[Nov 23, 2009 14:09] Web access to Microsoft Live@edu accounts now works.
Wireless Security and Policy
Security Statement for the cavalier Encrypted Wireless Network
The cavalier wireless network uses a wireless security standard known as WPA (Wi-Fi Protected Access) Enterprise, aka 802.1X WPA. WPA Enterprise can use serveral authentication protocols as well as two different encryption types. The cavalier network uses an authentication protocol called EAP-TLS (Extensible Authentication Protocol-Translation Layer Security) and TKIP (Temporal Key Integrity Protocol) encryption. EAP-TLS protocol utilizes digital certificates on your computer to authenticate yourself to the network and verify the access point is an official secure ITC AP. TKIP encryption ensures that every data packet is sent with its own unique security key.
Additional Security
It is important to remember that wireless encryption is not intended to be your only security. Wireless encryption is just meant to try to make a wireless network as hard to "sniff" as a wired network. (In reality, WPA Enterprise provides significantly more data privacy than a normal wired network.) Standard security practices are still necessary.
Remember that this wireless encryption system only protects your data while it travels over the airwaves. As soon your data hits the local wireless access point in your building, it flows over the building's standard wired network and is no longer protected by the wireless encryption system. As with the traditional wire-based network, additional security (i.e. VPN connections, encrypted Web pages using SSL and secure remote logins, and file transfers using SSH) should still be used for high valued data transactions.
Security Statement for the wahoo Wireless Network
The wahoo wireless network does not use any encryption protocol. The information that travels between the computer and the access point is not encrypted and can be intercepted and recorded. In addition, there can be no guarantee that the wahoo wireless network you connect to is ITC's or even on the UVa network (it may be a rogue access point setup with ITC's wireless network name).
For these reasons ITC highly recommends UVa affiliated wireless users upgrade their operating system and wireless hardware so they can establish an encrypted connection. Guests are encouraged to make use of any VPN resources provided by their own institutions for network data protection.
Additional Security
As with the traditional wire-based network, additional security (e.g., VPN connections, encrypted Web pages using SSL and secure remote logins, and file transfers using SSH) should be used for high valued data transactions. Use of these services is critical in order to protect any data transferred over any unencrypted wireless network.