From Video Services Policy STIG
Part of RTS-VTC 3160.00 [IP]
Associated with IA controls: ECSC-1, DCBP-1
In any network device management system, it is best practice to limit the IP address or addresses from which a network attached device can be accessed and to which device status information can be sent.
[IP]; Interview the IAO and validate compliance with the following requirement: If the VTU is connected to an IP based LAN, ensure remote management access (administrator and management system/server/application) and SNMP access and reporting is restricted by IP address and/or subnet. Determine what IP addresses or subnets are authorized to send VTC system/device “Remote Control/Management/Configuration” messages and what IP addresses or subnets are authorized to receive monitoring or status messages from the VTC system/device. Have the SA demonstrate how the VTC system/device is configured to restrict “Remote Control/Management/Configuration” messages to and from these authorized IP addresses or subnets. This is a finding if there is no limitation on either sending or receiving these messages. Note: During APL testing, this is a finding in the event the VTC system/devoice does not support the limiting of all management traffic to authorized IP addresses or subnets.
[IP]; Perform the following tasks: Configure the VTC system/device to restrict The source and/or destination of VTC system/device “Remote Control/Management/Configuration” and monitoring/status traffic to/from authorized IP addresses or subnets.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer