Castleforce IT Security Team

Wireless Networks

GCSX No 11.1 Wireless Networks

Wireless Networks are configured and operated in accordance with CESG Infosec Manual Y or other approved encryption schemes and be included in the IT Health Check

Wireless Security Assessment

Wireless LANs offer an easy to use, easy to deploy and highly mobile method of connecting to a Corporate LAN. Because of this and plummeting costs there has been explosive growth in the deployment of 802.11b networks over the past 18-months and the trend is set to grow. The security of these networks however is often overlooked.

We can offer the ability to test the security of Wireless Networks to make sure they are configured correctly and operate in accordance with CESG Infosec Manual Y.

FIPS / Manual Y / Common Criteria / DoD Directive 8100.2

International governments and financial institutions have defined a series of security standards compliance with which is mandatory before a wireless network can be deployed. Aruba is the only wireless LAN vendor to meet FIPS 140-2, Manual Y Common Criteria, and Directive 8100.2 requirements.
  • The FIPS 140-2 standard specifies the cryptographic security requirements for sensitive but unclassified information, and is applied to a wide range of U.S. government applications. The standard defines multiple levels of security that correspond with the wide range of potential applications and environments in which such systems may be employed.
  • The Information Assurance arm of the Government Communication Headquarters, known as CESG, is the UK Government's National Technical Authority for Information Assurance, and is responsible for validating Government use of wireless networks under a process titled "Manual Y." Manual Y compliance is mandatory in order for a wireless network to achieve high security level certification for use on U.K. Defence applications.
  • The Common Criteria, also known as ISO standard 15408, addresses the protection of assets from unauthorized disclosure, modification, or loss of use arising from both intentional and unintentional causes. It both defines a set of security functionality requirements for IT hardware, software, and firmware products, and, through a rigorous evaluation process, ensures that those requirements have been satisfied. Users turn to the Common Criteria as a guide for the procurement of IT products with security functionality because certified products have validated functionality meeting a well-defined set of criteria.
  • DoD Directive 8100.2 spells out policies for deploying and monitoring secure wireless networks comprised of commercial wireless devices, services, and technologies in the DoD Global Information Grid. Among other criteria, Directive 8100.2 requires data encryption, strong authentication, non-repudiation, personal identification, and use of the 802.11i Wi-Fi security standard.

Contact-Castleforce-for-help-with-Compliance

Wireless LAN (WLAN) Security

Aruba Networks secure wireless LAN products and services   Aruba's integrated policy-enforcement firewall, high-security encryption, standards-based authentication, wireless intrusion detection/prevention, and compliance audit reporting assistance meet or exceed the wireless LAN-specific security requirements in GCSx CoCo. Local Authorities using an Aruba solution can cost-effectively implement the Wireless security controls required for GCSx CoCo compliance without compromising the performance of business applications or upgrading legacy networks. 

Contact us for more details on a Wireless Security Assessment


Trend Micro Websense integrated Web, data and email security The Mycroft Gateway solution provides DSAS accredited hosting environments for UK Restricted data Safend Secure your Endpoints Stonesoft produce high availability multi link ISP firewalls to help reduce single point of failure AwareGO IT Security Awareness Training LogLogic open log management and database activity monitoring Aruba Networks securing the wireless LAN SureCloud automates the vulnerability management life-cycle nuBridges Application and Database Encryption with encryption, tokenization and key management Network Access Control and IPS by ForeScout C2C Email archiving, file archiving email management software Bit9 Application Whitelisting Titus-labs classify your data

© Copyright Castleforce 2007-2010. Web design by Theme Group