For those who hadn’t heard, Aerohive was bought out by Extreme Networks. We are using both Extreme for wired and the formerly Aerohive for wireless. I’ll echo Paul below, the PPSK per user solution is awesome. The problem we have is the proliferation of devices broadcasting in the WiFi RF range (Roku, Fire TV, Chromecast…..) where the broadcast SSID from the device cannot be disabled. We are about to do a Proof of Concept test with Extreme’s NAC in an attempt to deny these devices network access without requiring registration of allowed devices. Wish us luck. I’ll post our results.
*Rob Yawn* Manager of Networking, ITS University of West Georgia Ph# 678 839-4006 *“This email and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return mail, delete this message and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized.”* *From:* The EDUCAUSE Wireless Issues Community Group Listserv < [email protected]> *On Behalf Of *Lee H Badman *Sent:* Wednesday, March 4, 2020 11:23 AM *To:* [email protected] *Subject:* Re: [WIRELESS-LAN] Device visibility in Aruba AirGroup + ClearPass I wish all Enterprise vendors did this. Everything else feels like gratuitous complexity for the sake of having more to license. If the goal is "make it like at home" the notion of device registration smells funny. Although I yield this is not a simple discussion. ------------------------------ *From:* The EDUCAUSE Wireless Issues Community Group Listserv < [email protected]> on behalf of Paul Smith < [email protected]> *Sent:* Wednesday, March 4, 2020 10:35:57 AM *To:* [email protected] *Subject:* Re: [WIRELESS-LAN] Device visibility in Aruba AirGroup + ClearPass That’s exactly how our Aerohive private client groups work. One SSID across residences. Students get a PPSK and all devices using that key can talk to each other. Job done. Paul Smith Network Specialist (Wireless) University of Bristol IT Services 31 Great George St Bristol BS1 5QD I try to follow the University email charter – bristol.ac.uk/media-library/sites/hr/documents/wellbeing/email-charter.pdf *From:* The EDUCAUSE Wireless Issues Community Group Listserv < [email protected]> *On Behalf Of *Lee H Badman *Sent:* 04 March 2020 15:31 *To:* [email protected] *Subject:* Re: [WIRELESS-LAN] Device visibility in Aruba AirGroup + ClearPass Just a quick aside on this: We are dealing with same questions for long term, but one thing that I think gets lost in these “solutions”- students don’t register anything at home. Would be awesome if a bazillion PPSKs were available on same SSID. Here kid, your SSID is THIS, your password is THIS. Go to it. Nothing more needed and no one can see each other. All the casty stuff works with no network tricks. That would be the Holy Grail, to me. *Lee Badman* | Network Architect (CWNE#200) Information Technology Services (NDD Group) 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 *t* 315.443.3003 * e* [email protected] *w* its.syr.edu *SYRACUSE UNIVERSITY* syr.edu *From:* The EDUCAUSE Wireless Issues Community Group Listserv < [email protected]> *On Behalf Of *Craig D Rice *Sent:* Wednesday, March 4, 2020 10:19 AM *To:* [email protected] *Subject:* [WIRELESS-LAN] Device visibility in Aruba AirGroup + ClearPass We are an Aruba shop and are evaluating AirGroup + ClearPass to provide students a more home-like experience in their residence halls. That is, we would like students to be able to register and see only their registered devices. If a user registers a device in ClearPass, is that device visible to non-registered devices (or devices registered to another user) -- even if the devices are associated with the same AP? We have received conflicting answers from our Aruba SEs, account exec, and TAC, so we are hoping to learn how to limit device visibility from others who are using ClearPass. Thanks for your advice! Craig -- *Craig D. Rice* Director of Enterprise Infrastructure | IT [image: Image removed by sender. St. Olaf College] *Office: *+1-507-786-3631 1510 St. Olaf Avenue Northfield, MN 55057-1097 USA *stolaf.edu* <http://stolaf.edu/> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
