments. I'm told that the Alliance is at least reading along, FWIW. -Lee Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] New Device Activation WLAN
Same here. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01D02BE6.0788C260] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Thursday, January 08, 2015 5:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] New Device Activation WLAN This is what we do. While not authenticated to wireless you can still get to a few places - Microsoft, apple, Google search, antivirus vendors. -- Hunter Fuller OIT Sent from my phone. On Jan 8, 2015 5:11 PM, Frank Sweetser f...@wpi.edumailto:f...@wpi.edu wrote: We already have an unencrypted ssid for students to get to our onboarding system (Cloudpath). Our plan for this summer is to poke enough firewall holes for students to also run through the device activation process. If we were to try to impose any kind of device security policies, we would do it in the onboarding process. On January 8, 2015 5:54:01 PM EST, Britton Anderson blanders...@alaska.edumailto:blanders...@alaska.edu wrote: I just wanted to ask the question to see what all of you are doing at your institutions to handle users activating new devices. New iOS devices for example have to reach out to iCloud to validate themselves and make sure they're not stolen. Android now with version 5 is very similar, having to reach out to the mothership and join to a Google account. Are any of you doing an SSID-Activate WLAN, or requiring clients to bring it by your respective Help Desks for activation? Right now, we are requiring anyone that wants a device activated to have our Desktop techs touch it and give them pointers to secure it. However, we've lost some budget, and some employees, and they can't keep a guy in the office to handle that influx of people anymore. And I don't want the headache of a wide open WLAN everywhere, and none of the devices will allow the webauth transaction to happen before the device ! is activated. Thanks, --Britton Britton Andersonmailto:blanders...@alaska.edu | Senior Network Communications Specialist | University of Alaskahttp://www.alaska.edu/oit | 907.450.8250tel:907.450.8250 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal
Exactly. The horse has left the barn, but this cries out for some sort of pseudo-licensing system (e.g. we have the rights to WiFi within our campus area). WiFi has become too important to essentially have signal anarchy. I believe the importance of WiFi in homes is the one thing that keeps it from becoming worse; people will not buy something that interferes with their home Internet. But unfortunately that is the exact thing that is making it harder on us as too many devices are built around the assumption that they only need to work around 1 AP on 1 channel. (Don’t get me started on devices and services that are built to work behind a home “router” but not an enterprise one) Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFF295.926EFD70] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, October 28, 2014 8:48 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal To me (and I am an Extra Class licensed ham, radio hobbyist, WLAN type, and government official who understands Part 15 and others) it seems like one thing that is overdue by the FCC is the recognition of the sheer importance of WLAN to modern business environments, and the need for businesses to be able to have local policy-based control over competing signals. Basically something that boils down to if you don't agree to our rules on Wi-Fi, stay/shop/visit/whatever somewhere else. If we don't get something like this established, we're at the mercy of any number of factors laying waste to high-dollar wireless environments and services. To waive that off and say well, then don't use Wi-Fi is pretty dated in thought and contributes little to the discussion. Society has elevated WLAN to another place, the FCC needs to catch up and show creative leadership. I'm Lee Badman, and I endorse this message. Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 From: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of David J Molta djmo...@syr.edumailto:djmo...@syr.edu Sent: Tuesday, October 28, 2014 9:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal While I understand the concerns of enterprise Wi-Fi managers, I think it would be difficult for the FCC to modify these rules in a way that protects everyone’s interests. One option might be for the FCC to redefine rules for 2.4 GHz such that only non-overlapping 20 MHz channels are permitted for non frequency hopping devices. That wouldn’t solve co-channel interference problems, but it would address the adjacent channel interference issues that cause the biggest problems. A few years ago, I had a couple students do some testing of the relative impact of co-channel and adjacent channel interference in the 2.4 GHz band. While the results