Educause Security Discussion mailing list archives
Re: unauthenticated network access
From: Steve Lovaas <steven.lovaas () COLOSTATE EDU>
Date: Wed, 3 May 2006 08:23:44 -0600
Justin, This is absolutely the right place for your question! We've created a guest VLAN that has access only to the Internet on a very limited number of ports (web, mail, vpn, dns, etc), and we can either trunk this VLAN to a particular wired port or associate it with a secondary guest SSID for wireless. We've put together a self-service Web site for authorized staff users to request guest IDs for visitors/contractors/conference attendees, and scripted the addition of these IDs into a separate RADIUS server that authenticates these users. This is not quite live, but it's almost ready and we have high hopes that we can balance the increasing need for unaffiliated guest access to basic Web services with our need for security and accountability. Thanks for asking! Steve Lovaas Colorado State University Justin Sipher wrote:
Hello all. I considered where to post this question and decided on the EDUCAUSE Security list.
<snip>
I hope you feel this falls close enough to "security" to warrant the post on this list. Thanks all. ...Justin _______________________________________________________ Justin Sipher Chief Technology Officer Skidmore College Saratoga Springs, NY jsipher () skidmore edu 518-580-5909 _______________________________________________________
-- ============================================================== Steven Lovaas, MSIA, CISSP Network & Security Resource Manager Academic Computing & Network Services Colorado State University 970-297-3707 Steven.Lovaas () ColoState EDU ==============================================================
Current thread:
- unauthenticated network access Justin Sipher (May 03)
- <Possible follow-ups>
- Re: unauthenticated network access Steve Lovaas (May 03)
- Re: unauthenticated network access Gary Flynn (May 03)
- Re: unauthenticated network access Randy Grimshaw (May 03)