Educause Security Discussion mailing list archives
Re: Personal printer WIFI connectivity policy in dorm rooms
From: "Mccormick, Kevin" <ke-mccormick () WIU EDU>
Date: Wed, 11 Jul 2018 13:06:24 -0500
With the density of students in residence halls, wireless printers that broadcast their own network is an issue. Also something we do not like to see in staff offices either, but easier to deal with staff and turn off WiFi. Students and staff don't understand the technology just connect the printer with USB and don't know to turn off the WiFi. With some printers this may not be an easy or intuitive task. Like many laptops, an WiFi On/Off switch would be an excellent feature with the default state of Off. We do allow students to connect printers to the WiFi with PSK and MAC address filtering. They have to register the printers MAC address and configure the WiFi just like their other non 802.1x devices. We don't recommend them to do this if there is no way to secure printer from others printing and IP addresses are dynamic and may change. We also tell the students they should using wired connections for devices that are not mobile, and only use WiFI for phones, tablets, latops, etc... Kevin McCormick <https://www.youracclaim.com/user/kevin-mccormick> Network Administrator University Technology - Western Illinois University KE-McCormick () wiu edu | (309) 298-1335 <3092981335> | Morgan Hall 106b Connect with uTech: Website <http://www.wiu.edu/utech> | Facebook <https://www.facebook.com/uTechWIU> | Twitter <https://twitter.com/WIU_uTech> On Tue, Jul 10, 2018 at 8:17 PM, Wong, Wilson (HPS Global R&D) < wilson.wong () hp com> wrote:
Hello Frank, Curt, Rand and Andrew, This gives me the boundary condition to define the solution space. Thank you very much for sharing the insights and the implications of how solution must pivot to. Wilson Wong Master Program Manager HP Inc. *From:* The EDUCAUSE Security Constituent Group Listserv < SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Andrew Chiarello *Sent:* Tuesday, July 10, 2018 10:10 PM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* Re: [SECURITY] Personal printer WIFI connectivity policy in dorm rooms I'd like to second making WiFi Direct off by default. Every semester, we go around teaching people how to turn it off, so that it stops broadcasting interfering networks. In general, the support burden of getting printers working on the wireless network is higher than we can sustain, so we tell our students to use USB exclusively. While a few students manage to get their printers connected correctly, the vast majority of them just create problems. Andrew J. Chiarello Senior Network Engineer Bryn Mawr College achiarello () brynmawr edu (610) 526-7966 ------------------------------ *From:* The EDUCAUSE Security Constituent Group Listserv < SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Rand Hall < hallr () MERRIMACK EDU> *Sent:* Tuesday, July 10, 2018 9:55:43 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* Re: [SECURITY] Personal printer WIFI connectivity policy in dorm rooms Most educational networks won't be much different from most corporate networks. If you want to do higher-ed a solid, ship your devices to only use standard channels and have WiFi Direct disabled by default. Bonus points for making the WiFi On/Off button turn off WiFi Direct as well. Rand Rand P. Hall Director, Network Services askIT! Merrimack College 978-837-3532 rand.hall () merrimack edu If I had an hour to save the world, I would spend 55 minutes defining the problem and five minutes finding solutions. – Einstein On Tue, Jul 10, 2018 at 2:44 AM Wong, Wilson (HPS Global R&D) <wilson.wong () hp com> wrote:Hello everyone, I am a program manager for personal printers. I wish to understand theWIFI environment/policies in dorm rooms for personal printers so we can design a solution that works well in these environment.I have the following list of questions. Appreciate insights. Is a Captive Portal used to access the Wi-Fi network? Is 802.1x used for secure access to the Wi-Fi network? Is “client isolation” enabled on your Wi-Fi network, so that one clienton the network can’t access other clients directly?Do you have a policy against connecting personal printers to your Wi-Finetwork?If 802.1x is used, what type of 802.1x authentication is used. We mayneed to think about the specific question a bit more but I am thinking we could ask them two questions:Does your 802.1x authentication involve a password, a token (e.g. , USBkey), or a certificate (multiple selections allowed)Please provide the instructions you provide to students on how toconfigure access to your Wi-Fi network (e.g., a web link)Wilson Wong Master Program Manager HP Inc.
Current thread:
- Personal printer WIFI connectivity policy in dorm rooms Wong, Wilson (HPS Global R&D) (Jul 09)
- Re: Personal printer WIFI connectivity policy in dorm rooms Frank Barton (Jul 10)
- Re: Personal printer WIFI connectivity policy in dorm rooms Curt Kappenman (Jul 10)
- Re: Personal printer WIFI connectivity policy in dorm rooms Rand Hall (Jul 10)
- Re: Personal printer WIFI connectivity policy in dorm rooms Andrew Chiarello (Jul 10)
- Re: Personal printer WIFI connectivity policy in dorm rooms Wong, Wilson (HPS Global R&D) (Jul 10)
- Re: Personal printer WIFI connectivity policy in dorm rooms Frank Barton (Jul 11)
- Re: Personal printer WIFI connectivity policy in dorm rooms Curt Kappenman (Jul 11)
- Re: Personal printer WIFI connectivity policy in dorm rooms Mccormick, Kevin (Jul 11)
- Re: Personal printer WIFI connectivity policy in dorm rooms Andrew Chiarello (Jul 10)
- Re: Personal printer WIFI connectivity policy in dorm rooms Frank Barton (Jul 10)