Sign up for a customized personal demo with an AirTight expert.
Meeting Wireless Security Standards for Military Agencies
Under the umbrella requirements of FISMA, military agencies follow technical guidelines for wireless security published by the National Institute for Standards and Technology. But since their mission is national security, Congress holds military agencies to more stringent requirements for wireless security. Toward this end, the Department of Defense has published DoD Directive 8420.01, which addresses additional security requirements for commercial wireless local area network devices, systems, and technologies.
About DoD Directive 8420.01
This directive was issued on November 3, 2009. It specifies a minimum set of security measures required on WLAN-enabled portable electronic devices that transmit, receive, process, or store unclassified and classified information. The directive also provides guidance on establishing network intrusion detection capability for monitoring LANs. This directive supersedes DoD Directive 8100.02, Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense (DoD) Global Information Grid (GIG), which was issued in 2004.
How AirTight Networks Solutions Help Military Agencies Meet DoD Requirements
The matrix below shows selected procedures specified in DoD Directive 8420.01 affecting wireless LAN security and how AirTight Networks addresses these recommendations.
|DoD Directive 8420.01 Best Practices||AirTight Capabilities|
|Credentials for unclassified authentication require use of a Common Access Card (CAC)||
|Unclassified WLAN systems shall have NIST CMVP FIPS 140 validated authentication schemes||
|Any IA-enabled unclassified WLAN product shall be NIAP Common Criteria (CC) validated||
|Strong authentication shall be implemented at network and device levels for unclassified WLANs||
|Wireless intrusion detection system (WIDS) must be used for classified WLANs||
|WIDS must monitor IEEE 802.11 transmission within all classified DoD LAN environments and detected nearby unauthorized WLAN devices||
|WIDS must continuously scan for and detect authorized and unauthorized classified WLAN activities 24x7, and include location-sensing capability for remediation||
|The WLAN solution must incorporate best practices for implemention of WLANS specified in the Wireless STIG||
Other Wireless Security Guidelines for Military Agencies
Defense agencies are also expected to follow IT implantation guidelines published by the Defense Information Systems Agency. Guidelines are unclassified, and also may be used by civilian agencies. The Security Technical Information Guides (STIGs) are available from the STIG website. Among these, are several STIGs devoted to wireless. Additonal high level guidelines for defense agencies may be found in the Policy on Wireless Communications: Protecting National Security Information by the Committee on National Security Systems.
Learn More About AirTight Networks Solutions
AirTight offers the most powerful wireless intrusion prevention (WIPS) technology to protect both wired and wireless networks from wireless threats. SpectraGuard Enterprise WIPS is used by defense and civilian agencies in the United States and abroad which are the most security conscious. AirTight solutions are appropriate to protect “no Wi-Fi” and managed Wi-Fi networks.
AirTight offers the only comprehensive overlay security solution to protect both wired and Wi-Fi networks from wireless threats. AirTight integrates easily with most enterprise WLANs. Airtight 802.11n sensors are backward compatible with 802.11abg and offer future proof security with a system that can be automatically upgraded as new versions of its products are released. AirTight products are FIPS, Common Criteria and CAC compliant.
Links in this microsite will lead you to more information about federal wireless security requirements and solutions from AirTight Networks. Please contact your AirTight Networks federal sales representative for information specific to your agency’s requirements.