STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:SV-21736r1_rule
V-19595
Deficient DISN IPVS integration for C2 support
VVoIP 6105 (DISN-IPVS)
CAT II
10
In the event the VVoIP system within the enclave connects to the DISN WAN for VVoIP transport between enclaves AND the system is intended to provide assured service communications between enclaves to any level of C2 user (Special C2, C2, C2(R)), ensure the system is integrated with (subscribed to) the worldwide DISN IPVS network operating on the appropriately classified DISN IP WAN service (i.e., DISN NIPRNet IP Voice Services (IPVS) or DISN SIPRNet IP Voice Services (IPVS) otherwise known as VoSIP).
Interview the IAO to confirm compliance with the following requirement:
In the event the VVoIP system within the enclave connects to the DISN WAN for VVoIP transport between enclaves AND the system is intended to provide assured service communications between enclaves to any level of C2 user (Special C2, C2, C2(R)), ensure the system is integrated with (subscribed to) the worldwide DISN IPVS network operating on the appropriately classified DISN IP WAN service (i.e., DISN NIPRNet IP Voice Services (IPVS) or DISN SIPRNet IP Voice Services (IPVS) otherwise known as VoSIP).
NOTE: an exception is given for an enclave that is part of an Intranet if the intranet as a whole is subscribed to the appropriate DISN IPVS.
NOTE: An exception is given for private VVoIP communications systems implemented amongst a small community of interest to fulfill a validated mission requirement. In this case, the system is essentially an intercom even though it might span enclave boundaries and the DISN.
Determine if the system is used to provide assured service communications between enclaves to any level of C2 user (Special C2, C2, C2(R)).
This is a finding in the event the VVoIP system within the enclave is connected to the DISN WAN for VVoIP transport but is not subscribes to or integrated with the DISN IPVS implemented on NIPRNet or SIPRNet.
This is not a finding in the event the VVoIP system within the enclave is integrated with a service level Intranet or if it is implemented as a private communications system (e.g., intercom) implemented amongst a small community of interest to fulfill a validated mission requirement.
V-19595
False
VVoIP 6105 (DISN-IPVS)
Interview the IAO to confirm compliance with the following requirement:
In the event the VVoIP system within the enclave connects to the DISN WAN for VVoIP transport between enclaves AND the system is intended to provide assured service communications between enclaves to any level of C2 user (Special C2, C2, C2(R)), ensure the system is integrated with (subscribed to) the worldwide DISN IPVS network operating on the appropriately classified DISN IP WAN service (i.e., DISN NIPRNet IP Voice Services (IPVS) or DISN SIPRNet IP Voice Services (IPVS) otherwise known as VoSIP).
NOTE: an exception is given for an enclave that is part of an Intranet if the intranet as a whole is subscribed to the appropriate DISN IPVS.
NOTE: An exception is given for private VVoIP communications systems implemented amongst a small community of interest to fulfill a validated mission requirement. In this case, the system is essentially an intercom even though it might span enclave boundaries and the DISN.
Determine if the system is used to provide assured service communications between enclaves to any level of C2 user (Special C2, C2, C2(R)).
This is a finding in the event the VVoIP system within the enclave is connected to the DISN WAN for VVoIP transport but is not subscribes to or integrated with the DISN IPVS implemented on NIPRNet or SIPRNet.
This is not a finding in the event the VVoIP system within the enclave is integrated with a service level Intranet or if it is implemented as a private communications system (e.g., intercom) implemented amongst a small community of interest to fulfill a validated mission requirement.
I
The inability to make precedence or priority calls across the DISN in support of C2 assured service communications.
Information Assurance Officer
594