Re: [WIRELESS-LAN] ClearPass - not so clear anymore

> On Apr 2, 2018, at 16:47, Trinklein, Jason R wrote: > > We are considering clearpass for our guest network captive portal. We have a > case of sticker shock, however…at a cost of nearly $50K, it seems expensive > for a captive portal. As others have said, talk to your

RE: [WIRELESS-LAN] ClearPass - not so clear anymore

This is a hot-button topic for me. The whole guest access thing has gotten ridiculously complex in the main players trying to funnel this through a behemoth NAC (same could be said for simple RADIUS) or through some other convoluted framework. Bluesocket (now Adtran) had a good thing going with

Re: [WIRELESS-LAN] ClearPass - not so clear anymore

Hector, During a roam event where a new session is created, a stop should also be generated by the NAD, so this should be a non-issue. Also, as of 6.7.2, TACACS+ does not directly consume any access licenses (as long as you have at least 100 access licenses installed, TACACS+ usage is

Re: [WIRELESS-LAN] ClearPass - not so clear anymore

Max, We set up our cluster with 7.3 and 7.4 (at different times). We found that database replication has failed itself often and unexpectedly, and getting them to rejoin each other was a herculean task and often unclear…we haven’t tried the active/standby, though. With active/standby, do you

RE: [WIRELESS-LAN] ClearPass - not so clear anymore

Ian, 6.7 introduced a new licensing scheme which is based on concurrent users, and it encompasses both guests, mac-auth, TACACS, etc. This means that each user or device will consume an Access License during an active session. This is the Access license. The part that really sucks is the way

Airtame

Does anyone use Airtame? It looks like discovery requires Multicast (SSDP/UPnP) be allowed. Has anyone evaluated these or have any thoughts? Jess Williams Sr. Network Engineer, IT - Network Engineering University of Tennessee at Chattanooga ** Participation and subscription

RE: [WIRELESS-LAN] ClearPass - not so clear anymore

Authentication might not stop, but what about access to the UI or the ability to make config changes? -H From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Cappalli, Tim (Aruba Security) Sent: Tuesday, April 03, 2018 9:43 AM

Handling Wifi Deauth Attacks

While investigating some “wifi is slow” and “wifi is dropping” complaints, we noticed deauth/disassociation flooding attacks reported by our wireless IDS. So far I’ve been able to identity a small percentage of these as local businesses and other local (non-university affiliated)

Re: [WIRELESS-LAN] ClearPass - not so clear anymore

We moved away from this in favor of all network auth going to ClearPass, but we used to use Captivator-gw with moderate success in a small section of our network: http://net.doit.wisc.edu/~dwcarder/captivator/ Matt Freitag Network Engineer Information Technology Michigan Technological University

Re: [WIRELESS-LAN] ClearPass - not so clear anymore

The UI lockout mechanism was removed in 6.7. Instead a warning will be displayed in the web user interface as well as over syslog and SNMP when you exceed licensing. We’ve really tried to make the new licensing as flexible as possible for our customers. This is a good reference > ClearPass

Re: [WIRELESS-LAN] Handling Wifi Deauth Attacks

Eric, I’ve never heard of a consumer device deauthing STAs that aren’t associated to themselves. If you happen to get a packet capture I know some people that would be interested in looking at it. The only case of malicious deauths I’ve seen was from an enterprise vendor IPS. GT On

RE: Anyone have experience with wireless lighting and contol systems?

Don't forget that interference flows both ways; as I understand it, 802.15.4 is much lower power than 802.11 and may get overwhelmed by the much "louder" 802.11 signals. As we all know, 2.4 GHz is already a wasteland of noise, so that will make it even worse. IIRC, however, there are a couple

Anyone have experience with wireless lighting and contol systems?

Our facilities department is looking to upgrade some of our lighting infrastructure to use lower power LED light fixtures. One of the proposals is to replace all the lighting and the existing Lutron lighting control system with a relatively new Eaton WaveLinx wireless lighting system.