Enterprise Voice, Video, and Messaging Policy Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Session Border Controller (SBC) must be configured to only process packets authenticated from an authorized source within the DISN IPVS network.
<VulnDiscussion>The function of the SBC is to manage SIP and AS-SIP signaling messages. The SBC also authenticates SIP and AS-SIP signaling m...Rule Medium Severity -
SRG-VOIP-000500
<GroupDescription></GroupDescription>Group -
The Session Border Controller (SBC) must be configured to only process signaling packets whose integrity is validated.
<VulnDiscussion>The validation of signaling packet integrity is required to ensure the packet has not been altered in transit. Packets can be...Rule Medium Severity -
SRG-VOIP-000510
<GroupDescription></GroupDescription>Group -
The Session Border Controller (SBC) must be configured to validate the structure and validity of SIP and AS-SIP messages so that malformed messages or messages containing errors are dropped before action is taken on the contents.
<VulnDiscussion>Malformed SIP and AS_SIP messages, as well as messages containing errors, could be an indication that an adversary is attempt...Rule Low Severity -
SRG-VOIP-000520
<GroupDescription></GroupDescription>Group -
The Session Border Controller (SBC) must drop all SIP and AS-SIP packets except those secured with TLS.
<VulnDiscussion>DISN NIPRNet IPVS PMO and the Unified Capabilities Requirements (UCR) require all session signaling across the DISN WAN and b...Rule Medium Severity -
SRG-VOIP-000530
<GroupDescription></GroupDescription>Group -
The Session Border Controller (SBC) must be configured to manage IP port pinholes for the SRTP/SRTCP bearer streams based on the information in the SIP and AS-SIP messages.
<VulnDiscussion>The function of the SBC is to manage SIP and AS-SIP signaling messages. The SBC also manages the SRTP/SRTCP bearer streams. T...Rule Medium Severity -
SRG-VOIP-000540
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.