From Voice Video Endpoint Security Requirements Guide
Part of SRG-NET-000520-VVEP-00010
Associated with: CCI-000366 CCI-002272
When Voice Video Endpoints do not dynamically assign 802.1Q VLAN tags as data is created and combined, it is possible the VLAN tags will not correctly reflect the data type with which they are associated. VLAN tags are used as security attributes. These attributes are typically associated with signaling and media streams within the application and are used to enable the implementation of access control and flow control policies. Security labels for packets may include traffic flow information (e.g., source, destination, protocol combination), traffic classification based on QoS markings for preferred treatment, and VLAN identification.
If the Voice Video Endpoint is not a hardware endpoint, this check procedure is Not Applicable. Verify the hardware Voice Video Endpoint applies 802.1Q VLAN tags to signaling and media traffic. If the hardware Voice Video Endpoint does not apply 802.1Q VLAN tags to signaling and media traffic, this is a finding.
Configure the hardware Voice Video Endpoint to apply 802.1Q VLAN tags to signaling and media traffic.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer