STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Cisco ISE NDM Security Technical Implementation Guide

V-242641

CAT I (High)

The Cisco ISE must be configured to disable Wireless Setup for production systems.

Rule ID

SV-242641r1043177_rule

STIG

Cisco ISE NDM Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-000382

Discussion

ISE Wireless Setup is beta software so is not authorized for use in DoD. Wireless Setup is disabled by default after fresh installation of Cisco ISE. If you upgrade ISE from a previous version, the Wireless Setup menu does not appear. Wireless Setup requires ports 9103 and 9104 to be open. To close those ports, use the CLI to disable Wireless Setup. You can enable Wireless Setup in the ISE CLI with the command application configure ise, picking the option to enable Wireless Setup.

Check Content

If wireless setup is not availabe in this version of the product, this is not applicable.

Verify Wi-Fi setup has been disabled on a device after initial setup and the device has been placed on the production network.

Show application status Wi-Fi setup.

If wireless setup is not disabled, this is a finding.

Fix Text

Use the application configure command in EXEC mode to disable wireless setup.

application configure disable Wi-Fi setup