AC-18 Wireless Access
a. Establish configuration requirements, connection requirements, and implementation guidance for each type of wireless access; and
b. Authorize each type of wireless access to the system prior to allowing such connections.
Baselines
- L
- M
- H
- P
Guidance
Wireless technologies include microwave, packet radio (ultra-high frequency or very high frequency), 802.11x, and Bluetooth. Wireless networks use authentication protocols that provide authenticator protection and mutual authentication.
References 2
- SP 800-94 Scarfone KA, Mell PM (2007) Guide to Intrusion Detection and Prevention Systems (IDPS). (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-94.
- SP 800-97 Frankel SE, Eydt B, Owens L, Scarfone KA (2007) Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-97.
Control Enhancements 5
- AC-18(01) Authentication and Encryption L M H P
- AC-18(02) Monitoring Unauthorized Connections
- AC-18(03) Disable Wireless Networking L M H P
- AC-18(04) Restrict Configurations by Users L M H P
- AC-18(05) Antennas and Transmission Power Levels L M H P
Related controls 13
- AC-02 Account Management L M H P
- AC-03 Access Enforcement L M H P
- AC-17 Remote Access L M H P
- AC-19 Access Control for Mobile Devices L M H P
- CA-09 Internal System Connections L M H P
- CM-07 Least Functionality L M H P
- IA-02 Identification and Authentication (Organizational Users) L M H P
- IA-03 Device Identification and Authentication L M H P
- IA-08 Identification and Authentication (Non-organizational Users) L M H P
- PL-04 Rules of Behavior L M H P
- SC-40 Wireless Link Protection L M H P
- SC-43 Usage Restrictions L M H P
- SI-04 System Monitoring L M H P