UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The organization must conduct continuous wireless IDS scanning at each of its sites.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-MPOL-023 SRG-MPOL-023 SRG-MPOL-023_rule Medium
Description
DoD networks are at risk for intrusion and DoD data may be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. A Wireless IDS (WIDS) sensor must be installed and placed to monitor wireless network transmissions for possible attacks and unauthorized traffic. This requirement applies to all DoD sites that operate DoD computer networks, including sites that have no authorized WLAN systems. DoD components will ensure that a Wireless Intrusion Detection System (WIDS) is implemented that allows for monitoring of WLAN activity and the detection of WLAN-related policy violations on all unclassified and classified DoD wired and wireless LANs.
STIG Date
Mobile Policy Security Requirements Guide 2012-10-10

Details

Check Text ( C-SRG-MPOL-023_chk )
Determine if WIDS scanning is being performed and if it is continuous or periodic. The WIDS must continuously scan for and detect authorized and unauthorized WLAN activities 24 hours a day, 7 days a week. If continuous WIDS scanning is not being performed, this is a finding.
Fix Text (F-SRG-MPOL-023_fix)
Install and configure one or more WIDS to continuously monitor and scan the network for unauthorized wireless traffic.