NSA and Wireless Security
NSA - National Security Agency
The National Security Agency/Central Security Service is America’s cryptologic organization. It coordinates, directs, and performs highly specialized activities to protect U.S. government information systems and produce foreign signals intelligence information. A high technology organization, NSA is on the frontiers of communications and data processing. It is also one of the most important centers of foreign language analysis and research within the government.
Security Configuration Guides
NSA has developed and distributed configuration guidance for a wide variety of software and hardware. The objective of the configuration guidance program is to provide NSA’s customers with the best possible security options in the most widely used products. Security configuration guides are available for Applications, Database Servers, Operating Systems, Routers, Switches, VoIP and IP Telephony, Web Servers and Browsers and Wireless related technologies.
NSA and Wireless Security
There are currently two documents developed and distributed by the Systems and Network Attack Center’s Network Hardware Analysis and Evaluation Division related to wireless LANs and wireless LAN security.
Guidelines for the Development and Evaluation of IEEE 802.11 Intrusion Detection Systems (IDS) Updated: September 2005
In today’s increasingly wireless world, organizations are quickly realizing the security benefits of constantly monitoring the electromagnetic spectrum within their enterprise. When an organization has an interest in identifying and locating unauthorized wireless hardware and preventing intrusion attempts on their network, the benefits of this monitoring exist regardless of whether or not network owners officially sanction the use of wireless devices. Many government entities have monitored their spaces for the presence of cellular, Bluetooth, infrared, and/or IEEE 802.11 signals for years. The DoD Directive 8100.2 now mandates RF monitoring, intrusion detection, and denial of service prevention in DoD networks. Although not a specific requirement, RF monitoring and intrusion detection could also help federal and military operated health care institutions meet the requirements of the Health Insurance Portability and Accountability Act (HIPAA).
Recommended 802.11 Wireless Local Area Network Architecture Updated: November 2005
Wireless local area network (WLAN) technology based on the IEEE 802.11 suite of standards is available as built-in options on most new personal computers and as add-on hardware through USB and PCMCIA adapters. The low hardware cost, ease of installation, increased mobility, and network configuration flexibility has led many Government agencies and organizations to implement WLAN solutions for their users to access their enterprise network. With the pervasive use of 802.11 networks throughout the Government and their impending use within the intelligence community, it is imperative for the National Security Agency’s (NSA) Information Assurance Directorate (IAD) to make an informed recommendation of a wireless network architecture for Government unclassified networks. Wireless networks with classified data require additional protection solutions that are not addressed here.
I recommend these documents be used for information purposes only and not as strict requirements documents when selecting or configuring 802.11 Intrusion Detection Systems (IDS) or 802.11 Wireless Local Area Networks (WLANs).
Related Posts
If you liked this post, subscribe using below
WLAN Book RSS Feed
WLAN Book by Email
.
Filed under: WLAN Policy, WLAN Security
Leave a Reply