The Session Border Controller (SBC) must be configured to terminate and decrypt inbound and outbound SIP and AS-SIP sessions to ensure proper management for the transition of the SRTP/SRTCP streams.

An XCCDF Rule

Description

<VulnDiscussion>The function of the SBC is to manage SIP and AS-SIP signaling messages. To perform its proper function in the enclave boundary, the SBC must decrypt and decode or understand the contents of SIP and AS-SIP messages. Additionally, the SBC can perform message validity checks and determine of an attack is being attempted. The SBC acts as an application-level proxy and firewall for the SIP and AS-SIP signaling messages.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-259928r948774_rule
Severity: Medium
References: CCI-001548
Updated: 19 days ago

Ensure the DISN NIPRNet IPVS SBC is configured to terminate inbound and outbound SIP and AS-SIP sessions (messages). The SBC must be configured to decrypt the packets to determine the information needed to properly manage the transition of SRTP/SRTCP streams across the boundary. Also ensure the SBC establishes a new SIP or AS-SIP session for the "next hop" to the internal LSC or the far end SBC that fronts the destination LSC or MFSS.

NOTE: The VVoIP system may allow SIP and SRTP traffic encrypted and encapsulated on port 443 from cloud service providers.

The Session Border Controller (SBC) must be configured to terminate and decrypt inbound and outbound SIP and AS-SIP sessions to ensure proper management for the transition of the SRTP/SRTCP streams.

Description

Remediation - Manual Procedure