Educause Security Discussion mailing list archives

Re: Eduroam and Student Usage

From: Dexter Caldwell <dexter.caldwell () FURMAN EDU>
Date: Wed, 27 Aug 2014 12:50:32 +0000

We do not yet have this issue, though we’ve anticipated a similar issue with a change in how we plan to implement guest 
wireless.  There are a few ways to options for managing this- enforce NAC on eduroam SSIDs (recommended), limit 
bandwidth usage on eduroam ssid’s, allow access only non-employee and non-student accounts access to it, limit 
hours/lifetime of account access or provide other incentives to be on the internal network (noticeabily more bandwidth, 
less NAC requirements, access to internal resources that roamers cannot get, printing, data resources, etc).  Rememeber 
if you’re using a lot of cloud services, then the number of things they actually need to come into your network for may 
be dimished thereby reducing the value of limiting access to internal resources.  Much of this assumes that your 
eduroam users can safely be treated as regular guests which may or may not be the case in some scenarios if it wasn’t 
designed and advertised that way from the start.


Dexter Caldwell
Dir. Systems & Networks
Information Technology Services
Furman University
3300 Poinsett Hwy
Greenville, SC 29613
email: dexter.caldwell () furman edu<mailto:dexter.caldwell () furman edu>
office: 864-294-3566
facsimile: 864-294.3001

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roger A 
Safian
Sent: Tuesday, August 26, 2014 12:05 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Eduroam and Student Usage

We don’t treat Eduroam any differently than other SSID’s.  We have the ability to quarantine on any of them.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Pardonek, Jim
Sent: Tuesday, August 26, 2014 10:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Eduroam and Student Usage

I am sorry if this has been discussed before, but we have recently turned up and eduroam ssid on campus and have 
noticed a mass exodus from our secured (with NAC) ssid over to eduroam where we are not posturing computers.  We have 
our normal concerns such as being able to quarantine a DMCA offender or a computer with malware until we can find it 
and get it cleaned, etc.

If you are an eduroam school I would be interested in what you are doing do discourage or prevent students or even 
faculty/staff from using it in lieu of the secured ssid.

I apologize for bothering the non-eduroam schools. 

Jim

James Pardonek, MS, CISSP, CEH
Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

•: (773) 508-6086

Current thread:

Eduroam and Student Usage Pardonek, Jim (Aug 26)
- Re: Eduroam and Student Usage Roger A Safian (Aug 26)
  - Re: Eduroam and Student Usage Eme Ejike (Aug 26)
  - Re: Eduroam and Student Usage Dexter Caldwell (Aug 27)
- Re: Eduroam and Student Usage Robert Winding (Aug 26)
- Re: Eduroam and Student Usage Julian Y Koh (Aug 27)
- Re: Eduroam and Student Usage Mark Borrie (Aug 27)
  - Re: Eduroam and Student Usage Michael Hodges (Aug 27)
- Re: Eduroam and Student Usage David LaPorte (Aug 28)
- Re: Eduroam and Student Usage Bill Kyle (Aug 28)