UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The organization must only procure and deploy WPA2-Enterprise certified WLAN equipment and software for wireless systems that connect directly to DoD networks.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35942 SRG-MPOL-024 SV-47258r1_rule Medium
Description
The Wi-Fi Alliance WPA2-Enterprise certification means the WLAN equipment can support DoD security protocol and encryption requirements, most notably EAP-TLS and AES-CCMP. If the equipment has not been WPA-Enterprise certified, the equipment may not have the required security functionality to adequately protect DoD networks and information.
STIG Date
Mobile Policy Security Requirements Guide 2013-01-24

Details

Check Text ( C-44179r1_chk )
Review the WLAN system product documentation (specification sheet, administration manual, etc.). Verify the system is WPA2-Enterprise certified. If the system is not WPA2-Enterprise certified, this is a finding. Note that WPA is the precursor certification to WPA2 and is not sufficient.
Fix Text (F-40467r1_fix)
Update all WLAN equipment and software to WPA2-Enterprise certified for wireless systems that connect directly to DoD networks.