[SECURITY]

[Nathaniel Hall <educause-lists () NATHANIELHALL COM>]

On 03/11/2011 10:27 AM, HOGGATT, ANDY F. wrote:
> Has anyone else received any other reports similar to this and has 
> anyone come up with a solution to help remedy the situation?  Any and 
> all feedback would be welcome.

> Andy Hoggatt
>
> Ozarks Technical Community College
>
> Interim Network Security Systems Administrator

Andy,

In my opinion this is more of a policy issue than a technical one.  
While the system you are using does allow you to limit the number of 
devices on a per user basis the idea behind the limit was to prevent 
users from sharing their credentials and allowing everyone to connect to 
the network at the same time with the same credentials.  It was in no 
way a perfect solution.  I don't believe NAC would even help because the 
system itself would be authenticated and any traffic would appear to 
come from the authenticated system.

In my opinion you are already covered from a legal standpoint because 
you 1) require users to authenticate to the wireless network and 2) are 
able to relieve the school of any wrongdoing because you are able to 
trace a connection back to a specific computer.  If the user decided to 
provide others Internet access via their computer then the 
responsibility is passed to the user providing the access.  This is no 
different than how MOREnet handles complaints.  They receive the 
complaint and pass it to you.  You receive the complaint and you would 
pass it to the person you trace the IP to.

Nathaniel Hall
Former Network Security Systems Administrator at OTC

--
Nathaniel Hall

I am many things, but I am not a laywer, accountant, or agent of the federal, state, or local government.