Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-NET-000113

    <GroupDescription></GroupDescription>
    Group
  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to provide session (call detail) record generation capability.

    &lt;VulnDiscussion&gt;Session records are commonly produced by session management and border elements. Many Enterprise Voice, Video, and Messaging ...
    Rule Medium Severity
  • SRG-NET-000131

    <GroupDescription></GroupDescription>
    Group
  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to disable or remove nonessential capabilities.

    &lt;VulnDiscussion&gt;It is detrimental for Enterprise Voice, Video, and Messaging Endpoints when unnecessary features are enabled by default. Ofte...
    Rule Medium Severity
  • SRG-NET-000132

    <GroupDescription></GroupDescription>
    Group
  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to only use ports, protocols, and services allowed per the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and Vulnerability Assessments (VAs).

    &lt;VulnDiscussion&gt;In order to prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e....
    Rule High Severity
  • SRG-NET-000138

    <GroupDescription></GroupDescription>
    Group
  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to uniquely identify participating users.

    &lt;VulnDiscussion&gt;To ensure accountability and prevent unauthenticated access, users must be identified to prevent potential misuse and comprom...
    Rule High Severity
  • SRG-NET-000140

    <GroupDescription></GroupDescription>
    Group
  • The Enterprise Voice, Video, and Messaging Endpoint must use multifactor authentication for network access to nonprivileged (nonadmin) accounts.

    &lt;VulnDiscussion&gt;To ensure accountability and prevent unauthenticated access, nonprivileged users must use multifactor authentication to preve...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules