Skip to content
Log In

Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-NET-000512

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must be configured with a firmware release supported by the vendor.

    Operating a device with outdated firmware may leave the device with unmitigated security vulnerabilities. Vendors routinely update and patch firmware to address vulnerabilities. Operating with curr...
    Rule High Severity
    Show

  • SRG-NET-000512

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to dynamically implement configuration file changes.

    Configuration management includes the management of security features and assurances through control of changes made to device hardware, software, and firmware throughout the life cycle of a produc...
    Rule Medium Severity
    Show

  • SRG-NET-000512

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to disable any auto answer features.

    An Enterprise Voice, Video, and Messaging Endpoint set to automatically answer a call with audio or video capabilities enabled risks transmitting information not intended for the caller. In the eve...
    Rule Medium Severity
    Show

  • SRG-NET-000518

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must provide a logout capability for user-initiated communications sessions.

    If a user cannot explicitly end a session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. However, for some types of interactive sessions inc...
    Rule Medium Severity
    Show

  • SRG-NET-000519

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must display an explicit logout message to users indicating the reliable termination of communications sessions.

    If a user cannot explicitly end a session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. Users need to be aware of whether or not the session...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules