From Voice Video Services Policy STIG
Part of VVoIP 6165
Because vendors did not have interoperability, lacked end-to-end encryption, and did not provide assured service in support of Command and Control (C2) communications, VVoIP traffic originally was restricted to the local enclave. The DSN PMO, DISA Engineering, and Real Time Services (RTS) working group have been working to define network and system requirements to overcome the inherent obstacles in pursuit of a DISN wide interoperable assured service VVoIP or Voice Services network.
Review site documentation to confirm VVoIP session signaling is encrypted to provide end-to-end interoperable confidentiality and integrity. The devices within the VVoIP system that must be protected are endpoints, media gateways, session mangers (gatekeepers, session controllers, soft switches, etc.), border elements (session border controllers, routers, firewalls, etc.), and other network devices involved in the session signaling. Session signaling encryption meeting UCR requirements must be implemented end-to-end. If VVoIP session signaling is not encrypted to provide end-to-end interoperable confidentiality and integrity, this is a finding.
Implement VVoIP session signaling to be encrypted to provide end-to-end interoperable confidentiality and integrity. Fully document the implementation. Configure the VVoIP system components per the DoD APL IA deployment guide specific to the product being deployed.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer