The LAN hardware supporting VVoIP services must provide redundancy to support command and control (C2) assured services and Fire and Emergency Services (FES) communications.

An XCCDF Rule

Description

<VulnDiscussion>Voice services in support of high-priority military command and control precedence must meet minimum requirements for reliability and survivability of the supporting infrastructure. Design requirements for networks supporting DOD VVoIP implementations are in the Unified Capabilities Requirements (UCR), specifying assured services supporting DOD IP-based voice services. The UCR defines LAN design requirements for redundancy of equipment and interconnections, minimum requirements for bandwidth, specifications for backup power, and the maximum number of endpoints tolerable by a single point of failure. Policy sets the minimum requirements for the availability and reliability of VVoIP systems: Special-C2 users is 99.999 percent, C2 users is 99.997 percent, and C2Routine only users (C2R) and non-C2 users are 99.9 percent. Similar availability and reliability through redundancy is needed to support routine user FES life-safety and security-related communications.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-259911r948757_rule
Severity: Medium
References: CCI-001606
Updated: 19 days ago

Implement and document that the LAN hardware supporting VVoIP services provides redundancy to support C2 assured services and FES communications. 

Mandatory redundancy includes the following: 
- Dual Power Supplies - Each platform must have a minimum of two power supplies, and the loss of a single power supply will not cause any loss of functions within the chassis.
- Dual Processors (Control Supervisors) - Each chassis must support dual control processors, and failure of any one processor will not cause any loss of functions within the chassis.
- Termination Sparing - Each chassis must support a (N + 1) sparing capability minimally for available Ethernet modules used to terminate to an IP subscriber.- Protocol Redundancy - Each routing device must support protocols allowing for dynamic rerouting.
- Backplane Redundancy - Each switching platform must support a redundant (1 + 1) switching fabric or backplane, and the second fabric's backplane must be in active standby so that failure of the first does not cause loss of ongoing events within the switch. Alternately, a secondary product may be added to provide redundancy to the primary product when redundant protocols are implemented so the failover to the secondary product does not result in any lost calls.

Redundancy may not be required for VVoIP systems supporting less than 96 users, but best practice is to provide redundancy or maintain spares so service can be restored in a timely manner in the event of a failure.

The LAN hardware supporting VVoIP services must provide redundancy to support command and control (C2) assured services and Fire and Emergency Services (FES) communications.

Description

Remediation - Manual Procedure