The organization must only procure and deploy WPA2-Enterprise certified WLAN equipment and software for wireless systems that connect directly to DoD networks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35942 | SRG-MPOL-024 | SV-47258r1_rule | Medium |
| Description |
|---|
| The Wi-Fi Alliance WPA2-Enterprise certification means the WLAN equipment can support DoD security protocol and encryption requirements, most notably EAP-TLS and AES-CCMP. If the equipment has not been WPA-Enterprise certified, the equipment may not have the required security functionality to adequately protect DoD networks and information. |
| STIG | Date |
|---|---|
| Mobile Policy Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-44179r1_chk ) |
|---|
| Review the WLAN system product documentation (specification sheet, administration manual, etc.). Verify the system is WPA2-Enterprise certified. If the system is not WPA2-Enterprise certified, this is a finding. Note that WPA is the precursor certification to WPA2 and is not sufficient. |
| Fix Text (F-40467r1_fix) |
|---|
| Update all WLAN equipment and software to WPA2-Enterprise certified for wireless systems that connect directly to DoD networks. |