The organization must only procure and deploy WPA2-Enteprise certified WLAN equipment and software.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-MPOL-019 | SRG-MPOL-019 | SRG-MPOL-019_rule | Medium |
| Description |
|---|
| The Wi-Fi Alliance WPA2-Enterprise certification means the WLAN equipment can support DoD security protocol and encryption requirements, most notably EAP-TLS and AES-CCMP. If the equipment has not been WPA-Enterprise certified, the equipment may not have the required security functionality to adequately protect DoD networks and information. |
| STIG | Date |
|---|---|
| Mobile Policy Security Requirements Guide | 2012-10-10 |
Details
| Check Text ( C-SRG-MPOL-019_chk ) |
|---|
| Review the WLAN system product documentation (specification sheet, administration manual, etc.). Verify the system is WPA2-Enterprise certified. If the system is not WPA2-Enterprise certified, this is a finding. Note that WPA is the precursor certification to WPA2 and is not sufficient. |
| Fix Text (F-SRG-MPOL-019_fix) |
|---|
| Ensure all WLAN equipment is WPA2-Enterprise certified. |