Here is my first pass at requirements: 1. The service must prevent or discourage devices that ARE capable of using 802.1x authentication from using the service.
2. The service should provide some sort of traceability of devices back to their owners. 3. The service must provide some method to deny access to an individual device. 4. The service must be easy enough to use that the average student can connect a device to the network in 10-15 minutes without requiring assistance from ITS. 5. The service must restrict access to only authorized University customers. 6. In the residence Halls, the service must support most the most common consumer devices that students might bring to campus We are also looking at a “Device Net” for campus for other devices that may not do 802.1X (freezer monitors, digital signage, instrumentation, etc.). For the residence hall device net we are thinking about blocking all access to campus resources and just allowing internet access. For the campus device net we thinking about RFC 1918 space restricting the deivces to on campus resources only. -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 E-Mail: neil-john...@uiowa.edu > On Sep 4, 2015, at 6:46 AM, Osborne, Bruce W (Network Services) > <bosbo...@liberty.edu> wrote: > > What are you calling a Device Net? > > We have an open SSID with a custom captive portal using the ClearPass eTIPS > API. > > We use this SSID for onboarding to 802.1X with Cloudpath XpressConnect > Wizard, registering a non-8012.1X device Endpoint in ClearPass (with AirGroup > device registration for Apple-TV) and for permitting non-802.1X network > access, blocking out internal web server & blackboard servers. If devices try > to go to these sites, they are redirected to Cloudpath XpressConnect Wizard. > > I am leaving on vacation for a week, so it may take me a while to resond > further > > Bruce Osborne > Wireless Engineer > IT Infrastructure & Media Solutions > > (434) 592-4229 > > LIBERTY UNIVERSITY > Training Champions for Christ since 1971 > > -----Original Message----- > From: Johnson, Neil M [mailto:neil-john...@uiowa.edu] > Sent: Thursday, September 3, 2015 12:08 PM > Subject: Re: Supporting "those other Wi-Fi devices" in the dorms- quick Survey > > We are investigating a device net at UofI so, > > I would be interested in hearing from anyone who has implemented a Device Net > with Clearpass. > > Thanks. > -Neil > > -- > Neil Johnson > Network Engineer > The University of Iowa > Phone: 319 384-0938 > Fax: 319 335-2951 > E-Mail: neil-john...@uiowa.edu > > > >> On Sep 3, 2015, at 7:24 AM, Lee H Badman <lhbad...@syr.edu> wrote: >> >> There is an elegance in your wisdom, Chuck. >> >> >> From: The EDUCAUSE Wireless Issues Constituent Group Listserv >> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield >> Sent: Wednesday, September 02, 2015 5:54 PM >> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >> Subject: Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the >> dorms- quick Survey >> >> Don’t tell me. Ignorance is bliss. Man, am I happy! >> >> From: The EDUCAUSE Wireless Issues Constituent Group Listserv >> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of David R. Morton >> Sent: Wednesday, September 02, 2015 5:41 PM >> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >> Subject: Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the >> dorms- quick Survey >> >> Lee, >> >> Are you going to share the results of this survey as well? >> >> David >> >> >> David Morton >> >> Director, Mobile Communications >> Service Owner: Wi-Fi, Mobile & HuskyTV >> University of Washington >> dmor...@u.washington.edu >> tel 206.221.7814 >> >> On Sep 2, 2015, at 9:50 AM, Lee H Badman <lhbad...@syr.edu> wrote: >> >> As we look forward in how we service our residential spaces for Wi-Fi, I’ve >> put together a quick survey on if/what other schools are doing (and not >> doing) for supporting the perplexing gadgets (TVs, games, entertainment >> dongles, etc) over Wi-Fi. Please consider contributing at >> >> https://www.quicksurveys.com/s/Wc92H >> >> I’ll run this for two weeks, will post just a couple more invites on each >> list in that period (so you know to expect a couple more… kind of advance >> spam warning) and will open the results page up for both lists at the end. I >> know I’m not the only one contemplating these questions. Should take minutes >> to sail through, but decent participation could really help others in their >> own thoughts about this challenging paradigm. >> >> >> >> Thanks in advance! >> >> >> >> Lee Badman | Network Architect >> Information Technology Services >> 206 Machinery Hall >> 120 Smith Drive >> Syracuse, New York 13244 >> t 315.443.3003 f 315.443.4325 e lhbad...@syr.edu w its.syr.edu >> SYRACUSE UNIVERSITY >> syr.edu >> >> >> >> ********** Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> >> ********** Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> ********** Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> ********** Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. > > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
