Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Enterprise Voice, Video, and Messaging Endpoint must be configured to disable or remove nonessential capabilities.
It is detrimental for Enterprise Voice, Video, and Messaging Endpoints when unnecessary features are enabled by default. Often these features are enabled by default with functionality exceeding req...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must use multifactor authentication for network access to nonprivileged (nonadmin) accounts.
To ensure accountability and prevent unauthenticated access, nonprivileged users must use multifactor authentication to prevent potential misuse and compromise of the system. Multifactor authenti...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to implement replay-resistant authentication mechanisms for network access.
A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be ...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must offload audit records onto a different system or media than the system being audited.
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity. Au...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must generate audit records when successful/unsuccessful logon attempts occur.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must generate audit records showing starting and ending time for user access to the system.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Endpoint must be configured in accordance with the security configuration settings based on DOD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.
Configuring the network element to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security bas...Rule Medium Severity -
SRG-NET-000015
Group -
SRG-NET-000015
Group -
The Enterprise Voice, Video, and Messaging Endpoint must be configured to register with an Enterprise Voice, Video, and Messaging Session Manager.
For most VoIP systems, registration is the process of centrally recording the user ID, endpoint MAC address, service/policy profile with two-stage authentication prior to authorizing the establishm...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.