We are moving away from having a network tied to SSID as well as static assignment on the wire. We are moving forward with a more dynamic network. We will have network and securities in place based on these networks. Users will be on boarded to these network by an intelligent process on the back-end called ClearPass by Aruba. The following will explain the purpose of each network and how a user would be able to access them.
Network/VLAN There are 4 networks that can be accessed via the SSID "D91". Users will on-board this network by connecting to the wireless SSID "D91". ClearPass will move that user to the a Network/VLAN this will be based on the Identification table below and the securities on these network are described in the table below call ACL's. The only way to know this has happened is by the IP address the device received or by looking in ClearPass at the Access Log. The IP address that the device should receive is explained in the table called IP address assignment.
There will be a Guest network. This SSID is available to any user that in range of our network. They will not need credentials to access this network. When a user connects to this SSID their device will be redirected to a captive portal. On the captive portal they will be prompted to accept our internet use agreement and to click a button to continue. They will then have access to the internet at a limited speed. The speed control is there to encourage users that have credential to connect to the SSID "D91".
We will also have an Event Network. This SSID is available to anyone that gets an event code from the main office of the building they are in. Once they have this code, they will connect to the SSID "D91_Event". When a user connects to this SSID, their device will be redirected to a captive portal. On the captive portal they will be prompted to accept our internet use agreement and enter an event code to continue. They will then have access to the internet at a limited speed, this speed will be much higher than Guest but still controlled.
Schedule of Implementation I have put together a schedule of deployment and tear down. You can see the schedule on the page "Network Maintenance Status". We have a main goal of enabling the D91 network by Friday Aug 19th and shutting off D91_Access in one month. The networks D91_Guest and D91_Event will be enabled as they are ready. | Identification Process
ACL's
IP Addresses B=Building number X=wildcard
|