NIST 800-53 REV 5 • ACCESS CONTROL
AC-18(5) — Antennas and Transmission Power Levels
Select radio antennas and calibrate transmission power levels to reduce the probability that signals from wireless access points can be received outside of organization-controlled boundaries.
CMMC Practice Mapping
No direct CMMC mapping
NIST 800-171 Mapping
No direct NIST 800-171 mapping
Related Controls
Supplemental Guidance
Actions that may be taken to limit unauthorized use of wireless communications outside of organization-controlled boundaries include reducing the power of wireless transmissions so that the transmissions are less likely to emit a signal that can be captured outside of the physical perimeters of the organization, employing measures such as emissions security to control wireless emanations, and using directional or beamforming antennas that reduce the likelihood that unintended receivers will be able to intercept signals. Prior to taking such mitigating actions, organizations can conduct periodic wireless surveys to understand the radio frequency profile of organizational systems as well as other systems that may be operating in the area.
Practitioner Notes
Control the power levels and antenna configurations of your wireless access points to limit signal bleed outside your physical space. The WiFi signal should not be accessible from the parking lot if it does not need to be.
Example 1: On your wireless controller, reduce transmit power on access points near exterior walls to the minimum level that still provides adequate coverage inside. In Cisco WLC, set Tx Power Level to a lower value for edge APs. Use directional antennas that point inward rather than omnidirectional antennas.
Example 2: Conduct an RF site survey using Ekahau to measure signal bleed outside your facility. If corporate WiFi is detectable from the parking lot or adjacent buildings, adjust AP power levels and antenna orientation until the signal drops below -80 dBm at the property boundary.