We have been using Packet Fence successfully since last summer. We reviewed it and a few other commercial offerings. It is our first NAC implementation and was prompted by the installation of 675 new wireless access points in our Residence Halls. We wanted a way to enforce a few rules on the students living on campus. Previously we have been running our own custom processes to ensure those rules (wildcard dns, captive portal, custom executables, all non 802.1x stuff).
Since it was six figures less expensive than the next best commercial alternative and we have a talented staff that could support it, it wasn't a difficult choice. It is a commercial open source offering, so we pay Inverse a few dollars so that we can call for help when we get stuck. We did a two months of testing, then a one building pilot for two weeks and then deployed to all locations last fall (we rushed it). During the winter intersession we added support to enterprise wide guest wireless credentialing (displacing another commercial solution). We have needed to continue to scale it upward just because of our size, but now we are architected so that we can do that fairly easily (with hardware load balancing). Next we need to enable the statement of health checking within Packet Fence. We integrated Packet Fence with our custom solution and executables to figure that out presently, but want to go straight 802.1x and Packet Fence. I've been very happy with the selection and with the support from Inverse. I'd be happy to share more experiences. Adam Ferrero Executive Director Network Services Temple University, Computer Services ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
