The organization must conduct continuous wireless IDS scanning at each of its sites.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-MPOL-023 | SRG-MPOL-023 | SRG-MPOL-023_rule | Medium |
| Description |
|---|
| DoD networks are at risk for intrusion and DoD data may be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. A Wireless IDS (WIDS) sensor must be installed and placed to monitor wireless network transmissions for possible attacks and unauthorized traffic. This requirement applies to all DoD sites that operate DoD computer networks, including sites that have no authorized WLAN systems. DoD components will ensure that a Wireless Intrusion Detection System (WIDS) is implemented that allows for monitoring of WLAN activity and the detection of WLAN-related policy violations on all unclassified and classified DoD wired and wireless LANs. |
| STIG | Date |
|---|---|
| Mobile Policy Security Requirements Guide | 2012-10-10 |
Details
| Check Text ( C-SRG-MPOL-023_chk ) |
|---|
| Determine if WIDS scanning is being performed and if it is continuous or periodic. The WIDS must continuously scan for and detect authorized and unauthorized WLAN activities 24 hours a day, 7 days a week. If continuous WIDS scanning is not being performed, this is a finding. |
| Fix Text (F-SRG-MPOL-023_fix) |
|---|
| Install and configure one or more WIDS to continuously monitor and scan the network for unauthorized wireless traffic. |