+ Post New Thread
Page 1 of 6 12345 ... LastLast
Results 1 to 15 of 85
How do you do....it? Thread, Bring your own device the future? in Technical; Simple question really, we have setup all our systems ready for BYOD "bring your own device". - Guest wireless network ...
  1. #1
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,762
    Thank Post
    897
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    86

    Bring your own device the future?

    Simple question really, we have setup all our systems ready for BYOD "bring your own device".

    - Guest wireless network
    - 100mbit Internet line
    - Transparent Proxy filtering (coming soon)
    - VLAN

    I'm happy enough with the technical side of things now.

    But how do schools do it in real life? Does anyone actually allow this in school?

    How do you manage and monitor it?

    Its such a huge change I'm struggling to get my head around the implications.

  2. #2
    Jamo's Avatar
    Join Date
    Jan 2009
    Posts
    1,349
    Thank Post
    66
    Thanked 175 Times in 147 Posts
    Rep Power
    60
    We had a look at virtual desktop for this as it would be perfect, own device, but managed system. But unfortunately the licencing is a nightmare, requiring each device, which isn't yours, to have a VDA licence purchased for it even if you have EES or equivalent. Has been parked for now!

  3. #3
    kernewek-sam's Avatar
    Join Date
    Sep 2010
    Location
    UK
    Posts
    264
    Thank Post
    66
    Thanked 50 Times in 46 Posts
    Rep Power
    67
    Quote Originally Posted by zag View Post
    But how do schools do it in real life? Does anyone actually allow this in school?

    How do you manage and monitor it?
    We do this, though we run a netbook scheme which they can be purchased though the school. Access to their user area, VLE is done through the school website. To monitor this when they open IE etc they have to sign in to the proxy using their AD creds, this means that what they can browse is filtered as would be on any PC in the school.

  4. #4

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,328
    Thank Post
    622
    Thanked 1,578 Times in 1,415 Posts
    Rep Power
    413
    I'm still trying to get my head around this at the moment.

    Do I run 3 wireless SSID's

    Main School Wireless - School owned and controlled devices only, full access to domain etc....
    BYOD - Staff/Student owned devices, Smoothwall SSL login page to get customised filtering level, possible access to school resources file servers etc...
    Guest - Unknown "dirty" guest devices, Internet access only, draconian web filtering

    Or do I run the school one and the guest one to make it simpler?

    To support the guest wireless on the current infrastructure but seperate it using vlans is this what I need to do:

    Core switch HP 4108GL - At the moment the test WAP plugs into this but to support the guest wireless around the site all the switches would need to be setup to support the guest vlan.

    Wireless Access Point - Main wireless SSID for school devices, Guest SSID, vlan set to 3 (guest), switch port that WAP is connected to tagged with vlan 3

    DHCP Server for guest devices - Virtual machine running a dhcp server to give ip addresses etc... to guest devices, virtual nic tagged with vlan 3, switch port that virtual host connects to tagged with vlan 3.

    Smoothwall SWG-1200 - different nic port from main school network configured with vlan 3, switch port tagged with vlan 3, transparent proxy running.

    Ben

  5. #5
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,762
    Thank Post
    897
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    86
    Quote Originally Posted by plexer View Post
    I
    BYOD - Staff/Student owned devices, Smoothwall SSL login page to get customised filtering level, possible access to school resources file servers etc...
    Guest - Unknown "dirty" guest devices, Internet access only, draconian web filtering

    Or do I run the school one and the guest one to make it simpler?
    Yep we've gone down the route of only offering 1 guest network that anyone can access. My problem is how do I manage it?

    As soon as I give out the user and password for the web guest page, it will spread like wildfire around the school.

  6. #6
    maark's Avatar
    Join Date
    Feb 2006
    Location
    leicester
    Posts
    470
    Thank Post
    90
    Thanked 73 Times in 65 Posts
    Rep Power
    38
    As plexer says best way is probably something like Smoothwall SWG-1200 with transparent proxy for the guest Vlan - you can have open access but force them to login with active directory username and password via smoothwall settings.
    Will be setting it up here soon.

  7. #7
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,762
    Thank Post
    897
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    86
    Am I to take it from the responses that no one here is doing BYOD in their school yet?