weren’t conclusive (there are a lot of variables that are difficult to control for, especially the physical proximity of AP’s and client devices), they do show that you are better off with devices operating on the same channels than on adjacent channels: https://www.youtube.com/watch?v=1sbPPM93nbA The real question in my mind is why manufacturers of MyFi devices choose to configure the default to a channel other than 1, 6 or 11. We’ve seen a lot of devices defaulting to channel 2, which really messes up performance on channel 1. This obviously isn’t as much of an issue in the 5 GHz bands since we don’t have adjacent channel interference to contend with. In these situations, a MyFi device operating in your air-space doesn’t introduce significant interference issues. Assuming it complies with FCC rules (if it is certified by the FCC, it should), it just looks like another 802.11 device contending for air time. You could make the argument that a MyFi device configured for maximum output power may cause co-channel interference with other cells in a micro-cellular deployment but the same thing can be said for client devices that default to maximum radio output power. -- Dave Molta Associate Professor of Practice Syracuse University School of Information Studies email: djmo...@syr.edumailto:djmo...@syr.edu phone: 315-443-4549 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Peter P Morrissey Sent: Monday, October 27, 2014 7:27 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal That’s my point. If it isn’t my network
RE: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal
IANAL, but it seems the FCC is trying to regulate the “communications.” Sending a spoofed disassociate may not be jamming, but it is intentionally interrupting valid communications. They may see making something unusable through whatever means as equivalent to jamming. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFF201.867223B0] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Pete Hoffswell Sent: Monday, October 27, 2014 4:05 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal My thought is that the FCC is simply trying to police the ISM band, as outlined in FCC part 15 regulations http://www.ecfr.gov/cgi-bin/text-idx?SID=d5df6d61f643786c6651653f0942fd73node=pt47.1.15rgn=div5 The 2.4GHz ISM band is free an open for everyone to use. If you intentionally disrupt transception, well, I think you might be breaking some part of part 15. I've not read part 15, nor could I even begin to comprehend it. But it gets grey quickly, doesn't it? If you have a rogue AP on your campus, and you mitigate it by sending a spoofed disassociate packet, well, are you jamming? I'm with Lee. I think the FCC jumped into a deep pond with this one. The rules are out of date at best. They need to clarify. - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edu http://www.davenport.edu On Mon, Oct 27, 2014 at 4:38 PM, Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu wrote: Not so sure I agree- I know that Marriott’s insane fees led to this, but the FCC seems to be saying “you can’t touch people’s Wi-Fi, period” whether you offer a free alternative or not seems irrelevant. But then again, it appears that they issued a decision and were clueless about the fact that they created a lot of confusion over features that are built in to equipment that they certified for use in the US. Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003tel:315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew Sent: Monday, October 27, 2014 4:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal I don’t think that there’s a distinction about the location. My understanding is that the issue was that Marriott was jamming the hotspots to force people to pay for the hotel provided wireless network. I don’t think that there would have been a lawsuit if the hotel Wi-Fi was free. Respectfully, Matthew Williams Kent State University Network Telecommunications Services Office: (330) 672-7246tel:%28330%29%20672-7246 Mobile: (330) 469-0445tel:%28330%29%20469-0445 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kitri Waterman Sent: Monday, October 27, 2014 4:25 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal Marriott Hotel Services has come to a $600,000 agreement with the Federal Communications Commission to settle allegations that the hotel chain interfered with and disabled Wi-Fi networks established by consumers in the conference facilities at a Nashville hotel in March 2013. According to the nine-page order issued on Friday, a guest at the Gaylord Opryland hotel in Nashville, Tennessee complained that the hotel was jamming mobile hotspots so you can’t use them in the convention space. Is this a distinction between them blocking in their conference facilities vs. their hotel rooms? We all know that radio signal propagation is not so clean cut, but I'm wondering if the lawyers are seeing things differently. Kitri Waterman Network Engineer (Wireless) University of Oregon On 10/3/14 2:07 PM, Thomas Carter wrote: I suspect the clause will still be valid, but we cannot use wireless countermeasures to enforce them. Telling students to turn them off, disabling wired ports, student discipline, etc are outside the FCC’s jurisdiction it seems to me. Thomas Carter Network and Operations Manager Austin College 903-813-2564tel:903-813-2564 [cid:image001.gif@01CFF201.867223B0] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman Sent: Friday, October 03, 2014 3:39 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal I just saw this on CNN and jumped
