A response like this may spur a flurry of disagreement but here goes...
We "blocked" all P2P apps using "all available technology" last year and
have not received a single DMCA notice since (knock on wood).
We blocked using our checkpoint firewall and packeteer packet shaper in
both directions.
So...in your case, even if you can't or won't block carte blanche like
this I suggest somehow setting up a ssid/vlan/security profile or
whatever for these types of users and do not let them do anything except
minimal connectivity to the web. (e.g. http, https, dns, IPSec)
Due to CALEA and other related mandates I think (i.e. in my opinion) the
trend even on campuses is going toward anonymous guest access either
being non-existent or having minimal allowed services and sponsored or
authenticated guest access being used for cases where people need/want
more access.
And along with our block we highly prompted our "exception policy" that
allows exceptions for just about any justified activity...we got TWO
requests and both of which found other ways to get what they needed
before we had their exception in place.
_________________________
Thank you,
Gregory R. Scholz
Director of Telecommunications
Information Technology Group
Keene State College
(603)358-2070
--Lead, follow, or get out of the way.
(author unknown)
-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Braden
Sent: Thursday, June 05, 2008 1:45 PM
To: [email protected]
Subject: [WIRELESS-LAN] Wireless authentication for guests/visitors -
something along the lines of hotel gatekeeper?
First, let me apologize for my naivete. I had planned to subscribe and
lurk a bit to come up to speed but my exposure requires I move a little
faster.
We recently have heard from the RIAA regarding copyrighted content at
one of our conference centers. These centers are used for short periods
by customers who are there for training. They generally bring their own
resources which might have various peer-to-peer clients and the
associated content. Theses customers are not required to 'register' or
authenticate. They are given the key to our wireless SSID and allowed to
access the network. The more rapid response of the copyright
enforcement organizations to identify content has necessitated the need
for some type of authentication/registration for these connections. Can
someone offer some suggestions on how best to manage these connections?
If that involves purchasing a specific wireless router to direct the
session to at the time of the IP being issued please indicate which
vendors or models those are. It would be nice to have a open source
solution that could be installed on a PC and do monitoring for the
traffic but that is not a high priority.
We really dont need to block it (because it could be authorized). Only
make sure we can identify where the content resides and determine a
proper response.
Anything you could offer would put me in a better position than I am now
- thanks.
Jimmy C Braden
Information Security Officer
Extension Information Technology
Texas AgriLife Extension Service
979-862-7254
[EMAIL PROTECTED]
**********
Participation and subscription information for this EDUCAUSE Constituent
Group discussion list can be found at http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
