From Voice/Video over Internet Protocol (VVoIP) STIG
Part of Deficient imp'n: UM degrades voice/data separation
Voice mail services in a VoIP environment are available in several different configurations. A legacy voice mail platform can connect to a VoIP environment to provide voice mail services for VoIP users. In the same respect, a VoIP voice mail platform can provide voice mail services to the legacy voice users and the VoIP users. Some voice mail systems are also capable of providing unified mail by interacting with email messaging systems. Voicemails when recorded are converted to a .wav or similar digital audio file and sent to the email server as an attachment to an email. The subject line will typically contain the caller ID information if available. The email user can then open the attachment and listen to the voicemail on their PC or whatever device that provides properly authenticated access to the user’s email.
Perform a network penetration test from the data VLAN(s) to the Voice VLAN(s). Direct the scan at the unified mail connection on the data VLAN(s). Perform a similar scan in the opposite direction. This is a finding in the event the hosts on the VLAN(s) opposite the one the scanner is connected to are accessible.
Ensure the implementation of a unified mail system does not degrade the separation and traffic filtering between the voice and data security zones or VLANs. Configure unified mail services with access to both the data and voice VLANs to NOT bridge the two environments together.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer