Skip to content
Catalogs
XCCDF
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
SRG-NET-000213
The Enterprise Voice, Video, and Messaging Endpoint must be configured to terminate all network connections associated with a communications session at the end of the session.
The Enterprise Voice, Video, and Messaging Endpoint must be configured to terminate all network connections associated with a communications session at the end of the session. An XCCDF Rule
The Enterprise Voice, Video, and Messaging Endpoint must be configured to terminate all network connections associated with a communications session at the end of the session.
High Severity
<VulnDiscussion>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free up resources committed by the managed network element.
Terminating network connections associated with communications sessions includes, for example, de-allocating associated TCP/IP address/port pairs at the operating system level, and de-allocating networking assignments at the application level if multiple application sessions are using a single, operating system level network connection.
This requirement applies to any network element that tracks individual sessions (e.g., stateful inspection firewall, ALG, or VPN).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>