STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:SV-21747r1_rule
V-19606
VVoIP 7100 (ITSP)
VVoIP 7100 (ITSP)
CAT II
10
Obtain approval by the DoDIN Waiver Panel and signature by the DOD CIO for a permanent “alternate connection” to the ITSP for any connection with a commercial VoIP provider (ITSP).
Inspect the VVoIP implementation system design for connections to commercial VoIP ITSP. If the ITSP is providing converged services or other services beyond SIP trunking, NET0160 applies.
The use cases applicable to this requirement:
Use Case 1: ITSP connections providing direct connection to the enclave’s DoD LAN.
Use Case 2: ITSP connections providing a SIP trunk terminating on a media gateway that provides TDM trunks or POTS lines to traditional non-VoIP PBX, key system, or individual end instrument.
Use Case 3: ITSP connections terminating on a separate LAN from the enclave’s DoD LAN supporting a separate VoIP system.
Use Case 4: ITSP connections providing service over any approved ISP gateway.
If any enclave connects with commercial VoIP provider (ITSP) and is not approved by the DoDIN Waiver Panel, this is a finding. If the DOD CIO has not signed for a permanent “alternate connection” to the ITSP, this is a finding.
NOTE: This connection will be a permanent connection and should be designated or recognized as such in the approval documentation since most such approvals are for temporary connections.
V-19606
False
VVoIP 7100 (ITSP)
Inspect the VVoIP implementation system design for connections to commercial VoIP ITSP. If the ITSP is providing converged services or other services beyond SIP trunking, NET0160 applies.
The use cases applicable to this requirement:
Use Case 1: ITSP connections providing direct connection to the enclave’s DoD LAN.
Use Case 2: ITSP connections providing a SIP trunk terminating on a media gateway that provides TDM trunks or POTS lines to traditional non-VoIP PBX, key system, or individual end instrument.
Use Case 3: ITSP connections terminating on a separate LAN from the enclave’s DoD LAN supporting a separate VoIP system.
Use Case 4: ITSP connections providing service over any approved ISP gateway.
If any enclave connects with commercial VoIP provider (ITSP) and is not approved by the DoDIN Waiver Panel, this is a finding. If the DOD CIO has not signed for a permanent “alternate connection” to the ITSP, this is a finding.
NOTE: This connection will be a permanent connection and should be designated or recognized as such in the approval documentation since most such approvals are for temporary connections.
M
Information Assurance Officer
594