|NIST SP 800-53 Controls for Wireless Security
||Mojo AirTight Capabilities
- Establish usage restrictions and implementation guidance for wireless access;
- Monitor for unauthorized wireless access;
- Authorize wireless access prior to connection; and
- Enforce requirements for wireless connections.
- Wireless access for authorized VLANs and enforcing "no WiFi" policies on those portions of wired enterprise that must remain No WiFi
- Support for 802.11ac, 802.11n, 802.11g, 802.11b and 802.11a
- Assure proper wireless access and prevent unauthorized wireless behavior (automated, always on, auto-authorization of clients, behavior-based authorization)
||Access control for mobile devices
- Establish usage restrictions and implementation guidance for organization-controlled mobile devices;
- Authorize connection of mobile devices meeting organizational usage restrictions and implantation guidance;
- Monitor for unauthorized connections of mobile devices;
- Enforce requirements for the connection of mobile devices;
- Disable information system functionality that provides the capability for automatic execution of code on mobile devices without user direction;
- Applies controls to mobile devices returning from locations deemed to be of significant risk.
- Profile policies enforced for home, work and away
- Automatically block unauthorized access behavior without user intervention or harming neighboring networks
||Audit review, analysis, and reporting
- Review and analyze information system audit records for indications of inappropriate or unusual activity, and report findings to designated organizational officials;
- Adjust the level of audit review, analysis, and reporting when there are significant changes in risks.
- Monitor both the wired and wireless networks for wireless traffic
- Perform wireless policy audits
- Automated reports, compliance reports, forensics analysis, remote packet capture
- Use a configuration management process for the information system and its constituent components;
- Determine the security impact of changes to the information system and environment of operation;
- Provide ongoing security control assessments;
- Report the security state of the information system to appropriate organizational officials.
- Always on, discovers vulnerabilities affecting wireless assets 24x7
- Proactive WLAN performance management and troubleshooting
||Identification and authentication (organizational users):
- Ensure that the information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
- No open wireless network usage
- Monitor encryption and authentication configurations of authorized wireless networks
||Identification and authentication (non-organizational users):
- Ensure that the information system uniquely identifies and authenticates non-organizational users such as civilians, contractors, or guests (or processes acting on behalf of non-organizational users).
- Monitor encryption and authentication configurations of authorized guest wireless networks
||Location of information system components:
- Ensure that the organization position information system components within the facility to minimize the opportunity for unauthorized access.
- Discover all wireless assets on a 24x7 basis without requiring a physical site survey
- Locate unauthorized WiFi devices on your floor map for quick removal
- Categorize information and the information system in accordance with applicable federal authorities;
- Document the security categorization results in the security plan;
- Ensure the security categorization decision is reviewed and approved by authorized parties.
- Automatically classifies all wireless activity into authorized, rogue and external
- Accurately identify genuine threats versus false alarms
- Customization of alerts, events and reports
- Conduct an assessment of risk, including the likelihood and magnitude of harm, from the unauthorized access, use, disclosure, disruption, modification, or destruction of the information system and the information it processes, stores, or transmits.
- Document risk assessment results;
- Review risk assessment results;
- Update the risk assessment or whenever there are significant changes to the system or environment of operation (including the identification of new threats and vulnerabilities), or other conditions that may impact the security state of the system.
- Automated, canned and customizable reports, e.g. wireless vulnerabilities, intrusion prevention
- Continuously monitors wireless activity to identify soft spots in wireless security
- Scan for vulnerabilities in the system and hosted applications, and when new vulnerabilities potentially affect the system/applications are identified and reported;
- Employ vulnerability scanning tools and techniques that promote interoperability among tools and automate parts of the vulnerability management process by using standards;
- Analyze vulnerability scan reports and results from security control assessments;
- Remediate legitimate vulnerabilities in accordance with an organizational assessment of risk; and
- Share information obtained from the vulnerability scanning process and security control assessments with designated personnel to help eliminate similar vulnerabilities in other systems.
- Scan for vulnerabilities affecting both the wired and wireless networks 24x7
- Detect, classify, block and locate rogue access points
- Distributed administration allows regional reports, alerts and management
- Wireless vulnerability reports can be generated automatically or on demand with a single click
- Detailed drill down on detected vulnerabilities
- Monitor and control communications at the external boundary of the system and at key internal boundaries within the system;
- Connect to external networks or information systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security architecture.
- Location based policy enforcement for access points and client devices
||Information systems monitoring:
- Monitor events on the system and detect system attacks;
- Identify unauthorized use of the system;
- Deploy monitoring devices;
- Heighten the level of system monitoring whenever there is an indication of increased risk;.
- Provides monitoring for WLAN security and performance
||Security alerts, advisories, and directives:
- Receive system security alerts, advisories, and directives from designated external organizatinos on an ongoing basis;
- Generate internal security alerts, advisories, and directives as deemed necessary;
- Disseminate security alerts, advisories, and directives to designated personnel; and
- Implement security directives in accordance with established time frames, or notify the issuing organization of the degree of noncompliance.
- Automatic notification of all wireless client vulnerabilities
- Centralized alarms and reporting from thousands of sensors and millions of devices
||Information system inventory:
- Develop and maintain an inventory of the organization’s information systems.
- Detects and documents all wireless devices in the air space