The DoD component must employ an intrusion detection system to monitor wireless communications traffic as the traffic passes from wireless to wireline networks.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35944	SRG-MPOL-026	SV-47260r1_rule		Medium

Description
DoD networks are at risk for intrusion and DoD data may be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. An especially vulnerable location for access is at the transition point from wireless to wireline networks. An intrusion detection system (IDS) must be employed by DoD components to monitor the transition from the wireless network to the wireline network for possible attacks and unauthorized traffic.

Description

DoD networks are at risk for intrusion and DoD data may be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. An especially vulnerable location for access is at the transition point from wireless to wireline networks. An intrusion detection system (IDS) must be employed by DoD components to monitor the transition from the wireless network to the wireline network for possible attacks and unauthorized traffic.

STIG	Date
Mobile Policy Security Requirements Guide	2013-01-24

Details

Check Text ( C-44181r1_chk )
Review the DoD component wireless architecture. Determine if an IDS is used to at the transition from wireless networks to wireline networks. If the DoD component does not employ an IDS at the transition, this is a finding.

Fix Text (F-40469r1_fix)
Implement and document an architecture with an IDS at the transition from wireless networks to wireline networks.