UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The WLAN implementation of EAP-TLS must be FIPS 140-2 validated.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19900 WIR0115-02 SV-22070r3_rule ECSC-1 ECWN-1 Medium
Description
Most known security breaches of cryptography result from improper implementation of the cryptography, not flaws in the cryptographic algorithms themselves. FIPS 140-2 validation provides assurance that cryptography is implemented correctly, and is required for Federal Government uses of cryptography in non-classified applications.
STIG Date
WLAN Authentication Server Security Technical Implementation Guide 2011-10-10

Details

Check Text ( C-25550r2_chk )
Review the WLAN system product documentation (specification sheet, administration manual,
etc.), which should include the FIPS 140-2 certificate for the WLAN system. Verify the certificate specifically covers the implementation of TLS. If there are any concerns about the currency or veracity of the certificate in the product documentation, the reviewer should check the NIST Internet web site (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm) and find the certificate.
Fix Text (F-34115r1_fix)
Procure WLAN equipment whose implementation of TLS has been FIPS 140-2 validated.