Re: Personal printer WIFI connectivity policy in dorm rooms

["Wong, Wilson (HPS Global R&D)" <wilson.wong () HP COM>]

Hello Frank, Curt, Rand and Andrew,

This gives me the boundary condition to define the solution space.

Thank you very much for sharing the insights and the implications of how solution must pivot to.

Wilson Wong
Master Program Manager
HP Inc.

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Andrew Chiarello
Sent: Tuesday, July 10, 2018 10:10 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Personal printer WIFI connectivity policy in dorm rooms


I'd like to second making WiFi Direct off by default. Every semester, we go around teaching people how to turn it off, 
so that it stops broadcasting interfering networks.



In general, the support burden of getting printers working on the wireless network is higher than we can sustain, so we 
tell our students to use USB exclusively. While a few students manage to get their printers connected correctly, the 
vast majority of them just create problems.



Andrew J. Chiarello

Senior Network Engineer

Bryn Mawr College

achiarello () brynmawr edu<mailto:achiarello () brynmawr edu>

(610) 526-7966

________________________________
From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of Rand Hall <hallr () MERRIMACK EDU<mailto:hallr () MERRIMACK EDU>>
Sent: Tuesday, July 10, 2018 9:55:43 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Personal printer WIFI connectivity policy in dorm rooms

Most educational networks won't be much different from most corporate networks.

If you want to do higher-ed a solid, ship your devices to only use
standard channels and have WiFi Direct disabled by default. Bonus
points for making the WiFi On/Off button turn off WiFi Direct as well.

Rand

Rand P. Hall
Director, Network Services                 askIT!
Merrimack College
978-837-3532
rand.hall () merrimack edu<mailto:rand.hall () merrimack edu>

If I had an hour to save the world, I would spend 55 minutes defining
the problem and five minutes finding solutions. - Einstein

On Tue, Jul 10, 2018 at 2:44 AM Wong, Wilson (HPS Global R&D)
<wilson.wong () hp com<mailto:wilson.wong () hp com>> wrote:
> Hello everyone,
>
>
>
> I am a program manager for personal printers. I wish to understand the WIFI environment/policies in dorm rooms for 
> personal printers so we can design a solution that works well in these environment.
>
>
>
> I have the following list of questions. Appreciate insights.
>
>
>
> Is a Captive Portal used to access the Wi-Fi network?
>
> Is 802.1x used for secure access to the Wi-Fi network?
>
> Is "client isolation" enabled on your Wi-Fi network, so that one client on the network can't access other clients 
> directly?
>
> Do you have a policy against connecting personal printers to your Wi-Fi network?
>
> If 802.1x is used, what type of 802.1x authentication is used. We may need to think about the specific question a bit 
> more but I am thinking we could ask them two questions:
>
> Does your 802.1x authentication involve a password, a token (e.g. , USB key), or a certificate (multiple selections 
> allowed)
>
> Please provide the instructions you provide to students on how to configure access to your Wi-Fi network (e.g., a web 
> link)
>
>
>
>
>
> Wilson Wong
>
> Master Program Manager
>
> HP Inc.