We are running different SSID's in different VLans. We have our Radius secured wireless for District owned computers that we manage and then we have an Open network for people who bring their own devices. They use Remote Desktop Gateway to access Termional Servers when they need to use resources on the private side. The problem is we have them restricted to port 80, 443 and 3389 but things like activesync don't work for cell phones and iPads.
What is a good balance between access and security?