Dernière modification : 19 mars 2025

Policy No. 4204 Wireless Infrastructure Communication Procedure

• Download Wireless Infrastructure Communication Procedure Document

Vue d'ensemble

Proper configuration and deployment of wireless infrastructure devices is essential to the PCSD network. Incorrectly configured wireless infrastructure devices can provide an attacker easy access to a network. Poorly deployed wireless infrastructure devices can disrupt or degrade wireless communication between devices.

Objectif

This procedure specifies the technical requirements that wireless infrastructure devices must satisfy to connect to the PCSD network. Only those wireless infrastructure devices that meet the requirements specified in this procedure or are granted an exception by the InfoSec team are approved for connectivity to the PCSD network.

Network devices including, but not limited to controllers, routers, switches, firewalls, remote access devices, or wireless access points, must be installed, supported, and maintained by the PCSD Network Team.

Champ d'application

All employees, contractors, consultants, temporary and other workers at PCSD, including all personnel that maintain a wireless infrastructure device on behalf of PCSD, must comply with this procedure. This procedure applies to wireless devices that make a connection to the network and all wireless infrastructure devices that provide wireless connectivity to the network. The InfoSec Team must approve exceptions to this procedure in advance.

Procédure

PCSD Wireless Device Requirements

• All wireless infrastructure devices that connect to a PCSD network or provide access to Confidential, Highly Confidential, or Restricted information must:
  • Use Extensible Authentication Protocol-Fast Authentication via Secure Tunneling (EAP-FAST), Protected Extensible Authentication Protocol (PEAP), or Extensible Authentication Protocol-Translation Layer Security (EAP-TLS) as the authentication protocol.
  • Use Advanced Encryption System (AES) protocols with a minimum key length of 128 bits.
  • Be configured and deployed by PCSD Networking.
  • All Bluetooth devices must use Secure Simple Pairing with encryption enabled.

Lab and Isolated Wireless Device Requirements

• Lab device Service Set Identifier (SSID) must be different from PCSD production device SSID.

Home Wireless Device Requirements

• All home wireless infrastructure devices that provide direct access to a PCSD network via VPN must adhere to the following:
  • Enable at the minimum WPA2.
  • When enabling WPA2, configure a complex shared secret key (at least 10 characters) on the wireless client and the wireless access point.
  • Change the default SSID name.
  • Change the default login and password (should follow the Password Procedures).

Dernière mise à jour Statut :

Mise à jour janvier 2015

• 4204 Utilisation de la technologie
• 4204 Utilisation acceptable
• 4204 Audit
• 4204 Bureau propre
• 4204 Plan de reprise après sinistre
• 4204 Courriel
• 4204 Formation des employés à la sensibilisation à la sécurité
• 4204 Chiffrement
• 4204 Mot de passe
• 4204 Accès à distance
• 4204 Sécurité des routeurs et des commutateurs
• 4204 Sécurité des postes de travail sensibles
• 4204 Plan d'intervention de sécurité
• 4204 Sécurité du serveur
• 4204 Installation du logiciel
• 4204 Services de sécurité des sites web
• 4204 Communication entre dispositifs sans fil
• 4204 Communication d'infrastructure sans fil