STIGQter: STIG Summary: Voice/Video over Internet Protocol (VVoIP) STIG Version: 3 Release: 14 Benchmark Date: 26 Apr 2019:

LAN access switchports supporting VVoIP or VTC endpoints containing a PC port are configured in trunk mode, NOT in access mode or “802.1Q tagged access mode.”

DISA Rule

SV-21789r2_rule

Vulnerability Number

V-19648

Group Title

Deficient LAN switch port config: switch port mode

Rule Version

VVoIP 5545

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Ensure all LAN access switchports that support VVoIP and/or VTC endpoints containing a PC port are configured in access mode or “802.1Q tagged access mode” and NOT trunk mode. (e.g., “switchport mode access” NOT “switchport mode trunk”)

Check Contents

Inspect LAN access switchport configuration settings to confirm compliance with the following requirement:
Ensure all LAN access switchports that support VVoIP and/or VTC endpoints containing a PC port are configured in access mode or “802.1Q tagged access mode” and NOT trunk mode. (e.g., “switchport mode access” NOT “switchport mode trunk”).

Vulnerability Number

V-19648

Documentable

False

Rule Version

VVoIP 5545

Severity Override Guidance

Inspect LAN access switchport configuration settings to confirm compliance with the following requirement:
Ensure all LAN access switchports that support VVoIP and/or VTC endpoints containing a PC port are configured in access mode or “802.1Q tagged access mode” and NOT trunk mode. (e.g., “switchport mode access” NOT “switchport mode trunk”).

Check Content Reference

M

Target Key

3407

Comments