The network element must protect wireless access to the network using encryption.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000070-FW-NA	SRG-NET-000070-FW-NA	SRG-NET-000070-FW-NA_rule		Medium

Description
The security boundary of a WLAN extends from the client device to the network boundary where network access is controlled. This boundary represents the portion of the network most vulnerable to attack and must be protected. Within this boundary there must be two distinct, but related, security protection mechanisms: authentication and data-in-transit encryption. These protections ensure access control and protection from eavesdropping for both the WLAN system and the DoD network enclave. Protecting wireless access to the network using encryption on mobile devices is outside the scope of the firewall. This is the function of the wireless access point.

Description

The security boundary of a WLAN extends from the client device to the network boundary where network access is controlled. This boundary represents the portion of the network most vulnerable to attack and must be protected. Within this boundary there must be two distinct, but related, security protection mechanisms: authentication and data-in-transit encryption. These protections ensure access control and protection from eavesdropping for both the WLAN system and the DoD network enclave. Protecting wireless access to the network using encryption on mobile devices is outside the scope of the firewall. This is the function of the wireless access point.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000070-FW-NA_chk )
This requirement is NA for firewall. No fix required.

Fix Text (F-SRG-NET-000070-FW-NA_fix)
This requirement is NA for firewall. No fix required.