RE: Wireless in Dorms
But how does that help avoid the initial problem discussed concerning devices (especially HP printers) causing interference by broadcasting wireless networks? These printers broadcast these networks straight out of the box and most students don’t even realize it. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFED2D.89EB6390] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Tuesday, October 21, 2014 10:20 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms 2. Wireless dorms no not need a wired LAN, so the SSID can be campus-wide. That is what we do, but with an open mac auth network that is also used for onboarding to the 802.1X secure network. We do not support wireless printing. You would need DHCP reservations to insure the printer would always get the same ip address. Bruce Osborne Network Engineer – Wireless Team IT Network Services (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Lee H Badman [mailto:lhbad...@syr.edu] Sent: Monday, October 20, 2014 11:11 AM Subject: Re: Wireless in Dorms To me, wireless printers are absolutely the worst offenders. If they could be eliminated, the rest may be manageable. In one version of the dorm world I envision, I’d do something like this: 1. Develop a per dorm central printing solution that was free (as long as it wasn’t abused), effective, and easy. Then, I’d pass a “no printers allowed” policy but sell it hard as “no printers needed” 2. Per dorm, create a consumer-gadget friendly PSK network that only has Internet access. There’d be MAC registration, and this WLAN would be shared with the per-dorm wired network that students also have access to. We’d campaign the heck out of how hard we’re trying to “be like home” and emphasize the need for good citizenship (with a reminder that bad behavior is trackable) 3. The secure WLAN would also be available, and would be required for access to campus resources Or put another way- try to identify all of the reasons the offending devices are there to begin with, and flex the standard “secure campus WLAN model” to accommodate/eliminate as many of the offending devices as possible with friendlier networking. Patrolling and removal isn’t cost effective, and leads to mutual bad feelings. Not sure how this would all work in the real world, but I contemplate more each semester. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Monday, October 20, 2014 9:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms I posted something very similar a month or so ago. I feel your pain – as a small school with limited manpower, we have the same issue. So far I haven’t seen a good answer – we quickly got rid of all of the wireless routers, but there are so many devices that do not plug into the network that interfere. Trying to locate all of them is more time than we have. Pushing things into 5GHz seems like a temporary solution as, has already been mentioned, things will being utilizing that spectrum as well. 802.11ad will introduce new spectrum, but I feel like the fox constantly on the run from the hounds. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFED2D.89EB6390] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of T. Shayne Ghere Sent: Thursday, October 16, 2014 10:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms Our policy states if a device interferes with our network, then we reserve the right to have that device removed. The problem is that the WCS and Controllers are seeing over 712 devices. We can triangulate the “area” the device might be, but that would be going door to door. We don’t have the man power to spend that much time searching for them. Quite a few are wireless printers and mobile hotspots, but they usually get turned off when they aren’t in use. By sending a DoS attack to the device doesn’t solve the wireless interference that it’s causing, but only degrades the service the 2-3 AP’s are providing to other students. We have a Dorm/Greek/Singles living area of around 3,000 students and covers acres of land. I’ve seen some schools putting an AP in each room, some removing all wireless out of the dorms and others fighting the same battle I am. At what point to you just deal with it and say “yeah our wireless sucks because
RE: [WIRELESS-LAN] WLAN design presentation tips?
