Re: Guest wireless restrictions

[Patrick Gorsuch <patrick.gorsuch () GALLAUDET EDU>]

Well, this is the "guest" access, right?  How much convenience 
(compromise?) should be provided before we'd really like to know a 
little more about our new friends?

When the ugly details that Derek notes so rudely make themselves known, 
have your Plan B ready to go.  In this case, a Sponsored Guest solution 
(as has been mentioned earlier in this thread or even a 
self-registration solution) for the semi-regular visitor that's here for 
a University purpose beyond keeping under their AT&T data limit.

I can dig the idea of wanting to come close to that elusive, perfect 
configuration that meets everyone's needs, desires, and wildest dreams.  
But at some point it becomes mental .. er, stimulation, and I've really 
got bigger things to consider than making sure every drop-in guest has a 
fluffed pillow.

- Pat

Patrick N. Gorsuch
Manager, Networks and Information Security
Gallaudet University
patrick.gorsuch () gallaudet edu

On 4/30/2013 12:26 PM, Derek Diget wrote:
> On Apr 29, 2013 at 10:19 -0400, David Curry wrote:
<snip>
> So how can you really restrict "no plaintext" on protocols/ports that
> implement a STARTTLS type command?  OK, there might be some firewalls
> that can do it, but it brings back memories of PIX's fixup problems.
> Not ones that I would want to relive.