Meeting Wireless Security Standards for Military Agencies

Under the umbrella requirements of FISMA, military agencies follow technical guidelines for wireless security published by the National Institute for Standards and Technology. But since their mission is national security, Congress holds military agencies to more stringent requirements for wireless security. To this end, the Department of Defense has published DoD Directive 8420.01, which addresses additional security requirements for commercial wireless local area network devices, systems, and technologies.

About DoD Directive 8420.01

This directive was issued on November 3, 2009. It specifies a minimum set of security measures required on WLAN-enabled portable electronic devices that transmit, receive, process, or store unclassified and classified information. The directive also provides guidance on establishing network intrusion detection capability for monitoring LANs. This directive supersedes DoD Directive 8100.02, Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense (DoD) Global Information Grid (GIG), which was issued in 2004.

How Mojo Networks Helps Military Agencies Meet DoD Requirements

The matrix below shows selected procedures specified in DoD Directive 8420.01 affecting wireless LAN security and how Mojo Networks addresses these recommendations using the Mojo AirTight wireless security system.

DoD Directive 8420.01 Best Practices Mojo AirTight Capabilities
Credentials for unclassified authentication require use of a Common Access Card (CAC)
  • Mojo AirTight works with approved CACs
Unclassified WLAN systems shall have NIST CMVP FIPS 140 validated authentication schemes
  • FIPS 140-2 compliant
Any IA-enabled unclassified WLAN product shall be NIAP Common Criteria (CC) validated
  • Mojo AirTight is Common Criteria validated
Strong authentication shall be implemented at network and device levels for unclassified WLANs
  • Mojo AirTight monitors for strong authentication usage by WLAN devices
Wireless intrusion detection system (WIDS) must be used for classified WLANs
  • Mojo AirTight provides automated wireless intrusion prevention but can be configured for detection only if required.
WIDS must monitor IEEE 802.11 transmission within all classified DoD LAN environments and detected nearby unauthorized WLAN devices
  • Mojo AirTight monitors 802.11 a/b/g/n/ac transmissions and detects all unauthorized WLAN devices. Furthermore Mojo AirTight automatically and accurately classifies both client and AP devices as authorized, rogue, guest or external.
WIDS must continuously scan for and detect authorized and unauthorized classified WLAN activities 24x7, and include location-sensing capability for remediation
  • Mojo AirTight provides dedicated monitoring 24x7 and includes precise wireless device location capability.
  • Always on sensor (off-line mode)
  • Overlays most WLAN infrastructure while providing benefits of integration.
The WLAN solution must incorporate best practices for implemention of WLANS specified in the Wireless STIG
  • Mojo AirTight is a key component to the deployment of a WLAN as defined by the Wireless STIG allowing you to enforce your wireless policy.

Other Wireless Security Guidelines for Military Agencies

Defense agencies are also expected to follow IT implantation guidelines published by the Defense Information Systems Agency. Guidelines are unclassified, and also may be used by civilian agencies. The Security Technical Information Guides (STIGs) are available from the STIG website. Among these, are several STIGs devoted to wireless.  Additional high level guidelines for defense agencies may be found in the Policy on Wireless Communications: Protecting National Security Information by the Committee on National Security Systems.

Learn More About Mojo Networks

Learn more about Mojo's unique differenitiators

Share this: