The network element must authenticate devices before establishing wireless network connections using bidirectional authentication between cryptographically based devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000150-RTR-NA	SRG-NET-000150-RTR-NA	SRG-NET-000150-RTR-NA_rule		Medium

Description
Without authentication, an unauthorized user can easily connect to a nearby access point (AP) within the enclave. In addition, a rogue AP owned by an attacker can accept connections from wireless stations enabling it to intercept traffic and initiate man-in-the-middle attacks before allowing traffic to flow to the intended host. Hence, it is imperative that authentication be bidirectional using cryptography to ensure a high level of trust and authenticity. This requirement is applicable to network wireless access and is not applicable to the routing function.

Description

Without authentication, an unauthorized user can easily connect to a nearby access point (AP) within the enclave. In addition, a rogue AP owned by an attacker can accept connections from wireless stations enabling it to intercept traffic and initiate man-in-the-middle attacks before allowing traffic to flow to the intended host. Hence, it is imperative that authentication be bidirectional using cryptography to ensure a high level of trust and authenticity. This requirement is applicable to network wireless access and is not applicable to the routing function.

STIG	Date
Router Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000150-RTR-NA_chk )
This requirement is NA for router.

Fix Text (F-SRG-NET-000150-RTR-NA_fix)
This requirement is NA for router.