Wireless hotspots in a Novell school? How?

[StAloysius]

OK, I've been given a bit of a challenge, and I could use some ideas.

I've been asked to provide wireless hotspot access for visitors at our school. There are some requirements for that, and some existing structures which are potentially roadblocks.

The requirements:

* Multiple wireless access points
* Time limited access (once off keys to use)
* Access must be filtered in accordance with our school's policies
* Access must be limited to web and email only, no other ports available
* No access to network assets, servers, files, etc etc

The current setup:

* Novell network with eDirectory authentication
* Novell BorderManager as our firewall/router/proxy
* Internet access through BM requires an authenticated Novell login
* Content Keeper filtering appliance
* All traffic passes through Content Keeper and filtering policies are applied depending on eDirectory group, unknown users get default very heavy filtering (makes web browsing virtually useless)
* Single VLAN

I'm probably going to replace BM with a Cisco router in the near future, so that part of the authentication process will most likely change.

I am aware that there are a number of appliances, wireless boxes out there that are designed for hotspot use, and that's the sort of thing we'd like to put in, but it needs to be able to manage multiple hotspots, not just one.

I've had a quick look at this: Handlink ISS-6000 - Internet Access Controller with the optional account generator. Just not sure how it will work with existing systems... or would we be better of with a separate internet link and physical network?


The users will need to be able to access Internet without installing a Novell client or having any particular software on their PCs. Because these are untrusted machines they need to be isolated from the rest of our network.

But we DO need to be able to monitor, log, track usage of each login preferably with our existing infrastructure.

Ideas? Brainstorms?