9.6 PSK Limit feature
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2013 09:04 AM
From the Release Notes:
"Per user Dynamic PSK limits
ZoneDirector 9.6 now provides the ability to limit the number of Dynamic
Pre-Shared Keys generated per user.
This feature, configurable per WLAN, allows up to 4 individual mobile
devices to be securely connected per user login."
This is a great feature but a poor implementation. Let us set the limit, do not hard set it at 4 devices. I have several users with more than 4 devices and this will mean I cannot upgrade to this version.
Note: This topic was created from a reply on the ZoneFlex Release 9.6 now available (9.6.0.0.267) topic.
"Per user Dynamic PSK limits
ZoneDirector 9.6 now provides the ability to limit the number of Dynamic
Pre-Shared Keys generated per user.
This feature, configurable per WLAN, allows up to 4 individual mobile
devices to be securely connected per user login."
This is a great feature but a poor implementation. Let us set the limit, do not hard set it at 4 devices. I have several users with more than 4 devices and this will mean I cannot upgrade to this version.
Note: This topic was created from a reply on the ZoneFlex Release 9.6 now available (9.6.0.0.267) topic.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2013 03:32 PM
HI Rob,
We will pass your feedback on to our Product management team and put in a FR to have the limit changed or eliminated.
What's the use case where each device can not have it;s own DPSK, ideally each device should have it's own key, is this a key delivery mechanism issue or policy issue?
Sid
We will pass your feedback on to our Product management team and put in a FR to have the limit changed or eliminated.
What's the use case where each device can not have it;s own DPSK, ideally each device should have it's own key, is this a key delivery mechanism issue or policy issue?
Sid
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2013 08:15 PM
Sid,
Thanks for passing along the feedback.
I agree each device should have it's own DPSK. That being said there are cases where a single user might have more than 4. It might be a better option to allow the administrator to set the limit per user based on Role, perhaps?
I understand the need to have restrictions on this, working in a K-12 environment we have students that like to share logins. This prevents some of that abuse. On the other hand the guys in our IT department (such as myself) have more than 4 devices we might need to enroll on the wifi....
Rob
Thanks for passing along the feedback.
I agree each device should have it's own DPSK. That being said there are cases where a single user might have more than 4. It might be a better option to allow the administrator to set the limit per user based on Role, perhaps?
I understand the need to have restrictions on this, working in a K-12 environment we have students that like to share logins. This prevents some of that abuse. On the other hand the guys in our IT department (such as myself) have more than 4 devices we might need to enroll on the wifi....
Rob
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-11-2013 09:58 AM
Alright now that I've actually found the option - it does appear to be configurable, and is disabled by default. That being said 4 is the hard limit. If anything changes, I'd suggest perhaps this upper limit can be increased.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2013 12:25 PM
Rob,
Thanks for the feedback. You are correct that the intention of this feature was to prevent abuse where one user login can generate an unlimited number of DPSL entries and connect a bunch of devices. Would a top limit of 25 be acceptable?
Thanks for the feedback. You are correct that the intention of this feature was to prevent abuse where one user login can generate an unlimited number of DPSL entries and connect a bunch of devices. Would a top limit of 25 be acceptable?
