Subject: | |
From: | |
Reply To: | |
Date: | Fri, 10 Mar 2006 11:22:19 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Danielle,
I tend to agree. You are wresting with a policy issue not a technology
issue. At the very least, guest access should be limited to a connectivity
level that cannot harm your campus infrastructure.
--
Ryan Dorman, CCNP
Network Engineering Specialist
Millersville University
717.871.5883
On 3/10/06 11:16 AM, "LDGarner" <[log in to unmask]> wrote:
> Danielle,
>
> It depends on what your goal is. If your goal is to protect the campus,
> then you set the system up for port 80 and 443 (http and https traffic)
> and let them use it if they want. I've been assured that will keep any
> problems from hitting us. After all, you do not know how 'clean' the
> guest machine is going to be.
>
> If your goal is student's computers are infection free, then I don't
> think there is any way it would work. We have students using Windows XP
> using the role we setup for Windows 98 and ME -- they don't want to deal
> with our rules. As long as they don't want instant messaging, email
> clients other than web based, etc., we don't try to stop them.
>
> Libby Garner
> Kenyon College
>
>
> Danielle Morse wrote:
>> Aaron,
>>
>> How do you prevent your students from logging in as guest? I know it
>> won't be attractive to them since it's limited but students we kick off
>> for violations might start using this to get around fixing their
>> computers for us to give them access again.
>>
>> Thanks,
>> Dnaielle
>>
>> Aaron Havens wrote:
>>
>>> We use the guest access provided by the Clean Access login page. Users
>>> logging in with the Guest Access button are limited on what ports they
>>> are allowed to use and blocked from internal ip ranges. Just make sure
>>> to not require the Clean Access agent for this role.
>>>
|
|
|