From Voice Video Policy Security Technical Implementation Guide
Part of SRG-POL-300042
Associated with: CCI-002163
During Voice Video endpoint registration with the session controller, a file containing specific configuration settings is downloaded by the endpoint from the session manager. This file contains the phone number assigned to the endpoint, the IP addresses for session management, the software menus specific to the system, the endpoint configuration password, the stored personal preferences and speed dial numbers, and other system operational information. These configuration settings can be updated by resetting and re-registering the endpoint, which causes an updated configuration file to be downloaded.
Review the Voice Video registration policies enforced by session managers for approved Voice Video endpoints. Confirm the Voice Video endpoint configuration files traversing the DISN are encrypted within a VPN. Verify the VPN is secured using FIPS-validated encryption between enclaves. If the Voice Video endpoint configuration files traversing the DISN are not encrypted within a VPN, this is a finding. If the VPN is not secured using FIPS-validated encryption between enclaves, this is a finding. If vendor-generated certificates are used instead of DoD PKI certificates, reduce the severity to CAT III.
Configure the Voice Video endpoint configuration files traversing the DISN to be in an encrypted VPN between enclaves. Configure the VPN to use FIPS-validated encryption between enclaves. Document Voice Video registration architecture to enforce for approved Voice Video endpoints.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer