+ Post New Thread
Results 1 to 11 of 11
Wireless Networks Thread, Who has a BYOD Solution in Technical; Hi Folks This post is aimed at all the schools that have successfully installed and are managing a BYOD solution ...
  1. #1
    ceebster's Avatar
    Join Date
    May 2009
    Location
    The World
    Posts
    104
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Who has a BYOD Solution

    Hi Folks
    This post is aimed at all the schools that have successfully installed and are managing a BYOD solution within their school.

    We are in the process of configuring hours, but just curious of the thought of others.

    Did anyone install a full NAP solution including having the client devices check for up to date AV / updates etc
    Do you have a transparent proxy in your solution?
    Do you allow your guests / to print
    Do you allow your guests / students to plug their laptops into the school power to charge their laptops up?
    Do you track what the students are browsing?
    How have you authenticated them onto the wireless?
    How have you protected your wired network?
    Do you have an AUP that all your users have to accept before they come on line.

    Sorry for many questions but we just getting our head round it and its not as simple as just deploying the network.

    Many Thanks

    Chris

  2. #2


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Did anyone install a full NAP solution including having the client devices check for up to date AV / updates etc

    No

    Do you have a transparent proxy in your solution?

    Yes, but only for certain devices (different SSID) everything else is a logged in connection to smoothwall.

    Do you allow your guests / to print

    Yes via Papercut web print

    Do you allow your guests / students to plug their laptops into the school power to charge their laptops up?

    Yes, 6th form have some 'charging lockers'

    Do you track what the students are browsing?

    Only if they are not using transparent!

    How have you authenticated them onto the wireless?

    Give them all the password.

    How have you protected your wired network?

    The wireless student network is completely firewalled from the internal network, they can only access our proxy, web and Citrix servers.

    Do you have an AUP that all your users have to accept before they come on line.

    Yes.


    We currently have about 500 machines connecting in and usually just under 400 at any one time.
    I had quick count up today by mac address identification and found that 247/377 (65%) were apple devices!

  3. #3
    ceebster's Avatar
    Join Date
    May 2009
    Location
    The World
    Posts
    104
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Hi There Thanks for that

    Couple of questions from our reply. Charging Lockers - where did you get these from?

    The wired network - what stops a student taking a network cable out of a PC, plugging it into their Laptop and connecting to your main desktop network?

    Thanks

    Chris

  4. #4
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,648
    Thank Post
    164
    Thanked 217 Times in 200 Posts
    Rep Power
    66
    • Did anyone install a full NAP solution including having the client devices check for up to date AV / updates etc

    We did but it's a menace and causes more problems than it solves, especially on iOS and Android devices (doesn't seem to have a clue what to do with them) Being replaced by a simpler LDAP authentication \ guest isolation model on a separate VLAN and Internet connection

    • Do you have a transparent proxy in your solution?

    Effectively yes (goes through our Palo Alto where all traffic is inspected seamlessly on its way through for URLs, application signatures and so on)

    • Do you allow your guests / to print

    Will do via Papercut once we get that configured

    • Do you allow your guests / students to plug their laptops into the school power to charge their laptops up?

    Not sure on this one, good point and worth further investigation

    • Do you track what the students are browsing?

    Yes via the filtering etc

    • How have you authenticated them onto the wireless?

    LDAP lookup for valid staff \ student account

    • How have you protected your wired network?

    Policies on switches

    • Do you have an AUP that all your users have to accept before they come on line.

    Yes, the usual "by connecting to the network you accept the terms of the AUP" kind of line, along with a link to it on the Aruba portal
    Last edited by gshaw; 9th September 2013 at 04:28 PM.

