Attached below is a Bulletin from NIST’s Information Technology Laboratory discussing agency guidance for securing WLANS. The document notes that,
NIST SP 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs), was written by Murugiah Souppaya of NIST and Karen Scarfone of Scarfone Cybersecurity. The publication supplements other NIST publications on the security of wireless local area networks; it summarizes and strengthens recommendations to help organizations improve the security configuration and monitoring of their IEEE 802.11 wireless local area networks and their devices connecting to the networks. The recommendations included in SP 800-153 are applicable to the protection of unclassified wireless networks and of unclassified facilities that are within range of unclassified wireless networks.
SP 800-153 points readers to other NIST publications for additional information on system planning, development, and security activities. Federal organizations should follow the recommendations in other NIST publications, such as NIST SP 800-48, Guide to Securing Legacy IEEE 802.11 Wireless Networks, and NIST SP 800-97, Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i. In cases where there might be a conflict between recommendations in the publications cited here, the provisions of NIST SP 800-153 apply.
A section of the new guideline provides recommendations for WLAN security configuration, including configuration design, implementation, evaluation, and maintenance. Another section overviews the monitoring of WLAN security and provides guidelines concerning the selection of monitoring tools and the frequency of security monitoring. Information contained in the appendices includes a list of the major security controls for WLAN security that are incorporated in NIST SP 800-53, Recommended Security Controls for Federal Information Systems and Organizations; a list of acronyms and abbreviations used in the publication; and a list of references on issues related to WLAN security.
NIST SP 800-153 is available from the NIST web page here.