Re: Wireless Guest Access

[Jeff Giacobbe <giacobbej () MAIL MONTCLAIR EDU>]

All-

With the recent CALEA rulings and their rather ambiguous language
regarding Higher Ed, our institution is taking a wait and see stance on
providing any kind of "guest" access to the Internet from our campus
wired or wireless networks.

The key issue with CALEA as it applies to Higher Ed seems to center
around the definition of "private" vs. "public" networks (with private
networks being outside the purview of CALEA regulations) It is not clear
(at least to me) whether an institution that provides access to the
Internet for individuals not directly affiliated with that institution
is or is not bound by CALEA.

Attached is a CALEA Update email that Mark Luker, VP of EDUCAUSE sent to
the EDUCAUSE-PRIMARY list last month.  Your mileage may vary, but I
recommend checking into this before implementing any kind of guest
access from your campus network to the Internet.

Regards,

Jeff Giacobbe
Director of Systems, Security, and Networking
Montclair State University


Steve Lovaas wrote:
> We solve this in two ways:
>
> 1) If the parent/potential student is visiting as part of an established
> program (like orientation), then the sponsoring organization can include
> a guest login as part of the materials they get at check-in.
>
> 2) For individual visitors with no sponsor ("just looking, thanks")
> there are web-only kiosks in the student center that require no login,
> as well as terminals in the library. No wireless, but at least they can
> check their web mail.
>
> As for the risks, we feel that we need at least some level of
> accountability. If a non-login kiosk misbehaves, we can re-evaluate
> offering such services. Other than that, whether it's an automated
> process or a manual tracking (like a sign-in sheet at the library or a
> sponsor's list of conference attendees), we need to be able to get to
> the source PC/user in the case of legal entanglements.
>
> Steve Lovaas
> Colorado State
>
> Matt Arthur wrote:
> <snip>
> > > It sounds like most of you are doing some kind of 'sponsored' guest
> > > access (which is what we do for our current system), but how do parents
> > > and prospective students find someone to 'sponsor' them?
> > >
> > > And, do you think (assuming the technical security problems are taken
> > > care of) there is large political (or legal) risk in simply allowing
> > > folks to come in and use a non-login guest account?
> > >
> > > Thanks,
> > > Matt
> > >
> > > Matthew K Arthur, CISSP
> > > Director, NTS-Enterprise Networks
> > > Washington University in St. Louis
> > > W: 314.935.7388, F:314.935.7142
>
>
> --
> ==============================================================
> Steven Lovaas, MSIA, CISSP
> Network & Security Resource Manager
> Academic Computing & Network Services
> Colorado State University
> 970-297-3707
> Steven.Lovaas () ColoState EDU
> ==============================================================
> --- Begin Message ---
>
>
> From: educause <educause () EDUCAUSE EDU>
>
> Date: Fri, 25 Aug 2006 09:55:51 -0600
>
> Colleagues,
>
> I wish to draw your attention to a new overview of CALEA in higher
> education that concludes that THE GREAT MAJORITY OF OUR INSTITUTIONS OF
> HIGHER EDUCATION ARE EXEMPT FROM CALEA REQUIREMENTS AND THEREFORE NEED
> NOT TAKE ADDITIONAL STEPS REQUIRED BY CALEA AT THIS TIME.
>
> Of course, higher education remains fully committed to assisting law
> enforcement with lawful intercepts under other existing legislation.
> Prepared by the EDUCAUSE Network Policy Council (NPC), the new letter
> may be found at
> http://www.educause.edu/ir/library/pdf/EPO0656.pdf
>
> Another document, prepared by the Chair of the EDUCAUSE CALEA Technical
> Committee, explains some of the technical considerations that go into
> this judgment. It may be found at
> http://www.educause.edu/ir/library/pdf/CSD4607.pdf
>
> Together, these documents provide a framework as well as additional
> detail for discussions of this important topic. For an extensive
> collection of related documents including the ACE overview, see
> http://www.educause.edu/calea
>
> ********************************************************************
> PLEASE NOTE
> Neither the NPC nor EDUCAUSE are providing legal advice on these
> issues. It is important that campus leaders work with their own legal
> counsel to interpret all of the information presented in this note and
> its attachments in the context of their own campus.
> *********************************************************************
>
> Best wishes,
>
> Mark Luker
> Vice President
> EDUCAUSE
>
> **************************************************
> You are receiving this message because you are the primary
> representative at an EDUCAUSE member institution. For questions, contact
> EDUCAUSE at <info () educause edu> or 4772 Walnut St., Suite 206, Boulder,
> CO, 80301.
>
> **************************************************
> EDUCAUSE is a nonprofit association whose mission is to advance higher
> education by promoting the intelligent use of information technology.
> The current membership comprises more than 2,000 colleges, universities,
> and educational organizations, including 200 corporations, with 15,000
> active members. EDUCAUSE has offices in Boulder, Colorado, and
> Washington, D.C. Learn more at http://www.educause.edu
>
> --- End Message ---