UCF STIG Viewer Logo

Harris SecNet 11 / 54 Security Technical Implementation Guide (STIG)


Overview

Date Finding Count (11)
2016-11-14 CAT I (High): 5 CAT II (Med): 4 CAT III (Low): 2
STIG Description
This STIG contains the technical security controls for the operation of the Harris SecNet 11 or 54 classified WLAN devices in the DoD environment.

Available Profiles



Findings (MAC I - Mission Critical Public)

Finding ID Severity Title
V-3512 High NSA Type1 products and required procedures must be used to protect classified data at rest (DAR) on wireless devices used on a classified WLAN or WMAN.
V-72525 High Only supported versions of the Harris SecNet 11/54 should be used.
V-30369 High SWLAN must be rekeyed at least every 90 days.
V-18582 High A Secure WLAN (SWLAN) connected to the SIPRNet must have a SIPRNet connection approval package must be on file with the Classified Connection Approval Office (CCAO).
V-15300 High Any wireless technology used to transmit classified information must be an NSA Type 1 product.
V-14886 Medium Wireless access points and bridges must be placed in dedicated subnets outside the enclave’s perimeter.
V-18584 Medium Physical security controls must be implemented for SWLAN access points.
V-14002 Medium A device’s wired network interfaces (e.g., Ethernet) must be disconnected or otherwise disabled when wireless connections are in use.
V-18583 Medium Before a Secure WLAN (SWLAN) becomes operational and is connected to the SIPRNet the Certified TEMPEST Technical Authority (CTTA) must be notified.
V-14846 Low WLAN SSIDs must be changed from the manufacturer’s default to a pseudo random word that does not identify the unit, base, organization, etc.
V-30359 Low SWLAN access points must implement MAC filtering.