Educause Security Discussion mailing list archives

Re: Ports/applications permitted for Guest Access

From: Roger A Safian <r-safian () NORTHWESTERN EDU>
Date: Mon, 19 Sep 2011 15:28:33 +0000

I just wanted to give this a bump, since I sent it out late on Friday.  If you do have support open guest access, I'd 
love to hear from you.

-----Original Message-----
From: Roger A Safian
Sent: Friday, September 16, 2011 3:59 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: RE: Ports/applications permitted for Guest Access

Just a follow-up to my question of last week.

One of the options we are considering for guest access (this is more of an
issue for wireless, but, could be an issue on wired as well) is a model similar
to a coffee shop.  A visitor would arrive on campus, and connect to our
wireless network.  They would choose something like Northwestern Guest
from a options list, answer a few questions, (name, email address, whatever)
and be granted limited guest access.  No vouching, or access code would be
required for this, basically open access.

For those of you who do provide guest access, do you have a similar system,
and have you had any serious issues?

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roger A Safian
Sent: Friday, September 09, 2011 10:11 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Ports/applications permitted for Guest Access

Greetings,

We are looking at modifying and expanding our current guest access policy.
Currently guests have the same access as everyone else, but, they also
need to have a guest ID provided to them.  This is a somewhat
cumbersome process.  We would like relax the policy, but, at the same
time, we don't want to just allow anyone to do anything on our network.

We are considering offering guest access for specific ports or applications.
Guests might not even be considered part of "our" network.  My
question, for those of you who do have guest access is, what exactly
do you allow your quests to do?  Our initial thought is something like
web, email, vpn.  I especially am concerned that we limit P2P on the guest

network.


Thanks.

Current thread:

Re: Ports/applications permitted for Guest Access, (continued)
- - - Re: Ports/applications permitted for Guest Access Shannon Roddy (Sep 11)
    - Re: Ports/applications permitted for Guest Access Valdis Kletnieks (Sep 11)
    - Re: Ports/applications permitted for Guest Access David Gillett (Sep 12)
    - Re: Ports/applications permitted for Guest Access Robert Lau (Sep 11)
    - Re: Ports/applications permitted for Guest Access Kevin Wilcox (Sep 16)
    - Re: Ports/applications permitted for Guest Access (deep packet inspection) Barron Hulver (Sep 11)
- Re: Ports/applications permitted for Guest Access Roger A Safian (Sep 16)
  - Re: Ports/applications permitted for Guest Access Matthew Gracie (Sep 19)
  - Re: Ports/applications permitted for Guest Access Ed Zawacki (Sep 20)
    - Re: Ports/applications permitted for Guest Access Roger A Safian (Sep 20)
- Re: Ports/applications permitted for Guest Access Roger A Safian (Sep 19)
- Re: Ports/applications permitted for Guest Access Gioia, Matthew P. (Sep 12)
- FW: Ports/applications permitted for Guest Access Boyd, Daniel (Sep 19)