In the Cisco controllers there is the concept of a lobby ambassador role. This person is given access to the controllers and is allowed to create a temporary username and password for the guest network. the guest is then prompted by a capture portal for those credentials along with the AUP. In this scenario, the school secretary or someone like that would have to give the person access. Not great for sporting events, but during the day it would work well and keep the kids off the guest network.
On Thu, Oct 21, 2010 at 9:16 AM, Michael T. Bendorf <bendo...@a-ccentral.us>wrote: > right - sure - just MAY - but I agree that it is expected and frankly: we > want to offer it. > I just want to document it and have policy to point to: right now our AUP > is written in language that assumes the user is logging into AD with > assigned credentials. > Public access does away with most of Authentication, Authorization, and > Accounting (AAA.) It also seems to open a door for students to jump over to > the public side with whatever device they have brought in to get online > without leaving an obvious trail. The content would still be filtered, but > the AAA is gone... > > > --Michael T. Bendorf-- > Technology Administrator > A-C Central C.U.S.D. #262 > Google Voice: 217.408.0043 > > "I'm trying to teach myself to ask the same questions that you do during > your lectures so that I do not need you any more." > > A good teacher is like a candle - it consumes itself to light the way for > others. > > "The computer revolution hasn't started yet. Don't be misled by the > enormous flow of money into bad defacto standards for unsophisticated buyers > using poor adaptations of incomplete ideas." > - Alan Kay > > > > On Thu, Oct 21, 2010 at 9:11 AM, Bob Morse <bmo...@d168.org> wrote: > >> The new e-rate rules do not mandate that if our Internet access is paid >> for >> by e-rate that we MUST give access to the public. >> >> -----Original Message----- >> From: tech-geeks-boun...@tech-geeks.org >> [mailto:tech-geeks-boun...@tech-geeks.org] On Behalf Of JimHays >> Sent: Thursday, October 21, 2010 8:52 AM >> To: Tech-Geeks Mailing List >> Subject: Re: [tech-geeks] Public Wireless access policy >> >> At some point we need to understand and realize that we are not in a >> corporation but we are a public service institution paid for by public >> money. With the proliferation of wireless devices - and wait until >> Christmas this year when almost EVERYONE will have either a smartphone >> or some kind of wireless Internet device - the public will expect to >> have access when they attend school events. We can't just hid behind >> our conservative, staff-only, policies. We need to adjust with the >> times and give the public what is expected. Even USAC realizes this now >> with their new rule changes which allow public access to school networks >> paid for by E-Rate funds. (Be sure you understand those rules before >> giving public access to E-Rate funded Internet. At this time we don't >> use E-Rate to pay for our Internet so we are not governed by those rules >> even though our public access does fall under the new rules' scope.) >> >> Heath Henderson wrote: >> > We have a similar stance but have to allow people such as tri county >> special ed doing IEP work and visiting student teachers etc on at some >> > Point. I don't like it but really what is stopping them from jacking >> into >> a port on the network and getting physical access that way. Lesser of the >> unhook of a cable is easier for me to deal with. >> > >> > -Heath Henderson >> > >> > On Oct 21, 2010, at 7:17 AM, Dan Ragen <dera...@gmail.com> wrote: >> > >> > >> >> While I don't have a District wide or School wide wireless system the >> >> access points i do have a re for >> >> District personnel only. I think that you may run into trouble >> >> letting others in. Think of it this way, Would you let >> >> some one in on one of your desktops? I usually take a very >> >> conservative approach to this type of situation. >> >> >> >> >> >> On Wed, Oct 20, 2010 at 5:33 PM, Michael T. Bendorf >> >> <bendo...@a-ccentral.us> wrote: >> >> >> >>> Now that my wireless is installed (last AP fired up this afternoon) I >> have >> >>> had requests for the password to get on. >> >>> I have not provided that to anyone, but rather explained that things >> were >> >>> not ready for public access yet... >> >>> All of my district owned equipment has the PSK and can connect as >> though >> >>> they are hard wired...but I wonder what other districts do for public >> >>> access. For instance I had a student from the neighboring district >> want >> to >> >>> get online here to do some homework before practice (we co-op with >> this >> >>> other school.) I really felt bad saying not yet - but that is the >> truth >> of >> >>> it. >> >>> We have an active directory and we push out browser proxy settings via >> GPO. >> >>> Everyone must firs sign our current AUP and then they must >> authenticate >> with >> >>> our CIPAFilter before egressing to the Internet. I want to provide >> "the >> >>> public" access to a filtered Internet experience. I do not want >> visiting >> >>> mobile devices to access anything other than the public Internet. This >> seems >> >>> pretty strightforward, but something I have not set up before. >> >>> Even more than just the config of my HP ProCurve MSM APs/Controller my >> real >> >>> question is how do you address this from a policy point of view? Do >> you >> have >> >>> a separate document? Do you ask guests to sign something? Click on >> >>> something? Is it part of your general AUP? etc?.?.?. >> >>> >> >>> --Michael T. Bendorf-- >> >>> Technology Administrator >> >>> A-C Central C.U.S.D. #262 >> >>> Google Voice: 217.408.0043 >> >>> "I'm trying to teach myself to ask the same questions that you do >> during >> >>> your lectures so that I do not need you any more." >> >>> >> >>> A good teacher is like a candle - it consumes itself to light the way >> for >> >>> others. >> >>> >> >>> "The computer revolution hasn't started yet. Don't be misled by the >> enormous >> >>> flow of money into bad defacto standards for unsophisticated buyers >> using >> >>> poor adaptations of incomplete ideas." >> >>> - Alan Kay >> >>> >> >>> | Subscription info at http://www.tech-geeks.org | >> >>> >> >>> >> >> >> >> -- >> >> Daniel E. Ragen >> >> District Technology Coordinator >> >> Dupo CUSD 196 >> >> 600 Louisa Ave >> >> Dupo, IL 62239 >> >> Phone - 618-286-3214 x2141 >> >> dra...@dupo.stclair.k12.il.us >> >> >> >> ''Life's tough ... it's even tougher if you're stupid." >> >> - John Wayne >> >> | Subscription info at http://www.tech-geeks.org | >> >> >> > | Subscription info at http://www.tech-geeks.org | >> > >> >> | Subscription info at http://www.tech-geeks.org | >> >> >> | Subscription info at http://www.tech-geeks.org | >> > > > | Subscription info at http://www.tech-geeks.org | > -- -- Ben Story CCSP, CCNA, CCNA Wireless, CCDA ben.st...@gmail.com "You cannot escape the responsibility of tomorrow by evading it today. -- Abraham Lincoln
| Subscription info at http://www.tech-geeks.org |
