From Voice Video Policy Security Technical Implementation Guide
Part of SRG-POL-300611
Associated with: CCI-003072
The information security architecture at the individual information system level must be consistent with and complement the more global, organization-wide information security architecture that is integral to and developed as part of the enterprise architecture. The information security architecture includes an architectural description, the placement/allocation of security functionality (including security controls), security-related information for external interfaces, information being exchanged across the interfaces, and the protection mechanisms associated with each interface.
Review each Voice Video system security plan (SSP). Confirm the organization documents the 802.1x implementation, placing Voice Video traffic in the correct VLAN when authorizing LAN access for Voice Video endpoints. Verify the 802.1x authentication server places traffic from the Voice Video endpoint as follows: - The PC port must be disabled or 802.1x multi-domain authentication must be enabled. - VoIP traffic must be placed in the voice VLAN. - Video conferencing (VC) traffic must be placed in the video VLAN. - Soft clients are not authenticated by the 802.1x implementation; the Voice Video traffic is placed on the correct VLAN at the first access switch. If the 802.1x implementation does not place Voice Video traffic in the correct VLAN when authorizing LAN access for Voice Video endpoints, this is a finding.
Document in each Voice Video SSP the organizations 802.1x implementation that places Voice Video traffic in the correct VLAN when authorizing LAN access for Voice Video endpoints. Ensure the 802.1x authentication server places traffic from the Voice Video endpoint as follows: - The PC Port must be disabled or 802.1x multi-domain authentication must be enabled. - VoIP traffic must be placed in the voice VLAN. - Video conferencing (VC) traffic must be placed in the video VLAN. - Soft clients are not authenticated by the 802.1x implementation; the Voice Video traffic is placed on the correct VLAN at the first access switch.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer