Educause Security Discussion mailing list archives
Guest network access and content filtering
From: Bill Kyle <bill.kyle () JHU EDU>
Date: Fri, 18 Apr 2008 15:05:12 -0400
Here at Johns Hopkins we have deployed guest wireless access across our university and medical campuses. It was implemented to provide Internet access to patients, vendors and other Hopkins' guest. The wireless networking team implemented it as an open unsecured network. They use Cisco Clean Access to require users to accept an acceptable use policy and to control the allowed ports and protocols. There is no user identification required. It is an entirely anonymous network as implemented. We do dump guest users directly to the Internet outside of our perimeter firewalls. We do have Websense for content filtering of all guest web traffic. This is to reduce Hopkins' risk exposure because of underage patients and any underage visitors to other campuses. Also, we block access to some other categories blocked to make the guest network less desirable to neighbors to use Hopkins as their ISP. We designed the content filtering policy to be consistent across all four campuses to allow fail over of the filter engines and to make administration easier. We are now receiving complaints from a Dean at the University about restricting access to some of the categories. If you do content filtering, how do you handle guest access? -- Sincerely, Bill Kyle Network Security Engineer II 410.516.3364 Johns Hopkins Network Security Johns Hopkins University and Medical Institutions "War makes war, it won't bring peace It just makes more, without cease" - John Gorka
Current thread:
- Guest network access and content filtering Bill Kyle (Apr 18)