Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Guest wireless access at University Conference Centers
From: Brenda B Gombosky <brenda.gombosky () LOUISVILLE EDU>
Date: Wed, 19 Sep 2007 09:46:26 -0400

We do much the same thing - we have a web app  that Faculty or Staff (no students) can request a sponsored Wireless 
account for up to 7 days for an individual.  However, this is not secured, we set it up via the guests MAC address.  
Cal, is your guest access secure. 
Brenda B. Gombosky, CISSP, CISM, CHSP
Director, Information Technology
University of Louisville
Miller IT Center, Room 109
Louisville, KY 40292

Cal Frye <cjf () CALFRYE COM> 9/18/2007 4:26 PM >>>
Brinkman, Kathleen B. Ms. wrote:
Tagging onto this thread (I checked the archives and see 12/2006
threads on "open access to student labs" and "public access library
ports", but don't see other threads on specific vendor solutions in
support of guest access in a 'private network' sense).

Does anyone have information on a vendor-provided solution to manage
guest accounts?  We plan to implement across campus, as Virginia Tech
seems to have done.  I like the VA Tech system's ability for a guest
to create their own account and request departmental approval ---
that off-loads some of the setup to the person requesting access.

We use Cisco Clean Access and can feed the accounts to CCA, once
created.  I had planned to manage them elsewhere, in a system
designed for that.

Kathie Brinkman Director, Support Services IT Services Miami
University Oxford, Ohio

Hi, neighbor!
We wrote a little web utility that someone with OC credentials (student,
staff, faculty) can use to create a "sponsored account" for a guest,
with limited lifetime. Those accounts have a flag attribute set in our
SunOne LDAP directory indicating their status, expiration, and person
responsible for creation. We use Clean Access to authenticate against
LDAP, and if the sponsored attribute is set, the user is sent into our
sponsored role, which times out in 24 hours, has only limited access to
on-campus resources, etc. etc.

Ping me offline if you want to talk to the development team about this.

-- Cal Frye, Network Administrator, Oberlin College

   www.calfrye.com,  www.pitalabs.com 

"When one party is shameless, the other can't afford to be spineless."
-- Julian Bond.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]