Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Enterprise Voice, Video, and Messaging Session Manager must produce session (call) records containing the outcome (status) of the connection.
Without the capability to generate session records, it is difficult to establish, correlate, and investigate the events relating to an incident, or identify those responsible. Session records are g...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager must alert the information system security officer (ISSO) and system administrator (SA) (at a minimum) in the event of a session (call) record system failure.
It is critical for the appropriate personnel to be aware if a system is at risk of failing to process session records. Without this notification, the security personnel may be unaware of an impendi...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager must protect session (call) records from unauthorized deletion.
If session records were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity is impossible to achieve. To ensure the veracity of s...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager must only use ports, protocols, and services allowed per the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and Vulnerability Assessments (VAs).
In order to prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable...Rule High Severity -
The Enterprise Voice, Video, and Messaging Session Manager must be configured to implement attack-resistant mechanisms for Voice Video Endpoint registration.
Attacks against an Enterprise Voice, Video, and Messaging Session Manager may include denial of service (DoS), replay attacks, or cross-site scripting. A replay attack may enable an unauthorized us...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager supporting Command and Control (C2) communications must validate the integrity of transmitted multilevel precedence and preemption (MLPP) attributes.
If MLPP attributes are not associated with the information being transmitted between components, then access control policies and information flows which depend on these MLPP attributes will not fu...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager must be configured to generate session (call) records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information.
Any Enterprise Voice, Video, and Messaging Session Manager providing too much information in session records risks compromising the data and security of the application and system. The structure an...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager must be configured to restrict Enterprise Voice, Video, and Messaging Session Manager access outside of operational hours.
Activity under unusual conditions can indicate hostile activity. For example, what is normal activity during operational hours can indicate hostile activity if it occurs during off hours. Depending...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager must be configured to enforce changes to privileges of Voice Video Endpoint user access.
Without the enforcement of immediate change to privilege levels, users and devices may not provide the correct level of service. Privileges include access to outside connections, precedence, and pr...Rule Medium Severity -
The Enterprise Voice, Video, and Messaging Session Manager must be configured to offload session (call) records to a central log server.
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. T...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.