I'm wondering if anyone has suggestions for ways of preventing mobile devices from connecting to the WLAN. We are moving to a mainly Wireless LAN Controller-based infrastructure, so I'm focusing on possibilities with the WCS/WLC (and not worrying about IOS APs).
Our policy is to keep mobile devices off our WLAN, because we can't ensure their security (no standard patching or anti-virus solution for these devices). But users are able to config their mobile devices' wireless profiles to allow them to authenticate. So we can release all the policies we want.... policies don't keep them from connecting.
Because on the security concerns and the fact that they chew up IP addresses, I'm trying to figure out what we could do to keep them off our WLAN! Any ideas are welcome!
Note: our company is too big to entertain any MAC address filtering based on allowing known laptop MACs or blocking known mobile device MACs.