We're looking at revamping our down the hall model as well as we look to address 802.11ac (and replacing old Juniper wireless now that they're getting out of the wireless market). The biggest thing is the ability to pack APs more densely without signal interference than down the hall. We have random spots and wireless shadows due to elevators, broom closets, etc. Unfortunately more APs means more cost, but we're weighing using a slightly lower model to help make up the cost. Vandalism is just as likely in the hallways as in the rooms. I think that if students know that is where their Internet access comes from, they're not likely to mess with it. Add to that (at least here) there are specific people to hold responsible for the vandalism rather than anyone walking down the hallway. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kevin McCormick Sent: Tuesday, October 21, 2014 1:47 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLAN design presentation tips? We installed in the hallways due to cost, access for maintenance, and concern of vandalism in room. Coverage from hallway using our design was excellent. We designed the layout in Cisco Prime. Testing after install showed the wireless working very well in the rooms, even on 5 Ghz. Wireless just needs planning and design considerations for the location and environment. -- Kevin McCormick uTech Network Services Western Illinois University On 10/21/2014 12:47 PM, Williams, Matthew wrote: I've just started here at Kent State and I'm facing an uphill battle regarding updating our WLAN design. All APs are deployed in the hallways and we're rolling out 802.11ac. We'd like to move the APs into the rooms, but the mere suggestion has been met with resistance. I was just wondering if any of you had any tips or suggestions for trying presenting the new model to upper management. Thanks for any suggestions that you might share! Respectfully, Matthew Williams Kent State University Network Telecommunications Services Office: (330) 672-7246 Mobile: (330) 469-0445 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Wireless in Dorms
I posted something very similar a month or so ago. I feel your pain – as a small school with limited manpower, we have the same issue. So far I haven’t seen a good answer – we quickly got rid of all of the wireless routers, but there are so many devices that do not plug into the network that interfere. Trying to locate all of them is more time than we have. Pushing things into 5GHz seems like a temporary solution as, has already been mentioned, things will being utilizing that spectrum as well. 802.11ad will introduce new spectrum, but I feel like the fox constantly on the run from the hounds. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFEC40.905A1AC0] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of T. Shayne Ghere Sent: Thursday, October 16, 2014 10:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms Our policy states if a device interferes with our network, then we reserve the right to have that device removed. The problem is that the WCS and Controllers are seeing over 712 devices. We can triangulate the “area” the device might be, but that would be going door to door. We don’t have the man power to spend that much time searching for them. Quite a few are wireless printers and mobile hotspots, but they usually get turned off when they aren’t in use. By sending a DoS attack to the device doesn’t solve the wireless interference that it’s causing, but only degrades the service the 2-3 AP’s are providing to other students. We have a Dorm/Greek/Singles living area of around 3,000 students and covers acres of land. I’ve seen some schools putting an AP in each room, some removing all wireless out of the dorms and others fighting the same battle I am. At what point to you just deal with it and say “yeah our wireless sucks because the students didn’t listen when they went through orientation.” On the Academic side we have very very few rogues and the Wireless is rock solid. Upper administration just doesn’t get it, I think, but we’re left to deal with it. There are two of us that maintain everything network related and no student help. It’s becoming a 24/7/365 work schedule, and we’re getting burned out fast. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian McDonald Sent: Thursday, October 16, 2014 10:13 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms Breach of your written policy prohibiting such things isn’t a disciplinary matter? And can’t be fixed with your disciplinary system? From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of T. Shayne Ghere Sent: 16 October 2014 16:11 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Wireless in Dorms Good morning. Let me say first off, we’re nearly a complete Cisco shop other than our Firewalls right now. We are running 3 – Cisco 5508 Wireless Lan Controllers and Cisco WCS. The AP’s in the Dorm’s and Greek houses are all 1142N AP’s and have been spaced accordingly by Cisco and by us during the introduction of wireless in the Dorms, Greeks and Single housing. We are having a heck of a time with all the interference that the students bring with them making our wireless nearly unusable. I know this topic has come up in the past, but this year is one of the worst we’ve seen, and the students are getting restless. We have the ability to quarantine rogue Wireless clients, however according to a recent Court case against a large Hotel Chain, it was decided that on an open free wireless spectrum, we would be breaking the law in jamming it. How have you addressed this issue? I’m about ready to ask upper management to remove the AP’s in all the Dorm buildings and let the students bring their own AP’s if they want wireless. Has anyone resorted to this? Thanks for your input Shayne ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Wireless in Dorms
