The organizations capacity planning must implement critical network equipment in redundant and geographically diverse locations.

From Voice Video Policy Security Technical Implementation Guide

Part of SRG-POL-300368

Associated with: CCI-000471

VVSP-01-000066_rule The organizations capacity planning must implement critical network equipment in redundant and geographically diverse locations.

Vulnerability discussion

Contingency planning for information systems is part of an overall organizational program for achieving continuity of operations for mission/business functions. Contingency planning addresses both information system restoration and implementation of alternative mission/business processes when systems are compromised. Performing contingency planning on hardware, software, and firmware development can be an effective means of achieving information system resiliency. Contingency plans reflect the degree of restoration required for organizational information systems since not all systems may need to fully recover to achieve the level of continuity of operations desired. Capacity planning is needed because different types of threats (e.g., natural disasters, targeted cyber attacks) can result in a reduction of the available processing, telecommunications, and support services originally intended to support the organizational missions/business functions. Organizations may need to anticipate degraded operations during contingency operations and factor such degradation into capacity planning. For Voice Video systems, contingency planning must also consider fire and emergency services (FES) requirements for life safety and Command and Control (C2) requirements mandating communications among top-level officials, especially during crisis conditions.

Check content

If the Voice Video system provides Assured Service (AS) and DISN Voice Precedence and connects to the DISN WAN for transport, this is applicable. Review the contingency plan for the Voice Video system. Confirm the critical network equipment is redundant and in geographically diverse locations. Redundant sets of Customer Edge (CE) routers, session border controllers (SBCs), and session managers must be housed in geographically diverse facilities within the site, so that if one of locations is lost or isolated from the network, communications service is maintained. Sites facilities with a Soft Switch should have a session controller implemented in a geographically diverse location. If critical network equipment does not have redundant equipment, this is a finding. If redundant critical network equipment is not in a geographically diverse location, this is a finding. If it is determined, following a cost versus benefit study and risk analysis, that redundant facilities containing dual sets of CE routers, SBCs, and session controllers are not warranted for the given site, this requirement should be marked as a finding with a justification included in the Plan of Action and Milestones (POA&M) stating the Authorizing Official is cognizant of and accepts the risk.

Fix text

Develop and document a contingency plan for the Voice Video system that implements critical network equipment as redundant and in geographically diverse locations for a site supporting AS and DISN Voice Precedence users. Critical network equipment includes CE routers, SBCs, and session managers (or Soft Switches in combination with session controllers).

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer