Re: Wireless Networks - to hide or not to hide

[Thomas Carter <tcarter () AUSTINCOLLEGE EDU>]

We have a similar set up – both a WPA2 SSID and an unsecure SSID are broadcast across campus. Both require device 
registration utilizing our PacketFence deployment. We try to communicate the importance of using the encrypted network 
where possible.

Thomas Carter
Network and Operations Manager
Austin College
903-813-2564
[cid:image001.gif@01CF7058.1B849360]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of T. 
Shayne Ghere
Sent: Wednesday, May 14, 2014 1:04 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Wireless Networks - to hide or not to hide

Hello Anne,

We do have an open SSID that the students can connect to; however they need to be registered with our own home grown 
registration system.  If they aren’t registered, they can try as much as they want, but cannot connect to it even if 
they hard code the IP/DNS information in.

We made this decision about 2 years ago after we had tested it internally for about 10 weeks.  We even had students 
come in with their own devices and try to get on that SSID, but they were never successful so we felt it safe to roll 
it out.  We’re a complete Cisco Shop, so things might be different on your end, but at one point it was hidden and we 
had the same issues trying to keep things connected to hidden SSID’s.

We won’t support anything registered on this network because it’s a BYOD network, so if you’re using it and having 
problems, we’re not going to troubleshoot it for you.

Take care
Shayne

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Ian McDonald
Sent: Wednesday, May 14, 2014 11:54 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Wireless Networks - to hide or not to hide

Hi,

We simply don't support anything that won't connect to the enterprise network (we are an enterprise, after all).

I note that there are devices in your list which will connect to an enterprise network (raspberry pi for example), and 
others that would be better suited to be on a wired connection..


Thanks

--
ian

Sent from my phone, please excuse brevity and misspelling.
________________________________
From: Wood, Anne (wood)<mailto:wood () JUNIATA EDU>
Sent: ‎14/‎05/‎2014 17:34
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Wireless Networks - to hide or not to hide
Hi,

Our Campus Technology Services group has been testing in-house solutions that use wireless devices that do not connect 
to WPA2-Enterprise networks, such as Apple-Tvs, Rokus, Raspberry Pis, Ubiquiti power/monitoring controllers, etc.  We 
initially set up a test hidden ssid using Mac address filtering to get a sense for how these devices might be connected 
to our wireless network without causing additional confusion and/or curiosity within our user community.  We are 
finding that several of these devices are not able to maintain reliable connections to a hidden ssid and I have been 
asked to unhide this network.

I am curious if others have made decisions on supporting these types of wireless devices on their networks, why those 
decisions have been made (to support or not), and any advice that may offered to help guide my decision.

Thanks so much!
Anne


Anne M. Wood
Assistant VP & CIO
Juniata College



CONFIDENTIALITY NOTICE: The materials in this electronic mail transmission (including all attachments) are private and 
confidential and are the property of the sender. The information contained in the material is privileged and is 
intended only for the use of the named addressee(s). If you are not the intended addressee, be advised that any 
unauthorized disclosure, copying, distribution or the taking of any action in reliance on the contents of this material 
is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to 
the e-mail, and then destroy it immediately. Thank you.