Rule ID
SV-284825r1240681_rule
Version
V1R1
CCIs
Ad hoc wireless client-to-client connections allow mobile devices to communicate with each other directly, circumventing network security policies and making the traffic invisible. This could allow the exposure of sensitive DoW data and increase the risk of downloading and installing malware of the DoW mobile device. SFR ID: FMT_SMF_EXT.1.1 WL-5/PP-Module for WLAN Clients
Review the configuration to determine if the Google Android devices are disallowing Wi-Fi Direct. This validation procedure is performed on both the management tool and the Google Android device. On the management tool in the user restrictions, verify that "Wi-Fi Direct" has been set to "Disallow": COBO: 1. Find "User Restrictions" and select "Set User Restrictions". 2. Scroll down to "Disallow Wi-Fi Direct" and verify that it is set to "ON". COPE: 1. Find "User Restrictions on Parent" and select "Set User Restrictions". 2. Scroll down to "Disallow Wi-Fi Direct" and verify that it is set to "ON". On the Google Android device: 1. Open Settings >> Connections >> Wi-Fi. 2. From the hamburger menu, select Wi-Fi Direct. 3. Verify that Wi-Fi Direct cannot be selected. If on the management tool "Wi-Fi Direct" is not set to "Disallow", or on the Google Android device a Wi-Fi Direct device is listed that can be connected to, this is a finding.
Configure the Google Android devices to disallow Wi-Fi Direct. On the management tool, do the following: COBO: 1. Find "User Restrictions" and select "Set User Restrictions". 2. Scroll down to "Disallow Wi-Fi Direct" and toggle that to "ON". COPE: 1. Find "User Restrictions on Parent". 2. Scroll down to "Disallow Wi-Fi Direct" and toggle that to "ON". Configuration API: DISALLOW_WIFI_DIRECT