The easier solution is to turn off Bluetooth on the Apple TV. Of course, this will not work if you are using a Bluetooth keyboard with the Apple TV.
Bruce Osborne Network Engineer - Wireless Team IT Network Services (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -----Original Message----- From: Jason Watts [mailto:[email protected]] Sent: Tuesday, March 18, 2014 2:07 PM Subject: Re: Discover Apple TV over Bluetooth Tim, That seems fairly clean based on the fact that the user authentication is done at the AP and isn't needed past that. Does the way Airgroup works make this automatically apply to people locating the ATV via Bluetooth, as in, does the Airgroup policy or control automatically filter all traffic to devices for which a user is not authorized? Or does it just prevent the client from getting service announcements from the serving device? BTW, I'm realizing as I think this through that as long as you have a way to apply ACLs separately to students/faculty/staff and you keep your ATVs in a specific VLAN from which student, but not faculty traffic, is blocked then the point about authenticating at the ATV is moot. Even if they can "see" it with Bluetooth if you position the ATVs out of student reach on the network then you have no issue. -- Jason Watts Pratt Institute, Academic Computing Senior Network Administrator Tim Cappalli wrote: > We're doing this with AirGroup. > > > Tim Cappalli | CWNA / ACCP / ACMP / CCNA > Mobility Engineer | Brandeis University > [email protected] | (617) 701-7149 > @tcappy0707 | linkedin.com/in/timcappalli/ > > -----Original Message----- > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:[email protected]] On Behalf Of Dan Brisson > Sent: Tuesday, March 18, 2014 1:49 PM > To: [email protected] > Subject: Re: [WIRELESS-LAN] Discover Apple TV over Bluetooth > > While I agree that Radius authentication would be a nice option, getting > Apple to add an enterprise feature like that is probably pushing it for a > "consumer" device. I'm just happy they added in Enterprise 802.1x for > wireless. > > :) > > -dan > > > Dan Brisson > Network Engineer > University of Vermont > > On 3/18/14, 11:44 AM, Jason Watts wrote: >> I don't know if it's the feature Tony mentions but there is a PIN >> feature that is essentially like an OTP that can be used as a barrier >> to entry. >> >> When Airplay is started the ATV displays the PIN on screen and it must >> be entered at the device before connecting. I believe it changes each >> time. >> >> Only issue is that it displays on the screen. If you have a fast >> student with mischief on their mind then I suppose it is still a > problem. >> >> For the record, I agree, having the Airplay service be able to be >> authenticated against Radius or the like would be ideal so that only >> certain user roles could connect to certain ATVs. >> > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
