Title

The organization must monitor for unauthorized wireless connections to the information system at an organization defined time period. (Cat II impact)

Discussion

DoD networks are at risk, and DoD data could be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. DoD components will ensure a Wireless Intrusion detection System (WIDS) is implemented that allows for monitoring of WLAN activity and the detection of WLAN-related policy violations on all unclassified and classified DoD wired and wireless LANs. The WIDS shall be capable of monitoring Wi-Fi transmissions within all DoD LAN environments and detecting nearby unauthorized WLAN devices. WIDS are not required to monitor non-Wi-Fi transmissions.

Check Content

Review the site's network monitoring and scanning procedures. Determine if monitoring of the WIDS is being conducted at an organized defined time period. If WIDS monitoring is not being performed at an organization defined time period, this is a finding.

Fix Text

Monitor for unauthorized wireless connections to the information system at an organization defined time period.

Additional Identifiers

Rule ID:

Vulnerability ID: V-35919

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.