Security has always been one of my high priorities - security of data, connection and people. So when we installed our managed wireless system a couple of years ago, I wanted to make sure the system was as secure as possible, and made users feel secure too. One of the ways to achieve this is a secure connection between the client, and the controller, to which they supply their login details.
I obtained and installed a certificate on our Ruckus ZD3000 two years ago, but failed to make note on how I completed it. The question has come up a number of time since on Edugeek, and I've struggled to remember the exact process. So due to the fact my original certificate is about to expire, I thought I'd take this opportunity to document the process.
After presenting a business plan to our Principal, I have been able to procure an iPad mini for each of my team. I believe that if we are all connected (via email, to our helpdesk, wiki and google drive) jobs will get completed sooner, can be handed between techs more smoothly and will enable notes to be written more quickly. Thankfully my Principal agreed and those iPads arrive today.
We've been running a BYOD scheme for staff and 6th form for some time. Although we're not pushing the scheme aggressively, it's gathering a natural pace with around 80 devices connecting most days. I set up a Proxy.pac file for iOS devices some months ago and it seems to work well for the BYOD users, but my team will need access to more internal services.
Pac files can be unusual, especially on iOS. Also iOS devices can cache the file making trouble shooting that much more difficult. For my benefit as much as anyone else's, here is the working version as it stands.
function FindProxyForURL(url, host)
if ((host=="localhost") ||
shExpMatch(host, "*localhost.*") ||
shExpMatch(host, "10.10.10.0/20") ||
shExpMatch(host, "184.108.40.206/8") ||
shExpMatch(host, "*moodle.school.com*") ||
shExpMatch(host, "*wifi.school.com*") ||
shExpMatch(host, "*proxy.school.com*") ||
shExpMatch(host, "*lead.school.local*") ||
shExpMatch(host, "*aluminium.school.local*") ||
(host == "127.0.0.1"))
return "PROXY proxy.LEA.net:80"
To explain, 10.10.10.0/20 is our internal range of IPs.
220.127.116.11/8 is the apple range of public IPs - We have found apple devices prefer un-proxied access to home.
moodle.school.com - Our internally hosted moodle server.
wifi.school.com - Our internally hosted wifi controller (which users need to reauthenticate to every so often).
proxy.school.com - This is just an alias of our moodle server. It is where the proxy.pac file resides.
lead.school.local - This is the server hosting our helpdesk. Currently internal only (hence .local).
aluminium.school.local - This server runs our wiki and some other internal sites.
isPlainHostName - This rule allows us to connect to a simple host name. One of our workstations perhaps.
return "DIRECT"; - All the rules above should connect directly.
return "PROXY proxy.LEA.net:80" - If the request is not one stated, return the proxy address.
My goal in the not too distant future is to stop using the LEAs proxy server and run a transparent proxy in house.
I usually only go to Bett for a day, and therefore I need to think very carefully what to carry with me. Although many are already there today, for those who are visiting later in the week here's my essential list of things to carry.
Bag. Enough pockets for things, and a large pocket for all the leaflets and info I'll be picking up.
iPad mini. Note taking, tweeting. I also have a rough plan of my day in evernote.
iPhone 4s. Taking pictures of things, may even try tweet a vine video this year.
MiFi (topped up with 1GB of data) & three spare charged batteries. Connectivity in the event of poor wifi.
iPad charger. Something always needs charging on the train home.
Charging cables for iPad, iPhone and Mifi.
Google notepad. A nice freebee from BETT2012.
A mini sharpie and a ball point pen.
@IrritableTech mini cards. Hopefully I'll make some new connections.
Stickers with my school details on. Save filling out endless forms.
Train tickets, Oyster card & BETT pass.
Water. Possibly pick up a sandwich before you get there too?
Comfy shoes (everyone gives this tip right?).
Coat or no coat? Never quite sure. It's cold on the platform at 6:30am, but hot inside BETT. So you either decide to carry it about (the cloak room queues are often very long) or freeze while you wait for public transport.
If you do see me wondering around tomorrow (Thursday), do say hello. Or tweet me.