DoD Commercial WLAN Technologies Instruction 8420.01
The US Department of Defense (DOD) released a commercial wireless local area network (WLAN) devices, systems, and technologies Instruction (NUMBER 8420.01) that implements the DoD Directive 8100.2 related to commercial wireless that was released in 2004 and updated in 2006 [DoD Instruction Number 8420.01].
Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense (DoD) Global Information Grid (GIG) – April 14, 2004. [source]
DoDD 8100.2 Supplement
Use of Commercial Wireless Local-Area Network (WLAN) Devices, Systems, Technologies in the Department of Defense (DoD) Global Information Grid (GIG) -June 2, 2006. [source]
The 8420.01 Instruction mainly applies to DoD owned 802.11 devices and networks.
The Instruction does not apply to non 802.11 technologies such as Bluetooth and WIMAX and non DoD systems that use 802.11 such as hotspots, hotel, and home networks.
Policy for Unclassified WLANs
Unclassified WLAN systems shall be standards-based and IEEE 802.11 compliant, employ certified RF communications functions for interoperability, and employ certified and/or validated information assurance (IA) and cryptographic functions.
Unclassified WLAN-enabled PEDs shall use antivirus software, personal firewalls, data-at-rest encryption, and implement strong identification and authentication (I&A) (e.g., two factor, at a minimum) to access the device and the network.
PED = Portable Electronic Device (aka PDA, PDA phone)
WLAN-enabled PEDs = Devices like the iPhone, Palm Pre, and newer Blackberry smartphones
Policy for Classified WLANs
Employ National Security Agency (NSA)-approved encryption end-to-end and secure the storage, processing, receipt, and transmission of information accessed using NSA-approved encryption.
The WLAN must include information assurance measures:
- Classified WLAN-enabled PEDs shall use NSA, Type 1 encryption to protect classified data-in-transit and data-at-rest on PEDs.
- Unclassified and classified DoD wired and wireless LANs shall have a wireless intrusion detection capability that can be used to monitor WLAN activity and identify WLAN-related policy violations.
- Unclassified and classified WLAN-enabled PEDs used to access DoD e-mail systems shall support the signing and encrypting of e-mail.
Download DoD WLAN Instruction 8420.01 PDF
Download and read the entire DoD Instruction Number 8420.01.
If you liked this post, subscribe using below