cancel
Showing results for 
Search instead for 
Did you mean: 

9.6 PSK Limit feature

rob_coote
New Contributor III
From the Release Notes:
"Per user Dynamic PSK limits
ZoneDirector 9.6 now provides the ability to limit the number of Dynamic
Pre-Shared Keys generated per user.
This feature, configurable per WLAN, allows up to 4 individual mobile
devices to be securely connected per user login."

This is a great feature but a poor implementation. Let us set the limit, do not hard set it at 4 devices. I have several users with more than 4 devices and this will mean I cannot upgrade to this version.

Note: This topic was created from a reply on the ZoneFlex Release 9.6 now available (9.6.0.0.267) topic.
6 REPLIES 6

sid_sok
Contributor II
HI Rob,

We will pass your feedback on to our Product management team and put in a FR to have the limit changed or eliminated.

What's the use case where each device can not have it;s own DPSK, ideally each device should have it's own key, is this a key delivery mechanism issue or policy issue?

Sid

rob_coote
New Contributor III
Sid,

Thanks for passing along the feedback.

I agree each device should have it's own DPSK. That being said there are cases where a single user might have more than 4. It might be a better option to allow the administrator to set the limit per user based on Role, perhaps?

I understand the need to have restrictions on this, working in a K-12 environment we have students that like to share logins. This prevents some of that abuse. On the other hand the guys in our IT department (such as myself) have more than 4 devices we might need to enroll on the wifi....

Rob

rob_coote
New Contributor III
Alright now that I've actually found the option - it does appear to be configurable, and is disabled by default. That being said 4 is the hard limit. If anything changes, I'd suggest perhaps this upper limit can be increased.

david_stiff_578
New Contributor
Rob,

Thanks for the feedback. You are correct that the intention of this feature was to prevent abuse where one user login can generate an unlimited number of DPSL entries and connect a bunch of devices. Would a top limit of 25 be acceptable?