    I've noticed in Australia and New Zealand this is quite common, any ideas what it hasn't become popular over here?

  8. #8
    36Degrees's Avatar
    Join Date
    Jan 2010
    Location
    Nottingham
    Posts
    1,055
    Thank Post
    165
    Thanked 151 Times in 122 Posts
    Rep Power
    52
    We're kinda sorta looking at it, but only in the context of allowing 6th Form students to use their laptops in the Common Room.

  9. #9
    Jamo's Avatar
    Join Date
    Jan 2009
    Posts
    1,349
    Thank Post
    66
    Thanked 175 Times in 147 Posts
    Rep Power
    60
    Yeah we wanted to do the same, we don't have any access for students to their files on the network at the moment, virtual desktop was our stab at it but MS and their licencing soon stopped that one!!

  10. #10
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,762
    Thank Post
    897
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    86
    Quote Originally Posted by 36Degrees View Post
    We're kinda sorta looking at it, but only in the context of allowing 6th Form students to use their laptops in the Common Room.
    This is exactly our plan as well.

    Problem is stopping all the other students connecting their mobile devices!!

  11. #11
    Jamo's Avatar
    Join Date
    Jan 2009
    Posts
    1,349
    Thank Post
    66
    Thanked 175 Times in 147 Posts
    Rep Power
    60
    Quote Originally Posted by zag View Post
    This is exactly our plan as well.

    Problem is stopping all the other students connecting their mobile devices!!
    Yeah our IAS server was getting loads of weird requests from peoples mobile phones! We stopped using PEAP-MS-Chap a while back as we moved to certificate auth. Since then we now get loads of denied access requests which made me think that some policies had failed somewhere along the line! Turns out some crafty students had worked out you could connect with their username and passwords

  12. #12

    Join Date
    Jan 2012
    Posts
    28
    Thank Post
    1
    Thanked 5 Times in 5 Posts
    Rep Power
    6
    We are also in the first steps of looking at this but are wondering were schools will stand with regards to PAT Testing.
    Last edited by Kenny_G; 10th October 2012 at 10:11 AM.

  13. #13


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by zag View Post
    Am I to take it from the responses that no one here is doing BYOD in their school yet?
    We have a BYOD program. 500+ user owned devices. It is mandatory for 6th formers to bring in their own device.

  14. #14
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,762
    Thank Post
    897
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    86
    Quote Originally Posted by CyberNerd View Post
    We have a BYOD program. 500+ user owned devices. It is mandatory for 6th formers to bring in their own device.
    Fantastic, finally found someone whos done it Tell me more please:

    How well does it work?
    How do you monitor the devices?
    Does it cause any strain on your normal network
    What do you do about legal requests, file sharing ect
    How does the filter work?

  15. #15

    Join Date
    Nov 2009
    Location
    Manchester
    Posts
    1,049
    Thank Post
    6
    Thanked 199 Times in 179 Posts
    Rep Power
    52
    Surely the licensing issue would depend entirely on how the user is connecting? If I were going to offer BYOD i think i would be tempted to actually really offer RDS Session based, which would make the licensing less complicated.

    If the BYOD are connecting fully, they the CALs are different again. If the BYOD are using VDI pools then you need different licensing again, but this is a strangely grey area again and you will probably get different answers from different specialists.

SHARE:
+ Post New Thread
Page 1 of 6 12345 ... LastLast

Similar Threads

  1. Bring Your Own Device - Accessing Documents
    By MyBrainHurts in forum Wired Networks
    Replies: 7
    Last Post: 30th May 2012, 02:02 PM
  2. Bit of help with setting up Bring Your own devices
    By alfatec in forum Internet Related/Filtering/Firewall
    Replies: 5
    Last Post: 1st February 2012, 12:03 PM
  3. Bring your own device? Do you log which sites are visited?
    By kennysarmy in forum Internet Related/Filtering/Firewall
    Replies: 12
    Last Post: 24th January 2012, 08:05 PM
  4. Students bringing their own devices in
    By stevenr in forum How do you do....it?
    Replies: 3
    Last Post: 23rd August 2010, 09:12 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •