WLAN Controller STIG (STIG) Version Comparison

There are 5 differences between versions v6 r13 (Jan. 26, 2018) (the "left" version) and v6 r15 (April 26, 2019) (the "right" version).

Check WIR0115-3 was added to the benchmark in the "right" version.

This check's original form is available here.

Title

WLAN components must be FIPS 140-2 certified.

Check Content

Review the WLAN equipment specification and verify it is FIPS 140-2 (CMVP) certified for data in transit, including authentication credentials. If the WLAN equipment is not is FIPS 140-2 (CMVP) certified, this is a finding.

Discussion

If the DoD WLAN components (WLAN AP, controller, or client) are not NIST FIPS 140-2 (Cryptographic Module Validation Program – CMVP) certified, the WLAN system may not adequately protect sensitive unclassified DoD data from compromise during transmission.

Fix

Use WLAN equipment that is FIPS 140-2 (CMVP) certified.