STIGQter: STIG Summary: WLAN Access Point (Internet Gateway Only Connection) Security Technical Implementation Guide (STIG) Version: 6 Release: 14 Benchmark Date: 27 Apr 2018: STIGQter: STIG Summary: WLAN Access Point (Internet Gateway Only Connection) Security Technical Implementation Guide (STIG) Version: 6 Release: 14 Benchmark Date: 27 Apr 2018:SV-102343r1_rule
V-92241
Guest WLAN infrastructure placement
WIR0123-1
CAT II
10
Reconfigure physical and logical connections as needed so the Internet-only guest WLAN infrastructure resides in a dedicated subnet off the perimeter firewall or installed as a completely separate Internet-connection only WLAN system with no access to the enterprise network.
Have the SA show how the guest WLAN is physically connected to the firewall or supporting switch and how it is logically connected through firewall or switch configuration settings.
Verify the equipment is connected via a separate WLAN or logical segmentation of the host WLAN (e.g., separate service set identifier (SSID) and virtual LAN).
Verify the guest WLAN only provides Internet access.
If a guest WLAN is not set up as a separate WLAN from the DoD network or not set up as a logical segmentation from the DoD network or DoD WLAN, this is a finding.
If the guest WLAN does not only provide Internet access, this is a finding.
V-92241
False
WIR0123-1
Have the SA show how the guest WLAN is physically connected to the firewall or supporting switch and how it is logically connected through firewall or switch configuration settings.
Verify the equipment is connected via a separate WLAN or logical segmentation of the host WLAN (e.g., separate service set identifier (SSID) and virtual LAN).
Verify the guest WLAN only provides Internet access.
If a guest WLAN is not set up as a separate WLAN from the DoD network or not set up as a logical segmentation from the DoD network or DoD WLAN, this is a finding.
If the guest WLAN does not only provide Internet access, this is a finding.
M
545