In the event a secure Session Initiation Protocol (SIP) connection fails, the connection must be restricted from resorting to the unencrypted HTTP.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>Prevents from HTTP being used for SIP connection in case TLS or TCP fail. </VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-85529r1_rule
Severity: Medium
References: CCI-001184
Updated: about 1 year ago

Set the policy value for Computer Configuration -> Administrative Templates -> Skype for Business 2016 -> Microsoft Lync Feature Policies "Disable HTTP fallback for SIP connection" to "Enabled".

In the event a secure Session Initiation Protocol (SIP) connection fails, the connection must be restricted from resorting to the unencrypted HTTP.

Description

Remediation - Manual Procedure