Main Nav

Those of you that host conferences, how do you handle guest WLAN access for the conference attendees and presenters? I've checked the guest access pages from several edu's but they only mention sponsored guest access and really don't address a conference. We are in the process of separating our medical schools from our hospital. They have had their own methods of supplying guest access which in my view is not very secure nor does it make anyone accountable for usage. We struggle with having a set of conference IDs that we recycle and change the passwords on after every conference. We were thinking that since we have to address this at our med schools, we may want to look at our conference guest access for the whole university.
 
Sorry about the cross posting
 
Thanks,
 
Jim
 
 
James Pardonek, CISSP, CEH
Information Security Officer
Loyola University Chicago 
1032 W. Sheridan Road | Chicago, IL  60660

(
: (773) 508-6086
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

We do the what appears to be done at any conference we would attend, we assign a temporary conference login and password. It has never caused a security problem. You can limit the access to your local network if you are concerned about that. We’ve considered doing more but realized that it adds a burden to ourselves,  to those running the conference, as well as the attendees that isn’t justified by the potential benefits.

Pete Morrissey

 

Message from dannyeaton@rice.edu

When wireless was installed across the campus 7 or so years ago, our direction was to make guest wireless easy to understand, use, and ubiquitous.  So, we have a guest SSID that is similar to what you’d see at a hotel – open your laptop, connect to the “Visitor” network, then open your web browser, agree to the Acceptable Use Policy (no SPAM, no file sharing, etc), and you’re on.  We obviously can track MAC addresses, and for any DMCA violation letter we get that tracks back to a visitor MAC, we essentially block them from any wireless network, until they contact IT for remediation. 

 

We create guest accounts on request from a sponsor.  Each guest account is limited to a specific number of registrations, anywhere between 1 and 1000.  Every account gets an expiration date, generally they last 2 weeks or less.

Clients who use the guest account are required to enter their name, phone number, and email address.  Sometimes we get the Easter Bunny signing up but typically folks enter reasonable values.

I've been contemplating an approach like yours but I'm concerned it won't meet the requirements for CALEA exemption. 

-- Matt Richard '08 Access and Security Coordinator Information Technology Services Franklin & Marshall College matt.richard@fandm.edu
On 6/13/12 8:27 AM, Danny Eaton wrote:

When wireless was installed across the campus 7 or so years ago, our direction was to make guest wireless easy to understand, use, and ubiquitous.  So, we have a guest SSID that is similar to what you’d see at a hotel – open your laptop, connect to the “Visitor” network, then open your web browser, agree to the Acceptable Use Policy (no SPAM, no file sharing, etc), and you’re on.  We obviously can track MAC addresses, and for any DMCA violation letter we get that tracks back to a visitor MAC, we essentially block them from any wireless network, until they contact IT for remediation. 

 

Message from peter.charbonneau@williams.edu

We have a special VLAN attached to our Guest SSID that has a number of constraints in place ...

1.  Using our bandwidth shaper, we drop all P2P traffic for this VLAN
2.  Using our firewall capabilities, we limit TCP, UDP and Embryonic connections
3,  That VLAN is not allowed to make DNS connection queries outside of our network space except to Google's DNS or to OpenDNS
4.  We use CUPS and PaperCut, if if people want to print, then they need to purchase a print card from the Library staff who have them available
5.  We have L2 ACL entries that keep machines in that VLAN from talking to other VLANs

In the future, we will be using PacketFence's capabilities to create wireless access tokens that will be good for 24/48/?? hour access.  Currently, the U/P for summer conference wireless access is provided by the conference office for the attendees.

With respect to the presenters, we assign them a Guest username and password that exists in LDAP.  Printing restrictions sort of apply, but they have slightly more privs than the attendees.

P


Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.