The organizations System Security Plan (SSP) for the Voice Video system must document the DoDIN APL-listed session manager or multifunction soft switch (MFSS) implemented for DISN Voice Service.

From Voice Video Policy Security Technical Implementation Guide

Part of SRG-POL-300611

Associated with: CCI-003072

VVSP-01-000158_rule The organizations System Security Plan (SSP) for the Voice Video system must document the DoDIN APL-listed session manager or multifunction soft switch (MFSS) implemented for DISN Voice Service.

Vulnerability discussion

The information security architecture at the individual information system level must be consistent with and complement the more global, organization-wide information security architecture that is integral to and developed as part of the enterprise architecture. The information security architecture includes an architectural description, the placement/allocation of security functionality (including security controls), security-related information for external interfaces, information being exchanged across the interfaces, and the protection mechanisms associated with each interface.In addition, the security architecture can include other important security-related information, for example, user roles and access privileges assigned to each role; unique security requirements, the types of information processed, stored, and transmitted by the information system; restoration priorities of information and information system services; and any other specific protection needs.The worldwide availability and effectiveness of the DISN Voice Service is dependent on the components of the Voice Video system located in each connected enclave. The Voice Video system within an enclave must use the DISN Voice Service to communicate with other enclaves across the NIPRNet. The Voice Video system must be designed and implemented so it does not degrade the security or protection of the enclave. At large sites, the primary session manager (or the session manager portion of an MFSS) should have a backup that is geographically separate.

Check content

Review each organizational Voice Video SSP. Confirm a DoDIN APL-listed session manager or MFSS is implemented for DISN Voice Service. For sites with an MFSS, this performs the session management functions and provides signaling management for a regional set of session managers. An MFSS is a backbone device and is only required at DISN IPVS PMO-designated locations. If the organizations SSP for the Voice Video system does not document the DoDIN APL-listed session manager or MFSS implemented for DISN Voice Service, this is a finding.

Fix text

Document in the Voice Video SSP the DoDIN APL-listed session manager or MFSS implemented for DISN Voice Service.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer