COMMERCIAL WIRELESS LOCAL-AREA NETWORK (WLAN) DEVICES, SYSTEMS, AND TECHNOLOGIES
|Publication Date:||3 November 2017|
• Establishes policy, assigns responsibilities, and provides procedures for the use of commercial WLAN devices, systems, and technologies in accordance with the authority in DoD Directive (DoDD) 5144.02.
• Specifies the minimum set of security measures required on WLAN-enabled portable electronic devices (PED) and workstations that transmit, receive, process, or store unclassified and classified information.
• Clarifies use of non-DoD WLAN systems.
• Provides guidance on establishing a wireless network intrusion detection and prevention capability for monitoring WLAN and configuring it for improved event handling.
• Promotes reciprocity by requiring all DoD owned and operated unclassified WLANs to support access by authorized DoD users with a DoD provided WLAN-enabled PED.
• Provides guidance on the use of personal devices on a WLAN.
• Directs DoD Components to include support for unclassified WLAN systems in new DoD facilities during the planning stage to accommodate new technologies.
a. Applies to:
(1) OSD, the Military Departments, the Office of the Chairman of the Joint Chiefs of Staff and the Joint Staff, the Combatant Commands, the Office of the Inspector General of the Department of Defense, the Defense Agencies, the DoD Field Activities, and all other organizational entities within the DoD (referred to collectively in this issuance as the "DoD Components").
(2) WLAN devices, systems, and technologies developed by commercial industry in compliance with the current Institute of Electrical and Electronics Engineers (IEEE) standard in IEEE Standard 802.11-2016 and ratified amendments and revisions, that are used to store, process, receive, or transmit unclassified and classified information, which will be referred to as "IEEE 802.11." This also includes the International Organization for Standardization (ISO)/International Electrotechnical Commission 8802-11: 2012 and ratified amendments and revisions for the international operational environment.
(3) WLAN-enabled information systems that have direct or indirect connection to operational DoD networks (i.e., SECRET Internet Protocol Router Network (SIPRNET), Non- Secure Internet Protocol Router Network) are not exempt from this issuance, except as noted in Paragraph 3.13. A PED that is capable of IEEE 802.11 connectivity will hereafter be referred to as a WLAN-enabled PED.
b. Does not apply to:
(1) Other wireless or cellular technologies.
(2) The detection segment of a PED, in accordance with DoDD 8100.02.
(3) The use of other wired or wireless access technologies or services on the WLANenabled PED or workstation that is not compliant with IEEE 802.11.
c. Nothing in this issuance alters or supersedes the existing authorities and policies of the Under Secretary of Defense for Intelligence (USD(I)) regarding the protection of sensitive compartmented information and sensitive compartmented information facilities (SCIF), as directed by Executive Order 12333 and other laws and regulations.
d. Nothing in this issuance alters or supersedes the existing authorities and policies of the USD(I) regarding the protection of special access program information and facilities.