Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-NET-000053
Group -
SRG-NET-000062
Group -
SRG-NET-000074
Group -
The Enterprise Voice, Video, and Messaging Session Manager must produce session (call) records containing the type of session connection.
Without the capability to generate session records, it is difficult to establish, correlate, and investigate the events relating to an incident, or identify those responsible. Session records are g...Rule Medium Severity -
SRG-NET-000075
Group -
SRG-NET-000076
Group -
The Enterprise Voice, Video, and Messaging Session Manager must produce session (call) records containing where (location) the connection originated.
Without the capability to generate session records, it is difficult to establish, correlate, and investigate the events relating to an incident, or identify those responsible. Session records are g...Rule Medium Severity -
SRG-NET-000077
Group -
SRG-NET-000078
Group -
The Enterprise Voice, Video, and Messaging Session Manager must be configured to use an organizational-level user account management system.
To effectively manage user accounts, organizational level systems such as Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) are used to create and manage user credentials that c...Rule High Severity -
SRG-NET-000147
Group -
SRG-NET-000079
Group -
The Enterprise Voice, Video, and Messaging Session Manager must produce session (call) records containing the identity of the users and identifiers associated with the session.
Without the capability to generate session records, it is difficult to establish, correlate, and investigate the events relating to an incident, or identify those responsible. Session records are g...Rule Medium Severity -
SRG-NET-000088
Group -
SRG-NET-000098
Group -
The Enterprise Voice, Video, and Messaging Session Manager must protect session (call) records from unauthorized read access.
Auditing and logging are key components of any security architecture. Logging the actions of specific events provides a means to investigate an attack, recognize resource utilization or capacity th...Rule Medium Severity -
SRG-NET-000099
Group -
The Enterprise Voice, Video, and Messaging Session Manager must protect session (call) records from unauthorized modification.
If session records were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity is impossible to achieve. To ensure the veracity of s...Rule Medium Severity -
SRG-NET-000100
Group -
SRG-NET-000334
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.