STIGQter STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:

The VVoIP system and supporting LAN design must contain one or more routing devices to provide support for required ACLs between the various required VVoIP VLANs.

DISA Rule

SV-21629r2_rule

Vulnerability Number

V-19565

Group Title

VVoIP Core ACL support

Rule Version

VVoIP 5510 (LAN)

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Ensure the VVoIP system and supporting LAN design contains one or more routing devices (router or layer 3 switch) to provide traffic control (support for required ACLs) between the various required VVoIP VLANs.

Install the required routing equipment as close to the VVoIP core equipment as is practical and apply the required ACLs.

Check Contents

Validate that the various parts of the VVoIP core equipment are connected to one or more routing devices such that the required traffic control ACLs can be implemented as close to the core equipment as possible.

Verify the supporting LAN design contains one or more routing devices to provide support for required ACLs between the VVoIP VLANs required for the core equipment. These devices should be as close to the VVoIP core equipment as possible. As such this is the intersection of these VLANs. If the VVoIP core equipment is not connected to a routing device to implement ACLs, this is a finding.

NOTE: this does not have to be one device but could be several, particularly if the VVoIP equipment is split and geographically diverse in support of system survivability. These devices may be the core routing devices for the data or dedicated to the VVoIP system.

Vulnerability Number

V-19565

Documentable

False

Rule Version

VVoIP 5510 (LAN)

Severity Override Guidance

Validate that the various parts of the VVoIP core equipment are connected to one or more routing devices such that the required traffic control ACLs can be implemented as close to the core equipment as possible.

Verify the supporting LAN design contains one or more routing devices to provide support for required ACLs between the VVoIP VLANs required for the core equipment. These devices should be as close to the VVoIP core equipment as possible. As such this is the intersection of these VLANs. If the VVoIP core equipment is not connected to a routing device to implement ACLs, this is a finding.

NOTE: this does not have to be one device but could be several, particularly if the VVoIP equipment is split and geographically diverse in support of system survivability. These devices may be the core routing devices for the data or dedicated to the VVoIP system.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

594

Comments