Educause Security Discussion mailing list archives

Re: quick poll please.. unauthenticated wireless

From: Dexter Caldwell <Dexter.Caldwell () FURMAN EDU>
Date: Tue, 20 Apr 2010 16:07:57 -0400

The EDUCAUSE Security Constituent Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU> writes:

Getting kick back about our model of wireless network access and I need a
quick poll:

� 

Do you offer unauthenticated wireless for conference facilities?

Not anymore.  Only authenticated wireless now because we wanted to gain
more accountability and hopefully avoid as much of the additional
potential legal overhead that comes with having unrestricted wireless to
the public in terms of being treated as an ISP.  (We are not a public
network- etc)  Authentication is done for accountability purposes.  There
is a separate authentication directory from the core business directory. 
Accounts are pre-created in batch and have generic names to facilitate
pre-creation.  Accounts are put in sealed envelopes and the Help Desk or
key personel around campus (such as areas that deal with lots of visitors)
can distribute envelopes once guests information is collected and we can
identify an account with an individual.  Requests must be made in advance.
 Accounts have predetermined expiry and die an eternal death on expiry so
there is no recycling.    The SSID appears open, but users hit a captive
portal where they are challenged when they open a browser.

There is another exception.  For a few areas where guests need to use
Internet but the staff cannot pre-register all of the users, (visitors who
are only here for less than overnight- usually 1-4 hours and are
registered with a specific area, but are unreasonable to collect paperwork
for we put special SSIDs in those areas (different for each area) with
inique logins and we have the Help Desk manage the changing of the
passwords for each area on a regular, but reasonable interval and notify
the two or three groups that need them of the password of the <day, week,
hour or whatever you choose>.


Is that wireless encrypted?

Yes.  As long as authentication is in place, there's no reason NOT to
encrypt as it does not add any significant complexity, IMHO.


Is it a completely separate network / just internet access only?�

Yes.  Completely separate, and pretty much Internet only.


� 

Thanks.

� 

Jacob Barros

Network Administrator

Grace College and Seminary

jkbarros () grace edu

574-372-5100 x6178

�

Current thread:

quick poll please.. unauthenticated wireless Barros, Jacob (Apr 20)
- <Possible follow-ups>
- Re: quick poll please.. unauthenticated wireless Reyes, Esteban (Apr 20)
- Re: quick poll please.. unauthenticated wireless Jerry Sell (Apr 20)
- Re: quick poll please.. unauthenticated wireless Di Fabio, Andrea (Apr 20)
- Re: quick poll please.. unauthenticated wireless Garza, Veronica M. (Apr 20)
- Re: quick poll please.. unauthenticated wireless Kevin Schmidt (Apr 20)
- Re: quick poll please.. unauthenticated wireless Kevin Hayes (Apr 20)
- Re: quick poll please.. unauthenticated wireless Michael J. Wheeler (Apr 20)
- Re: quick poll please.. unauthenticated wireless Pettis, Frederick (Apr 20)
- Re: quick poll please.. unauthenticated wireless Sachnoff, Neil (Apr 20)
- Re: quick poll please.. unauthenticated wireless Dexter Caldwell (Apr 20)
- Re: quick poll please.. unauthenticated wireless Michael Cole (Apr 20)
- Re: quick poll please.. unauthenticated wireless Lena Helmbrecht (Apr 20)
- Re: quick poll please.. unauthenticated wireless ken lindahl (Apr 20)
- Re: quick poll please.. unauthenticated wireless David Gillett (Apr 20)
- Re: quick poll please.. unauthenticated wireless Patrick Goggins (Apr 20)
- Re: quick poll please.. unauthenticated wireless Parker, Ron (Apr 20)
- Re: quick poll please.. unauthenticated wireless Sam Hooker (Apr 21)
- Re: quick poll please.. unauthenticated wireless Jay Graham (May 03)
- Re: quick poll please.. unauthenticated wireless Daniel Bennett (May 03)
- Re: quick poll please.. unauthenticated wireless Charlie Koehler (May 03)