Help Desk
Monday - Friday 
7:00 am - 4:00 pm

P: (540) 464-7643
F:  (540) 464-7222
Help@vmi.edu
Email IT Webmaster

Information Technology
315 Nichols Engineering
Virginia Military Institute
Lexington, VA 24450

Wireless Security

In an open wireless environment there is no native security. Anyone with another wireless network card and some sort of network “sniffing” software can record and monitor your traffic. That is why it is recommended that you never use unencrypted usernames, passwords or financial information on a wireless network. The WPE encryption standard that comes standard with most wireless access points has been cracked and should not be considered secure. That leaves using WPA (or 802.11i), VPN, or SSL to encrypt your traffic. All three of these standards offer an acceptable level of protection for wireless traffic.

VMIT has chosen to have a “mixed” level of security to offer the broadest range of compatibility and usability while maintaining a high level of security for the VMI wireless network. Any HTTP-based traffic will go across the network unencrypted, so this traffic is not secure; this is not a major issue since most web surfing not sensitive in nature. HTTPS traffic, such as that used to access e-mail using VMI's Outlook Web Access, is encrypted using SSL by the server and is secure. Most financial websites and others of that nature use SSL encryption for the areas containing sensitive data, so those are secure as well. Ensure that you check to make sure any website which contains sensitive data is using encryption before accessing it via the wireless network.

Traffic other than HTTP, HTTPS, and several specific other protocols is discarded by default unless you connect through the VMI VPN. This is the only way you will be able to access internal VMI resources other than webpages and web-based mail. Once connected to the VMI VPN, your traffic to and from internal VMI resources is encrypted using 128-bit encryption and is secure.