Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-NET-000015
Group -
The Enterprise Voice, Video, and Messaging Endpoint must not be configured with any vendor default accounts, PINs, or passwords to access configuration settings.
Many Enterprise Voice, Video, and Messaging Endpoints can set or display configuration settings in the instrument itself. This presents a risk if a user obtains information such as the IP addresses...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to prevent the configuration or display of configuration settings without the use of a PIN or password.
Many Enterprise Voice, Video, and Messaging Endpoints can set or display configuration settings in the instrument itself. This presents a risk if a user obtains information such as the IP addresses...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint PC port must be configured to connect to an 802.1x supplicant or the PC port must be disabled.
IEEE 802.1x is a protocol used to control access to LAN services via a network access switchport or wireless access point that requires a device or user to authenticate to the network element and b...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to apply 802.1Q VLAN tags to signaling and media traffic.
When Enterprise Voice, Video, and Messaging Endpoints do not dynamically assign 802.1Q VLAN tags as data is created and combined, it is possible the VLAN tags will not correctly reflect the data ty...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must notify the user, upon successful logon (access) to the network element, of the date and time of the last logon (access).
Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the date and time of their last successful login allows the user to determine if a...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to limit the number of concurrent sessions to an organizationally defined number.
Enterprise Voice, Video, and Messaging Endpoint management includes the ability to control the number of user sessions and limiting the number of allowed user sessions helps limit risk related to D...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to produce session (call detail) records containing what type of connection occurred.
Session records are commonly produced by session management and border elements. Many Enterprise Voice, Video, and Messaging Endpoints are not capable of providing session records and instead rely ...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to produce session (call detail) records containing where the connection occurred.
Session records are commonly produced by session management and border elements. Many Enterprise Voice, Video, and Messaging Endpoints are not capable of providing session records and instead rely ...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to produce session (call detail) records containing the source of the connection.
Session records are commonly produced by session management and border elements. Many Enterprise Voice, Video, and Messaging Endpoints are not capable of providing session records and instead rely ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.