The Android experience is still good in my opinion, just weaker than iOS when 
you incorporate the Play Store.  (I think ISE links to the Play Store too).  
Luckily, Cloudpath has the option of directly downloading the certs instead of 
requiring the app from the Play Store.  Of course, a profile based option (What 
Google does with ChromeOS) negates the need for any link to the Play Store.

-Curtis

________________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Turner, Ryan H 
<rhtur...@email.unc.edu>
Sent: Wednesday, September 21, 2016 10:03 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x certificate authentication

Android is definitely 'the' problem.  In our stats, you can see that they are 
only 10% of the clients we onboard, but are closer to 90% of the trouble 
tickets.  We were a Cloudpath customer and made the switch to SecureW2 (the 
android experience was a big reason).

Ryan

-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Curtis K. Larsen
Sent: Wednesday, September 21, 2016 11:55 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x certificate authentication

We've been offering EAP-TLS for about 2 years.  It's been the only supported 
option for BYOD for just over a year.  Personally, I think the user experience 
is pretty good across all devices  (Android is weaker but still not bad).  I've 
heard rumblings that Android might be changing to a profile method more similar 
to ChromeOS ...so that would probably improve things.  Our stats are eerily 
similar to Ryan's but we use the Cloudpath Enrollment System, and we have not 
disabled PEAP yet.

Thanks,

--
Curtis K. Larsen
Senior Network Engineer
University of Utah IT/CIS


________________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Turner, Ryan H 
<rhtur...@email.unc.edu>
Sent: Wednesday, September 21, 2016 7:53 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x certificate authentication

We are a very experienced shop with TLS.  We've been using certificates for 4 
years.  We now use the SecureW2 onboarding platform to perform the operation, 
and we have been VERY happy with the results.  Attached below is our statistics 
for onboarding from the Fall of 2015 to today.  I would be happy to help you 
out.  My contact information is below.  In short, we've onboarded over 160,000 
devices in the last two years (over 300k in 4).

[cid:image001.jpg@01D213EE.09553910]


Ryan Turner
Manager of Network Operations
ITS Communication Technologies
The University of North Carolina at Chapel Hill

r...@unc.edu<mailto:r...@unc.edu>
+1 919 445 0113 Office
+1 919 274 7926 Mobile



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Muraca, Peppino P.
Sent: Wednesday, September 21, 2016 8:39 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] 802.1x certificate authentication

Hello all,  I was wondering who or if anyone is using 802.1x cert auth for all 
wireless devices, and if you are, what is the experience with student devices ?

We are currently 802.1x username password , and have been thinking about the 
going the cer route. I feel the cert auth is still a painful experience for 
DYOD devices.

Thank you
Pino

Peppino Muraca
Sr. Network Administrator
Stonehill College
508-565-1193
pmur...@stonehill.edu<mailto:pmur...@stonehill.edu>
              (OO=[][]=OO)



********** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fgroups%2F&data=01%7C01%7Crhturner%40email.unc.edu%7C0342ed2d3b6649f18ec208d3e237d0b2%7C58b3d54f16c942d3af081fcabd095666%7C1&sdata=ysMJchqMYCtLKm9TdNY%2BN6OVzQL6kOBQXDBCdUMYW%2B4%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fgroups%2F&data=01%7C01%7Crhturner%40email.unc.edu%7Cab5faee7f3934ca14b2d08d3e21c6186%7C58b3d54f16c942d3af081fcabd095666%7C1&sdata=5%2B61MsU%2BNA0aTmcOTTqOmxfw9AJPKl51ZAuLVNkcLA8%3D&reserved=0>.
********** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fgroups%2F&data=01%7C01%7Crhturner%40email.unc.edu%7C0342ed2d3b6649f18ec208d3e237d0b2%7C58b3d54f16c942d3af081fcabd095666%7C1&sdata=ysMJchqMYCtLKm9TdNY%2BN6OVzQL6kOBQXDBCdUMYW%2B4%3D&reserved=0.

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at 
https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fgroups%2F&data=01%7C01%7Crhturner%40email.unc.edu%7C0342ed2d3b6649f18ec208d3e237d0b2%7C58b3d54f16c942d3af081fcabd095666%7C1&sdata=ysMJchqMYCtLKm9TdNY%2BN6OVzQL6kOBQXDBCdUMYW%2B4%3D&reserved=0.

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Reply via email to