Enterprise Voice, Video, and Messaging Policy Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-VOIP-000330
Group -
The site's enclave boundary protection must route commercial VoIP traffic via a local Media Gateway (MG) connected to a commercial service provider using PRI, CAS, or POTS analog trunks.
There are several reasons VVoIP system access to local voice services must use a locally implemented MG connected to commercial voice services, including: - The implementation or receipt of commer...Rule Medium Severity -
SRG-VOIP-000340
Group -
SRG-VOIP-000350
Group -
The enclave must be dual homed to two geographically diverse DISN SDNs and DISN WAN Service (NIPRNet or SIPRNet) Aggregation Routers (AR) or DISN Provider Edge (PE) routers.
Redundancy and dual homing is used within the DISN core to provide for continuity of operations (COOP) if a piece of equipment, circuit path, or an entire service delivery node is lost. DOD polic...Rule Medium Severity -
SRG-VOIP-000360
Group -
The dual homed DISN core access circuits must be implemented so that each one can support the full bandwidth engineered for the enclave plus additional bandwidth to support surge conditions in time of crisis.
Providing dual-homed access circuits from a command and control (C2) enclave to the DISN core is useless unless both circuits provide the same capacity to include enough overhead to support surge c...Rule Medium Severity -
SRG-VOIP-000370
Group -
SRG-VOIP-000380
Group -
SRG-VOIP-000390
Group -
Enclaves with commercial VoIP connections must be approved by the DODIN Waiver Panel and signed by DOD CIO for a permanent alternate connection to the Internet Telephony Service Provider (ITSP).
The DOD requires the use of DISN services as the first choice to meet core communications needs. When additional services for SIP trunks are necessary, an ITSP may provide an "alternate connection"...Rule Medium Severity -
SRG-VOIP-000400
Group -
The Fire and Emergency Services (FES) communications over a site's telephone system must be configured to support the Department of Defense Instruction (DODI) 6055.06 telecommunication capabilities.
Emergency communications must include requests for fire, police, and medical assistance. In DOD, these communications can also include requests for Aircraft Rescue and Fire Fighting (ARFF), explosi...Rule Medium Severity -
SRG-VOIP-000410
Group -
SRG-VOIP-000420
Group -
The Fire and Emergency Services (F&ES) communications over a site's private telephone system must provide a direct callback telephone number and physical location of an F&ES caller to the emergency services answering point or call center through a transfer of Automatic Number Identification (ANI) and extended Automatic Location Identification (ALI) information or access to an extended ALI database.
Under Federal Communication Commission (FCC) rules and the laws of some states, the implementation of Enhanced F&ES telecommunications services requires that the emergency services answering point ...Rule Medium Severity -
SRG-VOIP-000430
Group -
The Fire and Emergency Services (F&ES) communications over a site's private telephone system must route emergency calls as a priority call in a nonblocking manner.
When calling the designated F&ES telephone number, the call must go through regardless of the state of other calls in the system. Emergency calls must be treated as a priority call by the system. ...Rule Medium Severity -
SRG-VOIP-000490
Group -
SRG-VOIP-000450
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.