1) We have this. We have printers in labs on every other floor of residence halls. We even have a web-based solution where students can print directly to the printer from their personal PCs without messing with drivers, etc. We discourage personal printers, yet students (or their parents) still think they “need” their own printer. 2) I’d extend this by trying to encourage stationary devices off of wireless and on to wired. This is something I’m trying to work on; every dorm room has 2 wired ports. I’m beginning to encourage students to move gaming devices, Apple TVs, Rokus, etc to use the wired ports as they will give the best performance / viewing / gaming experience. My frustration stems from the importance now placed on wireless and our relatively (relative to the wired world) limited amount of control over the clients, spectrum, and environment. We’ve had complaints about academics being affected because a student couldn’t get good wireless signal in their favorite study spot in the library. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFEC56.F5EEBC40] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Monday, October 20, 2014 10:11 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms To me, wireless printers are absolutely the worst offenders. If they could be eliminated, the rest may be manageable. In one version of the dorm world I envision, I’d do something like this: 1. Develop a per dorm central printing solution that was free (as long as it wasn’t abused), effective, and easy. Then, I’d pass a “no printers allowed” policy but sell it hard as “no printers needed” 2. Per dorm, create a consumer-gadget friendly PSK network that only has Internet access. There’d be MAC registration, and this WLAN would be shared with the per-dorm wired network that students also have access to. We’d campaign the heck out of how hard we’re trying to “be like home” and emphasize the need for good citizenship (with a reminder that bad behavior is trackable) 3. The secure WLAN would also be available, and would be required for access to campus resources Or put another way- try to identify all of the reasons the offending devices are there to begin with, and flex the standard “secure campus WLAN model” to accommodate/eliminate as many of the offending devices as possible with friendlier networking. Patrolling and removal isn’t cost effective, and leads to mutual bad feelings. Not sure how this would all work in the real world, but I contemplate more each semester. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Monday, October 20, 2014 9:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms I posted something very similar a month or so ago. I feel your pain – as a small school with limited manpower, we have the same issue. So far I haven’t seen a good answer – we quickly got rid of all of the wireless routers, but there are so many devices that do not plug into the network that interfere. Trying to locate all of them is more time than we have. Pushing things into 5GHz seems like a temporary solution as, has already been mentioned, things will being utilizing that spectrum as well. 802.11ad will introduce new spectrum, but I feel like the fox constantly on the run from the hounds. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFEC56.F5EEBC40] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of T. Shayne Ghere Sent: Thursday, October 16, 2014 10:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless in Dorms Our policy states if a device interferes with our network, then we reserve the right to have that device removed. The problem is that the WCS and Controllers are seeing over 712 devices. We can triangulate the “area” the device might be, but that would be going door to door. We don’t have the man power to spend that much time searching for them. Quite a few are wireless printers and mobile hotspots, but they usually get turned off when they aren’t in use. By sending a DoS attack to the device doesn’t solve the wireless interference that it’s causing, but only degrades the service the 2-3 AP’s are providing to other students. We have a Dorm/Greek/Singles living area of around 3,000 students and covers acres of land. I’ve seen some schools putting an AP in each room, some removing all
HP Printers / WiFi Direct
We seem to be having more and more wireless interference from devices that are not wireless routers/APs. HP printers and their obnoxious setup wireless are becoming more common, and this semester we've seen a few devices using WiFi Direct (basically an ad-hoc wireless network) - the PS4 has the ability to connect to other Sony devices, and Roku players that used WiFi for its remote control. This forks from the FCC just declared WLAN quarantine features illegal thread, but how are you dealing with these other forms of wireless interference. We've essentially had to resort back to physically locating them and knocking on doors. We printed up an information sheet to slide under doors, and communicate with residential staff, but it seems to have mediocre success. We've also tried to communicate to students that the cause of slow wireless is most likely interference from other devices in an attempt to utilize peer pressure as well. Unfortunately it seems to all be very time consuming to track down and communcate. Thomas Carter Network and Operations Manager Austin College 903-813-2564
RE: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal
