Ruckus Wifi Security Certificate
Security has always been one of my high priorities - security of data, connection and people. So when we installed our managed wireless system a couple of years ago, I wanted to make sure the system was as secure as possible, and made users feel secure too. One of the ways to achieve this is a secure connection between the client, and the controller, to which they supply their login details.
I obtained and installed a certificate on our Ruckus ZD3000 two years ago, but failed to make note on how I completed it. The question has come up a number of time since on Edugeek, and I've struggled to remember the exact process. So due to the fact my original certificate is about to expire, I thought I'd take this opportunity to document the process.
iOS Pac File
After presenting a business plan to our Principal, I have been able to procure an iPad mini for each of my team. I believe that if we are all connected (via email, to our helpdesk, wiki and google drive) jobs will get completed sooner, can be handed between techs more smoothly and will enable notes to be written more quickly. Thankfully my Principal agreed and those iPads arrive today.
We've been running a BYOD scheme for staff and 6th form for some time. Although we're not pushing the scheme aggressively, it's gathering a natural pace with around 80 devices connecting most days. I set up a Proxy.pac file for iOS devices some months ago and it seems to work well for the BYOD users, but my team will need access to more internal services.
Pac files can be unusual, especially on iOS. Also iOS devices can cache the file making trouble shooting that much more difficult. For my benefit as much as anyone else's, here is the working version as it stands.
function FindProxyForURL(url, host)
{
if ((host=="localhost") ||
shExpMatch(host, "*localhost.*") ||
shExpMatch(host, "10.10.10.0/20") ||
shExpMatch(host, "17.0.0.0/8") ||
shExpMatch(host, "*moodle.school.com*") ||
shExpMatch(host, "*wifi.school.com*") ||
shExpMatch(host, "*proxy.school.com*") ||
shExpMatch(host, "*lead.school.local*") ||
shExpMatch(host, "*aluminium.school.local*") ||
isPlainHostName(host) ||
(host == "127.0.0.1"))
{
return "DIRECT";
}
return "PROXY proxy.LEA.net:80"
}
To explain, 10.10.10.0/20 is our internal range of IPs.
17.0.0.0/8 is the apple range of public IPs - We have found apple devices prefer un-proxied access to home.
moodle.school.com - Our internally hosted moodle server.
wifi.school.com - Our internally hosted wifi controller (which users need to reauthenticate to every so often).
proxy.school.com - This is just an alias of our moodle server. It is where the proxy.pac file resides.
lead.school.local - This is the server hosting our helpdesk. Currently internal only (hence .local).
aluminium.school.local - This server runs our wiki and some other internal sites.
isPlainHostName - This rule allows us to connect to a simple host name. One of our workstations perhaps.
return "DIRECT"; - All the rules above should connect directly.
return "PROXY proxy.LEA.net:80" - If the request is not one stated, return the proxy address.
My goal in the not too distant future is to stop using the LEAs proxy server and run a transparent proxy in house.
Bett Check List
I usually only go to Bett for a day, and therefore I need to think very carefully what to carry with me. Although many are already there today, for those who are visiting later in the week here's my essential list of things to carry.
Bag. Enough pockets for things, and a large pocket for all the leaflets and info I'll be picking up.
iPad mini. Note taking, tweeting. I also have a rough plan of my day in evernote.
iPhone 4s. Taking pictures of things, may even try tweet a vine video this year.
MiFi (topped up with 1GB of data) & three spare charged batteries. Connectivity in the event of poor wifi.
iPad charger. Something always needs charging on the train home.
Charging cables for iPad, iPhone and Mifi.
Google notepad. A nice freebee from BETT2012.
A mini sharpie and a ball point pen.
Business Cards.
@IrritableTech mini cards. Hopefully I'll make some new connections.
Stickers with my school details on. Save filling out endless forms.
Train tickets, Oyster card & BETT pass.
Water. Possibly pick up a sandwich before you get there too?
Comfy shoes (everyone gives this tip right?).
Coat or no coat? Never quite sure. It's cold on the platform at 6:30am, but hot inside BETT. So you either decide to carry it about (the cloak room queues are often very long) or freeze while you wait for public transport.
If you do see me wondering around tomorrow (Thursday), do say hello. Or tweet me.
Facebook: Graph Search
Last evening Mark Zuckerberg stood in front of the assembled media and announced a new search engine which would be coming to Facebook soon.
Graph search is Facebooks way of increasing connections through the site. Up until now, users mainly search for friends, products and groups by using names. In the case of individuals this means you really need to know someone's name to find them. Graph search works differently.
Facebook's announcement and introduction give some examples of how the new search will work.
Search: Photo's I like
That sounds handy. I can view all the photos I liked and review whether I still 'like' them.
Search: Restaurants my friends have been to in London
A quick way to find the places your 'friends' would recommend, and perhaps more likely, the ones they wouldn't. Super.
Search: People who like cycling and live in my hometown
This is where my worries start to kick in. Lets suggest someone with less honorable intentions might change part of that search. They could change it for example to:
Search: People who like Mushi Monsters and live in my hometown
This tool suddenly takes on a more sinister application. Facebook users are being given a chance to find new people, close by, just by searching interests.
Social Media Isn’t New… Is it?
Social media refers to the means of interactions among people in which they create, share, exchange and comment contents among themselves in virtual communities and networks. Andreas Kaplan - http://en.wikipedia.org/wiki/Social_media
If this definition is to be believed then social media has been going on much before the likes of MySpace in 2003. I think it even pre-dates the internet. A tweet from @Documentally a little while ago got me thinking about when I started my journey into Social Media.
If you include the CB radio, I've been experimenting with social networks for the last 30 years.
— Documentally (@Documentally) November 2, 2012
I had never thought about the CB radio as a social network, but of cause it is. You created an identity (a handle), you broadcast to the world (or the little bit of the world your 'rig' could manage), talked with friends in the 'real world' and found new CB only friends (One Nine a Roger?). You could chat with a friend on a specific channel (hashtag?), but anyone within reach could jump in and join the conversation.
I got a CB radio in the summer of 1992 if memory serves. I'd saved up for the equipment myself and my parents let me get on with it. They understood I could talk to people on the CB, but probably didn't think about the fact I could talk (or simply just be heard) by anyone within the area with the right equipment.
About
Licence
