The above Ad will no longer appear after you Sign Up for Free!

Network Administrator introduces a new wrinkle

Discussion in 'Multimedia, Projection, and Show Control' started by teqniqal, Feb 28, 2019.

  1. mbrown3039

    mbrown3039 Member

    Messages:
    67
    Likes Received:
    67
    Location:
    vegas, baby..!
    Thanks for posting this, Erich -- very timely and potentially immensely impactful to all of us. My first suggestion would be something already posted above: no campus WiFi in the theater.

    I have not run into this very scenario, but I recently helped convince a major hospitality firm here in Vegas to create a standard for new construction whereby all new venues (and existing venues, as they are upgraded) must have a dedicated A/V/L network that doesn't touch the corporate network and has a dedicated tunnel to the outside world (via a dedicated cable modem). Educating the corporate IT folks about the protocols show networks employ has also been very helpful: i find that once you mention multicast, port forwarding and IGMP (with snooping!), they quickly agree to a separate, dedicated network.

    Good luck, and please keep this thread updated as you sort through this -- I am curious how it all turns out.
     
  2. Jay Ashworth

    Jay Ashworth Well-Known Member

    Messages:
    2,132
    Likes Received:
    642
    Location:
    St Pete FL USA
    Another tag on the end here:

    Your network and WLAN configuration will be complicated a bit further: You're going to have production people, who need access to the production-net *and* the Internet, and you'll probably have guests who need Internet access, but shouldn't be allowed to even know the production net exists.

    This almost requires a 3-port router with VLAN, and wifi nodes also with VLAN and multi-SSD support, to *really* do it properly.

    I would probably do it with a WatchGuard, and UBNT Unifi flying saucers, myself...
     
    RonHebbard likes this.
  3. Calc

    Calc Active Member

    Messages:
    153
    Likes Received:
    50
    Location:
    Mid-Michigan
    Jay's described situation is what I've ended up with here- My phone ends up on the regular vlan, but my user privileges grant me access to the theatre VLAN. It CAN be done, you just need the network guys to be willing to work with you.
     
    RonHebbard likes this.
  4. teqniqal

    teqniqal Well-Known Member

    Messages:
    217
    Likes Received:
    149
    Occupation:
    Theatre Consultant
    Location:
    Dallas / Fort Worth, Texas
    In the article it says: "WIPS should understand the difference between rogue APs and external (neighbor’s) APs".
    This is the issue. The isolated and dedicated Sound and Lighting system WAPS are 'the neighbors', not 'rouge WAPs'. I am beginning to think the System Admin for the School District doesn't get the difference. Well, if their approach doesn't work, I'll fall back to 'splainin' this to them, again.

    You mentioned Aruba, and yes, this is their system they are using.

    You are correct.

    Yes, this is the situation. The dedicated Lighting and sound WAPs were planned to be 'closeby', not a part of their system.

    Well if the cat wasn't already out of the bag that our WAPs would exist, that is what we would recommend. Too late for that, though. They know.

    Thanks to everyone for the input. It's helping me clarify the situation. I'll report back once the dust settles.
     
    macsound likes this.
  5. Jay Ashworth

    Jay Ashworth Well-Known Member

    Messages:
    2,132
    Likes Received:
    642
    Location:
    St Pete FL USA
    I don't know that it's that they don't get it, Erich.

    I think it's that their policy says "no SSIDs except those specifically authorized"... and no one has authorized them.
     
  6. jtweigandt

    jtweigandt Well-Known Member

    Messages:
    139
    Likes Received:
    100
    Location:
    Moline Il
    That’s why I was pointing out that THEIR policy of “no SSID’s except those specifically authorized” should not by law and regulation supercede the FCC rules which prohibit active blocking of those SSID’s I would kind of raise that point with them, and the school board, and it might not hurt to remind the school board that active blocking of non intrusive signals has the potential to be expensive for them down the road should someone complain that their hotspot was squelched.
     
  7. darinlwebb

    darinlwebb Member

    Messages:
    37
    Likes Received:
    19
    Occupation:
    Assistant To The Technical Director
    Location:
    Des Moines, IA
    It's a people problem, not a tech problem. In addition to your technical requirements, you should detail the consequences of not having them. Are we talking inconvenience during rehearsal and programming, or significant risk to the smooth-running of a show? You also need to acknowledge the good reasons backing their plan. An easier-to -manage network, better wireless performance throughout the school, an opportunity to upgrade their aging infrastructure for cheap because this company is offering them a deal.

    How can you compromise? Does your wireless network require internet access? If so, assure them people can't use it as a backdoor around their firewalls and filtering. In addition to running your equipment, do the people in your space need/want wifi internet? If so, then you're going to need their hardware to support them because hell if you're going to play helpdesk when some conference attendee can't check Facebook.

    You might not be the right person to convince the IT folks leading the charge that the wifi disruption feature is not worth the hassle - but they should be honestly evaluating the actual value here. Are they dazzled by a sales rep into solving a problem they don't even have? If you're stuck with it, team up with your IT crew to badger the vendor into supporting 'zoning' of the seek-and-destroy feature. There are other scenarios besides theatre where you might need ad-hoc wifi networks to pop up.

    In any case, make sure they start with your area when they begin the rollout so you can work together to test your requirements ASAP.
     
    TimMc, Jay Ashworth and RonHebbard like this.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice