Free DISA STIG and SRG Library | Vaulted

V-30359

SWLAN access points must implement MAC filtering.

Finding ID
WIR0226
Rule ID
SV-40014r1_rule
Severity
Cat III
CCE
(None)
Group Title
SWLAN MAC Filtering
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

Medium access control (MAC) filtering is a mechanism for ensuring that only authorized devices connect to the WLAN. While there are other methods to achieve similar protection with greater assurance, MAC filtering can be employed as a defense-in-depth measure.

Fix Text

Implement MAC filtering on the SWLAN access point.

Check Content

Detailed Policy Requirements: MAC filtering must be implemented to enable the SWLAN AP to perform client device access control. Check Procedures: Verify MAC address filtering has been implemented on site SWLAN access points. Have the system administrator log into a sample of site SWLAN access points (2-3 devices) and show MAC address filtering has been enabled. Mark as a finding if MAC filtering has not been enabled.

Responsibility

Information Assurance Officer