The Voice Video Session Manager must use a voice or video VLAN, separate from all other VLANs.

From Voice Video Session Management Security Requirements Guide

SV-76641r3_rule The Voice Video Session Manager must use a voice or video VLAN, separate from all other VLANs.

Vulnerability discussion

When network elements do not dynamically reconfigure the data security attributes as data is created and combined, the possibility exist that security attributes will not correctly reflect the data with which they are associated. For the Voice Video Session Manager, the use of 802.1q tags on media and signaling, and the use of VLANs provides this layer of security. VLANs facilitate access and traffic control for voice video system components and enhanced QoS.Virtualized networking is used to separate voice video traffic from other types of traffic, such as data, management, and other special types. VLANs provide segmentation at layer 2. Virtual Routing and Forwarding (VRF) provides segmentation at layer 3, and works with Multiprotocol Label Switching (MPLS) for enterprise and WAN environments. When VRF is used without MPLS, it is referred to as VRF lite. For Voice Video systems, subnets, VLANs, and VRFs are used to separate media and signaling streams from all other traffic.

Check content

Verify the Voice Video Session Manager uses a voice or video VLAN separate from all other VLANs. If the Voice Video Session Manager uses a voice or video VLAN that is not separate from all other VLANs, this is a finding.

Fix text

Configure the Voice Video Session Manager to use a voice or video VLAN, separate from all other VLANs.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.