[unisog] Cisco Profiler (was Re: Printers, printers, printers)
Michael.Kaegler at MARIST.EDU
Thu Dec 13 16:01:56 GMT 2007
At 9:13 PM -0500 12/12/07, Cal Frye wrote:
>We do game consoles manually, via calls to the Help Desk. The role I
>assign to game systems does not permit access to most campus services
>(DNS works, not much else) and doesn't permit email anywhere. Otherwise
>they're pretty open.
>I suggest you try the
>less-paranoid approach first and see if that works sufficiently well for
Us? Paranoid? You're one of THEM!! :)
We currently do the helpdesk thing; it requires that students
1. Call during the hours helpdesk is open and
2. Wait for someone to actually press the buttons.
This is not self-service, and therefore is not end-user friendly
enough and involves too much manual intervention. So goes the mantra,
and having actually lived it, I tend to agree.
If we're banning manual intervention and we're requiring
accountability, there's no other way to pull it off.
Right now, we block our appliance vlan from our DMZ and server farm
(except for DNS/DHCP), just to annoy people who manage to fake out
the system. Other than that, we're open. We might make it fully open
after the NAC implementation.
Michael "Porkchop" Kaegler, Sr. Network Analyst
(845) 575-3061 Marist College, Poughkeepsie, NY
More information about the unisog