  5. #5
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,738
    Thank Post
    894
    Thanked 414 Times in 348 Posts
    Blog Entries
    12
    Rep Power
    85
    Did anyone install a full NAP solution including having the client devices check for up to date AV / updates etc
    No, thats far too complicated for what we wanted

    Do you have a transparent proxy in your solution?
    Yes

    Do you allow your guests / to print
    No but would be easy enough to impliment web print via papercut I would have thought

    Do you allow your guests / students to plug their laptops into the school power to charge their laptops up?
    yes

    Do you track what the students are browsing?
    yes

    How have you authenticated them onto the wireless?
    SSID password and aruba captive portal

    How have you protected your wired network?
    Never needed to really but the proxy wont work unless they configure it to the correct port

    Do you have an AUP that all your users have to accept before they come on line.
    No but we did update our ICT policies
    Last edited by zag; 9th September 2013 at 04:29 PM.

  6. #6


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by ceebster View Post
    Hi There Thanks for that

    Couple of questions from our reply. Charging Lockers - where did you get these from?

    The wired network - what stops a student taking a network cable out of a PC, plugging it into their Laptop and connecting to your main desktop network?

    Thanks

    Chris
    Bretford SafeCharge 10 Blue (Coin) (BSL-10-C-BLU) - www.misco.co.uk

    In theory nothing prevents the kids plugging directly into the school network. I've not put in any NAC (I did look quite seriously at packetfence though).
    It's not been much of an issue because there aren't very many places where they can connect other than in ICT suites.
    There are a few places such as in the library where I've put all of the network connections into the same VLAN as the firewalled wireless.
    Other than that I've not been too worried. I guess there is a thoretical risk and maybe I'll tackle it with packetfence in the future.

  7. #7
    ceebster's Avatar
    Join Date
    May 2009
    Location
    The World
    Posts
    104
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Hi Zag

    What Transparent proxy do you use?

    Can your student use any plug to charge their device - how do you get around Pat testing?

    THanks

    Chris

  8. #8
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,738
    Thank Post
    894
    Thanked 414 Times in 348 Posts
    Blog Entries
    12
    Rep Power
    85
    We use smoothwall for the transparent proxy.

    Yes they can plugin in most shared areas such as the LRC, or restaurant hall.

    PAT testing no idea! They are not school owned devices so I guess its the owners responsibility. I can't see how we could ever enforce PAT testing. Saying that we do PAT test our boarders stuff.

  9. #9

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    14
    Quote Originally Posted by ceebster View Post
    Hi Zag

    What Transparent proxy do you use?

    Can your student use any plug to charge their device - how do you get around Pat testing?

    THanks

    Chris
    theres no legal requirement to pat test your own stuff, you don't have to pat test theirs.

    it does however have to be in good condition thats but it doesn't specifically have to be pat tested.

  10. #10
    ceebster's Avatar
    Join Date
    May 2009
    Location
    The World
    Posts
    104
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by ConradJones View Post
    theres no legal requirement to pat test your own stuff, you don't have to pat test theirs.

    it does however have to be in good condition thats but it doesn't specifically have to be pat tested.
    So if a student comes in with their laptop and starts tripping the power - don't you have to ensure what's connecting the your electricity is safe?

    Just curious.

    Thanks

    Chris

  11. #11

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    14
    i didn't say that, i said specifically pat tested.

SHARE:
+ Post New Thread

Similar Threads

  1. Who has Ruckus ??
    By jamin100 in forum Wireless Networks
    Replies: 35
    Last Post: 20th October 2010, 04:07 PM
  2. SAN's - Who Has Them
    By barryfl in forum Hardware
    Replies: 67
    Last Post: 26th November 2009, 09:30 AM
  3. Who has a laptop trolley?
    By button_ripple in forum Hardware
    Replies: 24
    Last Post: 11th June 2008, 03:49 PM
  4. Alright, who has nicked the Herts learning grid?
    By theriver in forum General Chat
    Replies: 5
    Last Post: 9th May 2008, 01:19 PM
  5. finding out who has logged into a PC in AD
    By Oops_my_bad in forum Windows
    Replies: 6
    Last Post: 22nd November 2007, 03:51 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •