The network element must detect rogue wireless devices, attack attempts, and potential compromises or breaches to the wireless network.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000266-FW-NA	SRG-NET-000266-FW-NA	SRG-NET-000266-FW-NA_rule		Medium

Description
DoD information could be compromised if wireless monitoring is not performed to identify unauthorized WLAN clients and access points connected to or attempting to connect to the network. A WIDS sensor must be installed and placed to monitor wireless network transmissions for possible attacks and unauthorized traffic. Rogue devices are unauthorized wireless devices which are either connected to the enclave or are being used by personnel in DoD spaces. These devices may provide attackers with a way to breach the network. This control applies to monitoring by intrusion detection systems and is not applicable to the firewall function.

Description

DoD information could be compromised if wireless monitoring is not performed to identify unauthorized WLAN clients and access points connected to or attempting to connect to the network. A WIDS sensor must be installed and placed to monitor wireless network transmissions for possible attacks and unauthorized traffic. Rogue devices are unauthorized wireless devices which are either connected to the enclave or are being used by personnel in DoD spaces. These devices may provide attackers with a way to breach the network. This control applies to monitoring by intrusion detection systems and is not applicable to the firewall function.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000266-FW-NA_chk )
This requirement is NA for firewall. No fix required.

Fix Text (F-SRG-NET-000266-FW-NA_fix)
This requirement is NA for firewall. No fix required.