UCF STIG Viewer Logo

Harris SecNet 11 / 54 Security Technical Implementation Guide (STIG)


Date Finding Count (11)
2013-03-14 CAT I (High): 4 CAT II (Med): 4 CAT III (Low): 3
STIG Description
This STIG contains the technical security controls for the operation of the Harris SecNet 11 or 54 classified WLAN devices in the DoD environment.

Available Profiles

Findings (MAC II - Mission Support Public)

Finding ID Severity Title
V-3512 High NSA Type1 products and required procedures must be used to protect classified data at rest (DAR) on wireless devices used on a classified WLAN or WMAN.
V-30369 High SWLAN must be rekeyed at least every 90 days.
V-18582 High A Secure WLAN (SWLAN) connected to the SIPRNet must have a SIPRNet connection approval package must be on file with the Classified Connection Approval Office (CCAO).
V-15300 High Any wireless technology used to transmit classified information must be an NSA Type 1 product.
V-14886 Medium Wireless access points and bridges must be placed in dedicated subnets outside the enclave’s perimeter.
V-18584 Medium Physical security controls must be implemented for SWLAN access points.
V-14002 Medium A device’s wired network interfaces (e.g., Ethernet) must be disconnected or otherwise disabled when wireless connections are in use.
V-18583 Medium Before a Secure WLAN (SWLAN) becomes operational and is connected to the SIPRNet the Certified TEMPEST Technical Authority (CTTA) must be notified.
V-14846 Low WLAN SSIDs must be changed from the manufacturer’s default to a pseudo random word that does not identify the unit, base, organization, etc.
V-14844 Low The relevant U.S. Forces Command (USFORSCOM) or host nation must approve the use of wireless equipment prior to operation of such equipment outside the United States and Its Possessions (US&P).
V-30359 Low SWLAN access points must implement MAC filtering.