I have two thoughts to offer. I will state that we are not a public university so maybe my point of view is somewhat different. That said, you mention RIAA. How do you respond to RIAA/MPAA/etc. complaints regarding anonymous users ?
Second, I was wondering the same about Panera and others. I have noticed two things in that regard. The recently built Panera here has impeccable video surveillance in their store (and we're far from being a high crime location). They can probably track down a wireless user simply by looking at their surveillance footage given a date/time and looking at who's using wireless in their store. Probably not perfect, but still probably enough for them to give something to an inquiring law enforcement agency. I've also noticed that an increasing number of hotels I visit now require authentication with room number and a password which you obtain from the front desk. This has been the case at several marriott and hilton chain hotels I recently stayed at. This could be coincidental, but maybe it is a trend at a middle ground of authenticated or at least reasonably verifiable free wifi services. -S On Fri, 31 Mar 2006, Predrag Radulovic wrote: > > It is amazing how many times this question pops up! (Public) Universities > are supposed to do public service, which should by all means include net > access to all visitors. Question of how much you should spend it > completely separate from that. Ideally, you would only protect your > network from guests and provide best-effort 'be-a-good-net-citizen" > towards the rest of internet. Limiting BW they consume is an OK measure, > too. I don't see a point of limiting applications. We get too concerned > about security, CALEA, etc.? How does Panera Bread or all those hotels > you get free access deal with it? They probably don't! We monitor and > occasionally take an action. It wold be good to have separate IP space > for guests, but that is individually depending on University. If you're > deploying dark fiber networks, you pay $10-20 per meg per month > for Internet access. So, for <$200/mo you can provide nice access for all > guests. That's a price of one good desktop PC per year! What we want is to > discourage regular users bypassing regular network. So, you block access > to your e-mail servers and other useful app servers and they probably > won't even consider using it. Especially if you have BW control! > > We're a large university with close to 2000 concurrent wireless users at > peak times, generating around 60 Mbps of traffic. So for those few > guests, 10 M or less should be sufficient. If you have a access control > box (Vernier and such) available that is very nice to use, otherwise > routers can provide plenty of BW control (e.g. ISDN quality per user). It > is really a cheap solution, it you just for a second forget all > probably-will-never-happen security incidents. Security incidents on > wireless are not even a percent of work created for security groups. > They continue to deal with worms, virus infections, RIAA and such, and > that is where money gets spent. Assuming you use VLAN/SSID solution and > existing wireless nad wired infrastructure, cost is really minimal. > > So, free your mind! And serve better your community AND guests! > > > Regards, > -Predrag > > P.S. U. of TN is considering this model for guest access. Currently, we > allow folks associated with university to sponsor/register guests. And > guests get the same treatment as regular users (i.e. no app/BW control). > > P.P.S. Do you thing that free/anonimous access at Panera and hotels will > disappear with CALEA? I don't! Too many people and businesses like it! > > --------------------------------------------------------------------- > Predrag Radulovic Phone: (865) 974-0301 > IT Administrator III > OIT - Network Services Fax: (865) 974-3531 > 108 James D Hoskins Library > 1400 Cumberland Ave > University of Tennessee, E-mail: [EMAIL PROTECTED] > Knoxville, TN 37996-4005 http://www.predrag.us > --------------------------------------------------------------------- > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > ------------------------------------------------------------------------------- Simon Kissler [EMAIL PROTECTED] UNIX Systems Administrator Phone: (219) 464 6773 Electronic Information Services Fax : (219) 464 5381 Valparaiso University Kretzmann Hall B22 Valparaiso, IN 46383 ------------------------------------------------------------------------------- "Intel has announced its next chip: the Repentium." -Anon. ------------------------------------------------------------------------------- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
