Skip to content
Log In

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-VOIP-000200

    Group
    Show

  • An IP-based VTC system implementing a single set of input/output devices (cameras, microphones, speakers, control system), an A/V switcher, and multiple CODECs connected to multiple IP networks with different classification levels must provide automatic mutually exclusive power control for the CODECs or their network connections so only one CODEC is powered on or one CODEC is connected to any network at any given time.

    If a VTC system is implemented using multiple CODECs, each connected to a network with a different classification level, along with an A/V switcher, a potential path exists through the CODECs and A...
    Rule Medium Severity
    Show

  • SRG-VOIP-000210

    Group
    Show

  • The implementation of an IP-based VTC system that supports conferences on multiple networks with different classification levels must maintain isolation between the networks to which it connects by implementing separation of equipment and cabling between the various networks with differing classification levels in accordance with CNSSAM TEMPEST/01-13, RED/BLACK Installation Guidance.

    Information leakage is the intentional or unintentional release of information to an untrusted environment from electromagnetic signals emanations. Security categories or classifications of informa...
    Rule Medium Severity
    Show

  • SRG-VOIP-000220

    Group
    Show

  • Video conferencing, Unified Capability (UC) soft client, and speakerphone speaker operations policy must prevent disclosure of sensitive or classified information over nonsecure systems.

    Speakers used with Voice Video systems and devices may be heard by people and microphones with no relationship to the conference or call in progress. In open areas, conference audio may be overhear...
    Rule Medium Severity
    Show

  • SRG-VOIP-000230

    Group
    Show

  • An inventory of authorized instruments must be documented and maintained in support of the detection of unauthorized instruments connected to the Enterprise Voice, Video, and Messaging system.

    Traditional telephone systems require physical wiring and/or switch configuration changes to add an instrument to the system. This makes it difficult for someone to add unauthorized digital instrum...
    Rule Medium Severity
    Show

  • SRG-VOIP-000240

    Group
    Show

  • Customers of the DISN VoSIP service must use address blocks assigned by the DRSN/VoSIP PMO.

    Ensure different, dedicated, address blocks or ranges are defined for the VVoIP system within the LAN (Enclave) that are separate from the address blocks/ranges used by the rest of the LAN for non-...
    Rule Low Severity
    Show

  • SRG-VOIP-000250

    Group
    Show

  • Voice networks must not be bridged via a Unified Capability (UC) soft client accessory.

    While a headset, microphone, or webcam can be considered to be UC soft client accessories, these are also accessories for other collaboration and communications applications. This discussion rela...
    Rule Medium Severity
    Show

  • SRG-VOIP-000260

    Group
    Show

  • When soft-phones are implemented as the primary voice endpoint in the user's workspace, a policy must be defined to supplement with physical hardware-based phones near all such workspaces.

    This and several other requirements discuss the implementation of PC soft-phones or UC applications as the primary and only communications device in the user's workspace. While this degrades the ...
    Rule Medium Severity
    Show

  • SRG-VOIP-000270

    Group
    Show

  • Implementing Unified Capabilities (UC) soft clients as the primary voice endpoint must have authorizing official (AO) approval.

    The AO responsible for the implementation of a voice system that uses UC soft clients for its endpoints must be made aware of the risks and benefits. In addition, the commander of an organization w...
    Rule Medium Severity
    Show

  • SRG-VOIP-000280

    Group
    Show

  • Deploying Unified Capabilities (UC) soft clients on DOD networks must have authorizing official (AO) approval.

    This use case addresses situations in which UC soft client applications on workstations are not the primary voice communications device in the work area. This means there is a validated mission nee...
    Rule Medium Severity
    Show

  • SRG-VOIP-000290

    Group
    Show

  • A Call Center or Computer Telephony Integration (CTI) system using soft clients must be segregated into a protected enclave and limit traffic traversing the boundary.

    UC soft clients may be used on a strategic LAN when associated with or part of a CTI application. Traditional computer telephony integration CTI encompasses the control of a telephone or telecommun...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules