Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-MPOL-034 | SRG-MPOL-034 | SRG-MPOL-034_rule | Medium |
Description |
---|
DoD networks are at risk, and DoD data could be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. DoD components will ensure that a Wireless Intrusion detection System (WIDS) is implemented that allows for monitoring of WLAN activity and the detection of WLAN-related policy violations on all unclassified and classified DoD wired and wireless LANs. The WIDS shall be capable of monitoring IEEE 802.11 transmissions within all DoD LAN environments and detecting nearby unauthorized WLAN devices. WIDS are not required to monitor non-IEEE 802.11 transmissions. |
STIG | Date |
---|---|
Mobile Policy Security Requirements Guide | 2012-10-10 |
Check Text ( C-SRG-MPOL-034_chk ) |
---|
Review the site's network monitoring and scanning procedures. Determine if monitoring of the WIDS is being conducted on an organized-defined frequency. If WIDS monitoring is not being performed on an organization-defined frequency, this is a finding. |
Fix Text (F-SRG-MPOL-034_fix) |
---|
Monitor for unauthorized wireless connections to the information system on an organization-defined frequency. |