Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
SRG-NET-000138
SRG-NET-000138
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-NET-000138
1 Rule
<GroupDescription></GroupDescription>
The Enterprise Voice, Video, and Messaging Session Manager must be configured to use an organizational-level user account management system.
High Severity
<VulnDiscussion>To effectively manage user accounts, organizational level systems such as Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) are used to create and manage user credentials that can be used across the organization. This reduces the need for separate user account databases across systems, that can create orphaned account issues, and the need to remember different credentials for each system. When user access is no longer authorized, an organizational level system can simultaneously revoke access to all systems.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>