15.3: Use a Wireless Intrusion Detection System
Use a wireless intrusion detection system (WIDS) to detect and alert on unauthorized wireless access points connected to the network.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
Network |
Detect |
2, 3 |
Dependencies
Sub-control 1.4: Maintain Detailed Asset Inventory
Sub-control 1.5: Maintain Asset Inventory Information
Inputs
The list of approved wireless access points connected to the network
The list of WIDS sensors
Operations
For each WIDS sensor, enumerate the approved wireless access points covered
Measures
M1 - Count of approved wireless access points (from Input 1)
M2 - Count of WIDS sensors (from Input 2)
M3 = List of approved wireless access points covered by WIDS sensors
M4 = Count of M3
M5 = List of approved wireless access points not covered by WIDS sensors
M6 = Count of M5
Metrics
Coverage
Metric |
Ratio of wireless access points covered by WIDS sensors to the total number of wireless access points
|
Calculation |
|