At Syracuse University, we have a year-old 802.1x implementation that went extremely well by most accounts. We have around 85% adoption on a large WLAN that typically peaks out at over 5,000 concurrent users at its busiest.
The non-802.1x users are a combination of devices that can't easily do 802.1x (current iPhones, some iPAQs, etc.) and guests. The guest path has always been a bit touchy here- mostly because coming up with a widely accepted "this is what a guests is, and this is what they should be able to do" agreement is far more onerous that finding a solution to enforce that policy... We are seriously evaluating NAC system from Impulse Point, and the 802.1x supplicant configuration automator from ID Engines. After we get both of these nailed down, we will refocus on a replacement for our home-grown captive portal for guests. Candidate solutions are likely to be something like Bluesocket, or if we can work some voodoo within the NAC framework that satisfies the guest path requirements. We are a WiSM shop- it would be nice if the built-in captive portal function in the LWAPP framework was a bit more sophisticated, but in my opinion it's several generations away from what I would call enterprise-quality. Lee H. Badman Wireless/Network Engineer Information Technology and Services Syracuse University 315 443-3003 -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Bennett Sent: Wednesday, March 26, 2008 7:44 AM To: [email protected] Subject: [WIRELESS-LAN] Open Wireless in Higher Ed We are looking at technologies such as Radius, Cisco Clean Access, etc. to require our wireless client to authenticate to our network. Currently we have an open, unsecured wireless network. What are you Higher Ed institutions implementing to make sure that only valid users are using your wireless networks? If your policy is to do nothing then please indicate that as well. Thanks Daniel R. Bennett CompTIA Security+ Information Technology Security Analyst Pennsylvania College of Technology One College Ave Williamsport, PA 17701 (P) 570.329.4989 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
