From Voice Video Session Management Security Requirements Guide
Part of SRG-NET-000148
Associated with: CCI-000778
Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Typically, devices can be identified by MAC or IP address but certificates provide a greater level of security. Identification of devices works with registration of devices as part of a defense in depth approach to Voice Video networks. Registration is the process of authorizing endpoints to communicate with the session manager. Registration occurs with the SIP server in VoIP systems and with a gatekeeper in H.323 systems. Without enforcing registration, an adversary could impersonate a legitimate device on the Voice Video network.
Verify the Voice Video Session Manager uniquely identifies all Voice Video endpoint devices before registration. If the Voice Video Session Manager does not uniquely identify all Voice Video endpoint devices before registration, this is a finding.
Configure the Voice Video Session Manager to uniquely identify all Voice Video endpoint devices before registering those devices.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer