+ Post New Thread
Results 1 to 4 of 4
Wireless Networks Thread, Managed Wireless and BYOD in Technical; Hi, I've been asked to look into a managed wireless network complete with BYOD for staff, visitors and probably pupils. ...
  1. #1

    Join Date
    Feb 2009
    Suffolk, UK
    Thank Post
    Thanked 1 Time in 1 Post
    Rep Power

    Managed Wireless and BYOD

    Hi, I've been asked to look into a managed wireless network complete with BYOD for staff, visitors and probably pupils.

    I've been asked to sort this by the end of the week!

    We're a small school using AD running on server 2008.

    Few questions if I may which may have been covered across various other threads but I'm on a really short deadline here.
    Not that I'm expecting to get an order in by Friday.

    Ok, we're looking at Meru but Ruckus also looks good. I've not the time to trial them obviously!

    We use a proxy for connection. Currently we run a PAC file to determine if a users laptop is in or out of school - will a managed wireless system add the proxy to the device for me?
    I'm a little lost for BYOD, how are the proxy settings applied to the various bits of kit that might come in?
    Our proxy has four ports for differing filters and use at least three of them. We are a SEN school with pupils aged from 5 to 16. How do I implement the correct port in the proxy given for suitable filtering? All our filtering is through the ISP (LEA)

    If a member of staff brings in their own tablet or laptop can I give them access to their home folder and any network shares?
    Same with a pupil?

    Is there anything else we should be thinking about when setting this up?
    I've seen a lot of mention of using smoothwall with BYOD, is this a must have? Not sure we can afford that as well as the BYOD

    We currently have an old 3com setup which works but the switch does crash from time to time. Currently we've very few clients accessing it - but there's talk of more mobile devices being purchased so that number should grow.

    I've had a good quote for a Meru solution but that will pretty much max out the budget.
    Quote includes controller, APs and installation.
    Bit concerned we may purchase all this just to find there are problems and more kit / software we need to be running?

    Thanks for any advice

  2. #2
    stevenlong1985's Avatar
    Join Date
    Apr 2008
    Thank Post
    Thanked 107 Times in 72 Posts
    Rep Power
    Hey @klop
    I was in a course yesterday about this, and in a nut shell, Don't do it.
    I'm gonna rush and write this out, I'm a bit busy today, so sorry in advance for miss spelling or bad grammar.

    Its way too much work for BYOD,

    Things to think about:


    Software compatibly. you might be all running windows 7 and office 2010/13 but someone might be running windows xp and office 2003 or Apple or Android

    I don't think PAC files wont work on apple or Android
    Proxy settings don't always work with android, you can use the browser but cant use certain apps.
    you need a transparent proxy, which I'm yet to figure it out.

    2. Security
    how do you know that a laptop/ devices has the a good anti-virus, or is the laptop already infected.

    how do you insure highly confidential documents are kept on the school network and not stored on a non encrypted laptop/ device

    3. products. Some children are going to bring in a cheap device from Argos.

    4. Network. How many devices can your network handle? as a teacher could be using up to 3 devices, Phone, table and laptop.
    Your network will need be able to support a ever growing of wireless devices

    5. Work load. You are going to be configuring everyone devices!

    6. Its going massively change a lessons. its could be a good thing or a nightmare as there no "Standardization"
    the only thing to keep everything Standardization is the application or program, has to be a Web base application as nearly all devices can support it via web-browser

    Oh for your wireless I would suggest getting a quote from @Net-Ctrl for Ruckus Wireless, simply amazing pricing and top quality product.

    Cant think of anything else.

    Good luck

    Last edited by stevenlong1985; 27th February 2013 at 12:04 PM.

  3. Thanks to stevenlong1985 from:

    Net-Ctrl (28th February 2013)

  4. #3

    Join Date
    Jan 2008
    South West
    Thank Post
    Thanked 271 Times in 219 Posts
    Rep Power
    I believe the ruckus system (I dont have one) can handle loads of wireless clients and the network controller hosts the pac file and can dhcp (NAT) guest clients. The APs cost more but have a better range.

    I was thinking of creating a totally un-routed VLAN for BYOD that connected to a domestic NAT router with its own dhcp etc using a home BB solution and maybe opendns configed.

  5. #4

    Join Date
    Jul 2006
    Thank Post
    Thanked 247 Times in 197 Posts
    Blog Entries
    Rep Power
    The technical challenges are not insumountable. You probably ought to substantially rebuild your network and your operations (T+L as well as technical) for the new BYOD world if your leadership team are serious.

    Do the SLT understand that which can be done on a managed devices is not necessarily possible on a BYOD device? The point of BYOD is that your employees/students pay for the software and hardware that they use. If you want to insist on a particular package being used, it has to be delivered over HTTP. Depending on how much time/money they want to throw at the problem the previous statement becomes less true by degrees.

    BYOD done properly is MUCH LESS work on a day to day basis than supporting a fraction of the number of managed devices. How much tech support does joe public need to get onto the wifi in starbucks, or on the tube? NONE.

    That said, as a school you will need to address the safeguarding issues. It may be that your current firewall arangement is not suitable for a BYOD arrangement. You need an AD linked captive portal which logs who what and when a client attaches to your network and segregates traffic with a VLAN design/Firewall arrangement that filters by subnet (different classes of users go into different subnets). Reporting on a per user basis becomes a little more involved as you have to look up their IP at the time (should be recorded in NPS logs) and then cross reference with the firewall logs. You do loose simple per user/group filtering... however nothing to stop you still having an authenticating proxy server available for people who choose to opt into finer grained control.

    What would be nice is a solution where the firewall can find out who the user is from the NPS/RADIUS server. <-Does this exist? Smoothwall implied that they can do this with Meru and Identity Manager, but I didn't have time to follow this up at BETT.

+ Post New Thread

Similar Threads

  1. Campus Managed Wireless Service & BYOD Setups
    By jimmckenna in forum How do you do....it?
    Replies: 2
    Last Post: 23rd March 2012, 03:36 PM
  2. Managed Wireless System Advice and Support
    By stevo1565 in forum Hardware
    Replies: 4
    Last Post: 2nd February 2010, 09:29 PM
  3. Managed Wireless , NETBOOKS and RM MATHS ISSUES
    By stevo1565 in forum Wireless Networks
    Replies: 0
    Last Post: 16th October 2009, 08:37 PM
  4. managed Wireless and raduis
    By mtdmitchell in forum Network and Classroom Management
    Replies: 2
    Last Post: 7th May 2009, 08:21 PM
  5. Replies: 13
    Last Post: 3rd July 2008, 11:04 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts