STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:SV-17099r2_rule
V-16111
VVoIP 1705
VVoIP 1705
CAT II
10
Ensure the UC soft clients are supported by the manufacturer or vendor.
Review the site documentation to confirm the UC soft clients are supported by the manufacturer or vendor. Sources for UC soft clients include:
- UC soft clients sourced from the enclave’s VoIP system vendor or their approved partner.
- VTC soft clients sourced from the enclave’s or program’s VTC system vendor or their approved partner.
- UC soft clients sourced from the enclave’s or program’s Collaboration system vendor or their approved partner.
- The workstation operating system vendor when the application is approved to interoperate with the primary systems above.
- An information system program providing the application from an appropriate source with the required testing, certification, and accreditation.
If the UC soft clients are not supported by the manufacturer or vendor, this is a finding. If the source or distribution of the UC soft client is freeware or shareware, such as applications from Yahoo, MSN, Google, or Skype, this is a finding.
NOTE: this is not a finding when the UC soft clients are shareware, freeware, or sourced from a third party other than a system vendor and the UC soft client is necessary to accomplish the mission; there are no alternative IT solutions available; and the product has been assessed for information assurance impacts, and approved for use by the AO in writing.
V-16111
False
VVoIP 1705
Review the site documentation to confirm the UC soft clients are supported by the manufacturer or vendor. Sources for UC soft clients include:
- UC soft clients sourced from the enclave’s VoIP system vendor or their approved partner.
- VTC soft clients sourced from the enclave’s or program’s VTC system vendor or their approved partner.
- UC soft clients sourced from the enclave’s or program’s Collaboration system vendor or their approved partner.
- The workstation operating system vendor when the application is approved to interoperate with the primary systems above.
- An information system program providing the application from an appropriate source with the required testing, certification, and accreditation.
If the UC soft clients are not supported by the manufacturer or vendor, this is a finding. If the source or distribution of the UC soft client is freeware or shareware, such as applications from Yahoo, MSN, Google, or Skype, this is a finding.
NOTE: this is not a finding when the UC soft clients are shareware, freeware, or sourced from a third party other than a system vendor and the UC soft client is necessary to accomplish the mission; there are no alternative IT solutions available; and the product has been assessed for information assurance impacts, and approved for use by the AO in writing.
M
Information Assurance Manager
594