Danielle,

It depends on what your goal is.  If your goal is to protect the campus, 
then you set the system up for port 80 and 443 (http and https traffic) 
and let them use it if they want.  I've been assured that will keep any 
problems from hitting us.  After all, you do not know how 'clean' the 
guest machine is going to be.

If your goal is student's computers are infection free, then I don't 
think there is any way it would work.  We have students using Windows XP 
using the role we setup for Windows 98 and ME -- they don't want to deal 
with our rules.  As long as they don't want instant messaging, email 
clients other than web based, etc., we don't try to stop them.

Libby Garner
Kenyon College


Danielle Morse wrote:
> Aaron,
> 
> How do you prevent your students from logging in as guest?  I know it 
> won't be attractive to them since it's limited but students we kick off 
> for violations might start using this to get around fixing their 
> computers for us to give them access again.
> 
> Thanks,
> Dnaielle
> 
> Aaron Havens wrote:
> 
>> We use the guest access provided by the Clean Access login page. Users 
>> logging in with the Guest Access button are limited on what ports they 
>> are allowed to use and blocked from internal ip ranges. Just make sure 
>> to not require the Clean Access agent for this role.
>>