From Video Services Policy STIG
Part of RTS-VTC 4420
Associated with IA controls: ECWN-1, ECSC-1
Conference room VTC systems, and particularly large ones, can require multiple microphones, cameras, and displays along with AV control systems. These systems typically require a significant amount of wiring. This can be a problem when retrofitting a well-appointed conference room without damaging the room’s walls, ceilings, furniture, and finishes. As a result, conference room VTC systems as well as other VTC endpoint systems can utilize various wireless communication technologies to interconnect its microphones, cameras, speakers, desktop audio conferencing units, and displays to the VTC CODEC and control panels to the AV control system and CODEC. The wireless communications technologies used are 802.11, Bluetooth, standard radio (cordless telephone and wireless microphone frequencies/technology) as well as infrared.
Interview the ISSO and validate compliance with the following requirement: If the audio, video, white boarding, data sharing capabilities or components of a VTC system are implemented using wireless RF technologies, ensure the following: - All information-bearing RF transmissions are encrypted to prevent eavesdropping. - All control-bearing RF transmissions are encrypted and/or authenticated to prevent control hijacking. - Wireless technologies covered by the wireless STIG and other DoD wireless policies are implemented and configured in compliance with that STIG and other policies. - Such implementations are approved by the responsible local AO in writing, and the ISSO will maintain approval documentation for inspection by IA auditors. Note: A much more expensive mitigation to this issue would be to enclose the room in RF shielding so that the information or control bearing VTC radio signals cannot escape the facility and external control signals cannot enter the facility. This might not be practical. Note: Wireless AV control systems or “touch panels were discussed and requirements provided earlier in this document. The earlier mentioned requirements are to be used in conjunction with this one. Note: During APL testing, this is a finding in the event this requirement is not supported by the VTU. Inspect the configuration of the VTC system and all wireless RF components and their associated documentation to ensure that the wireless traffic is protected. Also inspect approval documentation to ensure the responsible local AO has approved, in writing, the implementation of VTU based wireless RF components. If a VTU or conference room implemented using wireless components is not protected from external control or compromise, this is a finding.
Perform the following tasks: Purchase and install wireless RF VTC system components that can support the following: - The encryption of all information-bearing RF transmissions to prevent eavesdropping. - The encrypted and/or authenticated of all control-bearing RF transmissions to prevent control hijacking. - The configuration of wireless technologies covered by the wireless STIG and other DoD wireless policies is supported. AND Configure all wireless RF VTC system components to encrypt information-bearing RF transmissions to prevent eavesdropping and to encrypt and/or authenticate all control-bearing RF transmissions to prevent control hijacking. AND Obtain written approval from the responsible AO for the use of wireless RF components to assemble the VTC system. AND/OR Enclose the facility housing the VTC system in RF shielding so that the information or control bearing VTC radio signals cannot escape the facility and external control signals cannot enter the facility. OR Implement a hardwired VTC system.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer