The Information Assurance component of the WLAN system must be NIAP Common Criteria certified for basic or medium robustness for data in transit.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19895 | WIR0126 | SV-22065r4_rule | ECSC-1 | Low |
| Description |
|---|
| Common criteria certification provides a high level of assurance the manufacturer has properly implemented the product’s security functionality. Products that do not have a common criteria certification post a greater IA risk than those that do. |
| STIG | Date |
|---|---|
| WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide | 2011-10-07 |
Details
| Check Text ( C-25504r2_chk ) |
|---|
| Detailed Policy requirements: Encryption requirements for data in transit: - The Information Assurance component of the WLAN system is NIAP Common Criteria certified for basic or medium robustness (when WLAN products meeting this requirement are available). Check procedures: Interview IAO and review WLAN system documentation. Verify the Information Assurance component of the WLAN system is NIAP Common Criteria certified for basic or medium robustness. Mark as a finding if the WLAN equipment is not NIAP Common Criteria certified, unless the IAO can show that there are no commercially available products meeting this requirement. |
| Fix Text (F-34067r1_fix) |
|---|
| Procure and implement WLAN equipment that is NIAP Common Criteria certified. |