STIGQter: STIG Summary: Voice/Video over Internet Protocol (VVoIP) STIG Version: 3 Release: 14 Benchmark Date: 26 Apr 2019: STIGQter: STIG Summary: Voice/Video over Internet Protocol (VVoIP) STIG Version: 3 Release: 14 Benchmark Date: 26 Apr 2019:SV-23729r3_rule
V-21517
VVoIP 5111
VVoIP 5111
CAT II
10
Configure the network elements supporting VoIP services to provide redundancy supporting C2 assured services and FES communications. Ensure the routing and switching network devices have redundant capability and configured to implement as follows:
- Dual Power Supplies - each platform must have a minimum of two power supplies and the loss of a single power supply shall not cause any loss of functions within the chassis.
- Dual Processors (Control Supervisors) - each chassis shall support dual control processors and failure of any one processor shall not cause any loss of functions within the chassis.
- Termination Sparing - each chassis shall support a (N + 1) sparing capability minimally for available Ethernet modules used to terminate to an IP subscriber.
- Protocol Redundancy - each routing device shall support protocols allowing for dynamic rerouting.
- Backplane Redundancy - Each switching platform shall support a redundant (1 + 1) switching fabric or backplane and the second fabric’s backplane shall be in active standby so that failure of the first shall not cause loss of ongoing events within the switch. Alternately, a secondary product may be added to provide redundancy to the primary product when redundant protocols are implemented such that the failover over to the secondary product must not result in any lost calls.
If the network elements do not support a minimum of 96 instruments, this is not applicable. Review the network elements configuration supporting VoIP services to provide redundancy supporting C2 assured services and FES communications. Visually confirm the routing and switching network devices are redundant as follows:
- Dual Power Supplies - Each platform must have a minimum of two power supplies and the loss of a single power supply shall not cause any loss of functions within the chassis.
- Dual Processors (Control Supervisors) - Each chassis shall support dual control processors and failure of any one processor shall not cause any loss of functions within the chassis.
- Termination Sparing - Each chassis shall support a (N + 1) sparing capability minimally for available Ethernet modules used to terminate to an IP subscriber.
- Protocol Redundancy - Each routing device shall support protocols allowing for dynamic rerouting.
- Backplane Redundancy – each switching platform shall support a redundant (1 + 1) switching fabric or backplane and the second fabric’s backplane shall be in active standby so that failure of the first shall not cause loss of ongoing events within the switch. Alternately, a secondary product may be added to provide redundancy to the primary product when redundant protocols are implemented such that the failover over to the secondary product must not result in any lost calls.
Additionally, test the redundancy failover capability. While it is possible to unplug power cords and take other measures to test the failover capabilities, this is not recommended and must not be done in a production network unless scheduled for off duty hours.
If required failover capability is tested and fails, this is a finding. If the network elements configuration supporting VoIP services does not provide the redundancy conditions above to support C2 assured services and FES communications, this is a finding.
V-21517
False
VVoIP 5111
If the network elements do not support a minimum of 96 instruments, this is not applicable. Review the network elements configuration supporting VoIP services to provide redundancy supporting C2 assured services and FES communications. Visually confirm the routing and switching network devices are redundant as follows:
- Dual Power Supplies - Each platform must have a minimum of two power supplies and the loss of a single power supply shall not cause any loss of functions within the chassis.
- Dual Processors (Control Supervisors) - Each chassis shall support dual control processors and failure of any one processor shall not cause any loss of functions within the chassis.
- Termination Sparing - Each chassis shall support a (N + 1) sparing capability minimally for available Ethernet modules used to terminate to an IP subscriber.
- Protocol Redundancy - Each routing device shall support protocols allowing for dynamic rerouting.
- Backplane Redundancy – each switching platform shall support a redundant (1 + 1) switching fabric or backplane and the second fabric’s backplane shall be in active standby so that failure of the first shall not cause loss of ongoing events within the switch. Alternately, a secondary product may be added to provide redundancy to the primary product when redundant protocols are implemented such that the failover over to the secondary product must not result in any lost calls.
Additionally, test the redundancy failover capability. While it is possible to unplug power cords and take other measures to test the failover capabilities, this is not recommended and must not be done in a production network unless scheduled for off duty hours.
If required failover capability is tested and fails, this is a finding. If the network elements configuration supporting VoIP services does not provide the redundancy conditions above to support C2 assured services and FES communications, this is a finding.
M
3407