I suspect the clause will still be valid, but we cannot use wireless countermeasures to enforce them. Telling students to turn them off, disabling wired ports, student discipline, etc are outside the FCC's jurisdiction it seems to me. Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image001.gif@01CFDF24.29E00E40] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman Sent: Friday, October 03, 2014 3:39 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal I just saw this on CNN and jumped on the list to post. Using your own AP is against the AUP everyone signs at our institution. Now I wonder if that clause is invalid. -Brian Sent from my Galaxy S4. Tiny keyboards=typing mistakes. Verify anything sent. -Original Message- From: Frank Sweetser f...@wpi.edumailto:f...@wpi.edu To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Sent: Fri, 03 Oct 2014 3:55 PM Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal I think a good chunk of the use is even more insidious than that. I've been in a position where I've offered university guests access to our wifi. A number of these users - smart, highly technical IT professionals - instead just said Nah, I'll just use my hotspot. I suspect it's a combination of two things. First, I paid for it, so I have to use it to get my money's worth. Second, I'd have to think about how to set up a new wifi, or I can just turn on my hotspot by rote memory. In both cases, the cost (or lack thereof) and quality of any host offered wifi doesn't even factor into the decision at all. Frank Sweetser fs at wpi.eduhttp://wpi.edu| For every problem, there is a solution that Manager of Network Operations | is simple, elegant, and wrong. Worcester Polytechnic Institute | - HL Mencken On 10/3/2014 3:21 PM, Philippe Hanset wrote: Everything would be so much simpler if locations would provide Wi-Fi for free or at a reasonable price. When a technology is used by everyone (e.g. Electricity) like Wi-Fi, just include it in the cost of doing business. Stop charging users for Wi-Fi, especially when the room is already at $200+/night. People will bring their own Mi-Fi or smartphone-hotspot, and bypass the silly cost model! At Educause this week the Vendor-floor was plagued with hundreds of Mi-Fi and private Wi-Fi. The event was charging upward of $150/day for Wi-Fi to exhibitors. So, many of them had their own solutions! Humans are resourceful...and if you piss them off they will read the law and call the FCC (or they pirate your network ;-) Philippe Philippe Hanset www.eduroam.ushttp://www.eduroam.us http://www.eduroam.us On Oct 3, 2014, at 2:22 PM, Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu mailto:lhbad...@syr.edumailto:lhbad...@syr.edu wrote: What do you all think of this? http://arstechnica.com/tech-policy/2014/10/after-blocking-personal-hotspot-at-hotel-marriott-to-pay-fcc-60/ - Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.http://www.educause.edu/groups/ ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Wireless lighting controls, etc
Same here. We have Crestron wireless touchscreen AV controllers; we set up a dedicated non-broadcasted SSID just for these that is only on APs in/around the rooms they are used in. For the record, they run Windows CE / Embedded / whatever it's called now so they support a wide range of wireless options. Thomas Carter Network and Operations Manager Austin College 903-813-2564 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Wednesday, October 01, 2014 6:41 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless lighting controls, etc I know we have some Crestron equipment connecting with 802.1X EAP-MSCHAPv2 service accounts. I will see if I can get more information. Bruce Osborne Network Engineer - Wireless Team IT Network Services (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -Original Message- From: Jason Watts [mailto:jwa...@pratt.edu] Sent: Tuesday, September 30, 2014 1:29 PM Subject: Re: Wireless lighting controls, etc Lee, Aside from Lutron and Crestron, which I believe both have equipment which operates in the low Mhz range (200-400), I've heard of Enocean which has offerings in both 300 and 900Mhz range and uses energy harvesting with some of its switches and components so that they are non-wiring dependent. Here is a link to what they are terming their wireless ISO/IEC standard: http://www.enocean.com/en/enocean-wireless-standard/ We looked at them when Facilities was shopping around to upgrade some lighting systems. Haven't seen any of their gear in operation yet. -- Jason Watts Pratt Institute, Academic Computing Senior Network Administrator On 9/30/2014 10:11 AM, Lee H Badman wrote: My cynical side thinks I know the answer already, but let my cast my net anyways... Has anyone found or been involved with any sort of lighting/sound controls that have wireless componentry and work well with enterprise WLAN? Thanks- Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: _http://wirednot.wordpress.com_) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Rogue Wireless Process
Now that school has started back for us, the influx of rogue wireless routers has started. It is against policy to have them in the residence halls, but the teeth are somewhat vague. We generally start with general communications to all students through emails as well as their RAs. After a grace period, we begin hunting them down and asking them nicely to remove them. After that, we shutdown the wired port and have their RA / other residential authority ask them nicely. Thankfully it hasn't progressed beyond that point. I want a fair but strong process for dealing with these and wanted to poll the list on what your actual process is. How much and how quickly do you involve organizations outside of IT? Do you have IT punishments (removal of access, wireless countermeasures, etc) or just general school discipline? Thomas Carter Network and Operations Manager Austin College 903-813-2564 [cid:image002.gif@01CFC2DE.6FA00500] ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
