NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0667:  Move Set Wireless Freq Band to Optional/Objective

Publication Date

Protection Profiles

Other References

Issue Description

MOD_WLAN_CLI_V1.0 introduced and mandated a new security management requirement in FMT_SMF.1/WLAN WL-1 for setting wireless frequency bands. The new requirement is:
      set wireless frequency band to [selection: 2.4 GHz, 5 GHz, 6 GHz]

This is problematic because quite a few common TOEs do not support this functionality; this management function requires the administrator (or MDM) to set the network policy to a single bandwidth. 


FMT_SMF.1/WLAN is modified in Section 5.3.5 of the MOD_WLAN_CLI_V1.0 PP-Module to make it Optional/Objective, with strikethroughs denoting deletion and underlines denoting addition:

FMT_SMF.1/WLAN Specification of Management Functions (WLAN Client)


The TSF shall be capable of performing the following management functions:

Table 3: Management Functions

Status Markers:
M - Mandatory
O - Optional/Objective

#                           Management Function                                      Impl     Admin    User

WL-1     configure security policy for each wireless                            M           M           O
-  [selection: specify the CA(s) from which
the TSF will accept WLAN authentication
server certificate(s), specify the Fully
Qualified Domain Names (FQDNs) of
acceptable WLAN authentication server
-  security type,
-  authentication protocol,
-  client credentials to be used for
- set wireless frequency band to [selection:
2.4 GHz, 5 GHz, 6 GHz]
WL-11    configure security policy for each wireless                            O           O           O
              network: set wireless frequency band to
   [selection2.4 GHz, 5 GHz, 6 GHz]

See issue description.

Site Map              Contact Us              Home