STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:SV-21768r3_rule
V-19627
VVoIP 1800
VVoIP 1800
CAT II
10
Ensure traffic from a Unified Capabilities (UC) soft client, operated in a remote access scenario and using an encrypted VPN as required, is routed to the VoIP VLAN such that the separation of the voice and data zones is not degraded while all other traffic is routed to the data zone.
Configure the enclave boundary and remote access VLAN architecture to properly route VoIP traffic from the VPN to the voice VLANs and maintain proper flow control and access between the data VLANs and the voice VLANs.
Interview the ISSO to validate compliance with the following requirement:
Ensure traffic from a Unified Capabilities (UC) soft client, operated in a remote access scenario and using an encrypted VPN as required, is routed to the VoIP VLAN such that the separation of the voice and data zones is not degraded while all other traffic is routed to the data zone.
Inspect network diagrams to determine if the boundary and remote access VLAN architecture properly routes VoIP traffic from the VPN to the voice VLANs while maintaining proper flow control and access between the data VLANs and the voice VLANs. If the boundary and remote access VLAN architecture does not properly route VoIP traffic from the VPN to the voice VLANs while maintaining proper flow control and access between the data VLANs and the voice VLANs, this is a finding.
V-19627
False
VVoIP 1800
Interview the ISSO to validate compliance with the following requirement:
Ensure traffic from a Unified Capabilities (UC) soft client, operated in a remote access scenario and using an encrypted VPN as required, is routed to the VoIP VLAN such that the separation of the voice and data zones is not degraded while all other traffic is routed to the data zone.
Inspect network diagrams to determine if the boundary and remote access VLAN architecture properly routes VoIP traffic from the VPN to the voice VLANs while maintaining proper flow control and access between the data VLANs and the voice VLANs. If the boundary and remote access VLAN architecture does not properly route VoIP traffic from the VPN to the voice VLANs while maintaining proper flow control and access between the data VLANs and the voice VLANs, this is a finding.
M
Information Assurance Officer
594