The organization must monitor for unauthorized wireless access DoD networks.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-MPOL-022	SRG-MPOL-022	SRG-MPOL-022_rule		Medium

Description
DoD networks are at risk for intrusion and DoD data may be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. DoD components will ensure that a Wireless Intrusion Detection System (WIDS) is implemented that allows for monitoring of WLAN activity and the detection of WLAN-related policy violations on all unclassified and classified DoD wired and wireless LANs.

Description

DoD networks are at risk for intrusion and DoD data may be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. DoD components will ensure that a Wireless Intrusion Detection System (WIDS) is implemented that allows for monitoring of WLAN activity and the detection of WLAN-related policy violations on all unclassified and classified DoD wired and wireless LANs.

STIG	Date
Mobile Policy Security Requirements Guide	2012-10-10

Details

Check Text ( C-SRG-MPOL-022_chk )
Review the organization's/site's network diagrams, accreditation documentation, and roles and responsibilities descriptions to ensure wireless intrusion detection capabilities are installed and monitored by approved personnel. If the organization's wireless intrusion detection system (WIDS) is not installed and configured to monitor the network for unauthorized traffic, this is a finding.

Fix Text (F-SRG-MPOL-022_fix)
Install and configure one or more WIDS to monitor for unauthorized wireless traffic to DoD networks.