Educause Security Discussion mailing list archives
Re: Eduroam and Student Usage
From: Dexter Caldwell <dexter.caldwell () FURMAN EDU>
Date: Wed, 27 Aug 2014 12:50:32 +0000
We do not yet have this issue, though we’ve anticipated a similar issue with a change in how we plan to implement guest wireless. There are a few ways to options for managing this- enforce NAC on eduroam SSIDs (recommended), limit bandwidth usage on eduroam ssid’s, allow access only non-employee and non-student accounts access to it, limit hours/lifetime of account access or provide other incentives to be on the internal network (noticeabily more bandwidth, less NAC requirements, access to internal resources that roamers cannot get, printing, data resources, etc). Rememeber if you’re using a lot of cloud services, then the number of things they actually need to come into your network for may be dimished thereby reducing the value of limiting access to internal resources. Much of this assumes that your eduroam users can safely be treated as regular guests which may or may not be the case in some scenarios if it wasn’t designed and advertised that way from the start. Dexter Caldwell Dir. Systems & Networks Information Technology Services Furman University 3300 Poinsett Hwy Greenville, SC 29613 email: dexter.caldwell () furman edu<mailto:dexter.caldwell () furman edu> office: 864-294-3566 facsimile: 864-294.3001 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roger A Safian Sent: Tuesday, August 26, 2014 12:05 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Eduroam and Student Usage We don’t treat Eduroam any differently than other SSID’s. We have the ability to quarantine on any of them. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Pardonek, Jim Sent: Tuesday, August 26, 2014 10:48 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Eduroam and Student Usage I am sorry if this has been discussed before, but we have recently turned up and eduroam ssid on campus and have noticed a mass exodus from our secured (with NAC) ssid over to eduroam where we are not posturing computers. We have our normal concerns such as being able to quarantine a DMCA offender or a computer with malware until we can find it and get it cleaned, etc. If you are an eduroam school I would be interested in what you are doing do discourage or prevent students or even faculty/staff from using it in lieu of the secured ssid. I apologize for bothering the non-eduroam schools. Jim James Pardonek, MS, CISSP, CEH Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 •: (773) 508-6086
Current thread:
- Eduroam and Student Usage Pardonek, Jim (Aug 26)
- Re: Eduroam and Student Usage Roger A Safian (Aug 26)
- Re: Eduroam and Student Usage Eme Ejike (Aug 26)
- Re: Eduroam and Student Usage Dexter Caldwell (Aug 27)
- Re: Eduroam and Student Usage Robert Winding (Aug 26)
- Re: Eduroam and Student Usage Julian Y Koh (Aug 27)
- Re: Eduroam and Student Usage Mark Borrie (Aug 27)
- Re: Eduroam and Student Usage Michael Hodges (Aug 27)
- Re: Eduroam and Student Usage David LaPorte (Aug 28)
- Re: Eduroam and Student Usage Bill Kyle (Aug 28)
- Re: Eduroam and Student Usage Roger A Safian (Aug 26)