Under active development Content is continuously updated and improved

SI-4(15)System Monitoring | Wireless to Wireline Communications

IL5
IL6

>Control Description

Employ an intrusion detection system to monitor wireless communications traffic as the traffic passes from wireless to wireline networks.

>DoD Impact Level Requirements

No specific parameter values or requirements for this impact level.

>Discussion

Wireless networks are inherently less secure than wired networks. For example, wireless networks are more susceptible to eavesdroppers or traffic analysis than wireline networks. When wireless to wireline communications exist, the wireless network could become a port of entry into the wired network.

Given the greater facility of unauthorized network access via wireless access points compared to unauthorized wired network access from within the physical boundaries of the system, additional monitoring of transitioning traffic between wireless and wired networks may be necessary to detect malicious activities. Employing intrusion detection systems to monitor wireless communications traffic helps to ensure that the traffic does not contain malicious code prior to transitioning to the wireline network.

>Related Controls

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies and procedures govern wireless to wireline communications?
  • Who is responsible for monitoring system and information integrity?
  • How frequently are integrity monitoring processes reviewed and updated?

Technical Implementation:

  • What technical controls detect and respond to wireless to wireline communications issues?
  • How are integrity violations identified and reported?
  • What automated tools support system and information integrity monitoring?
  • What anti-malware solutions are deployed and how are they configured?
  • What systems and events are monitored for integrity violations?

Evidence & Documentation:

  • Can you provide recent integrity monitoring reports or alerts?
  • What logs demonstrate that SI-4(15) is actively implemented?
  • Where is evidence of integrity monitoring maintained and for how long?
  • Can you show recent malware detection reports and response actions?
  • Can you provide examples of integrity monitoring alerts and responses?

Ask AI

Configure your API key to use AI features.