Educause Security Discussion mailing list archives
Re: Wireless Guest Access
From: Joe St Sauver <joe () OREGON UOREGON EDU>
Date: Thu, 28 Sep 2006 10:23:33 -0700
Hi,
We've had a guest wireless access plan in place for about a year now. The guests have to be "sponsored" by a University dept. The sponsor controls when they have access to the net (day, time of day). We don't restrict where they go once they connect. They do have to login to connect to the net so we have an audit trail.
Any concerns about guest access to faculty/staff/student-only licensed proprietary content or proprietary software? I've seen a number of instances where access to those sort of resources is controlled *not* by a formal AAA system that tracks roles and controls access on a granular basis, but simply by CIDR netblock (or heaven forfend, by rDNS). Thus, if a guest gets access to the network, say for reading their email back home or surfing the web, they also get access to all the institutionally-licensed goodies, too. I suppose you could probably require guests to agree not to access stuff they're not supposed to access as a condition of logging on, but defining precisely what that might be might only serve to highlight those licensed resources and provide a sort of "shopping list" for those of dubious integrity. Oh yes: and just to save folks the trouble of writing, yes, obviously this is *not* a new problem unique to wireless guest access deployments (for example, it has always been a problem which has existed for open wired jacks in publicly accessible spaces, or for residential network connections that end up shared with friends who aren't currently attending the institution, just to mention a couple of well known scenarios). Regards, Joe
Current thread:
- Wireless Guest Access Matt Arthur (Sep 28)
- <Possible follow-ups>
- Re: Wireless Guest Access Randy Marchany (Sep 28)
- Re: Wireless Guest Access HALL, NATHANIEL D. (Sep 28)
- Re: Wireless Guest Access Christopher Misra (Sep 28)
- Re: Wireless Guest Access Steve Lovaas (Sep 28)
- Re: Wireless Guest Access Geoff Nathan (Sep 28)
- Re: Wireless Guest Access Joe St Sauver (Sep 28)
- Re: Wireless Guest Access Matt Arthur (Sep 28)
- Re: Wireless Guest Access Steve Lovaas (Sep 28)
- Re: Wireless Guest Access Jeff Giacobbe (Sep 28)
- Re: Wireless Guest Access Koerber, Jeff (Sep 28)
- Re: Wireless Guest Access Geoff Nathan (Sep 29)