| Checked | Name | Title |
|---|
| ☐ | SV-206810r508661_rule | The Voice Video Session Manager must automatically disable Voice Video endpoint user access after a 35 day period of account inactivity. |
| ☐ | SV-206811r508661_rule | The Voice Video Session Manager must enforce registration of only approved Voice Video endpoints prior to operation. |
| ☐ | SV-206812r508661_rule | The Voice Video Session Manager must disable (prevent) auto-registration of Voice Video endpoints. |
| ☐ | SV-206813r508661_rule | The Voice Video Session Manager must control flow within the enclave based on approved dial plans. |
| ☐ | SV-206814r508661_rule | The Voice Video Session Manager must control flow outside the enclave based on approved dial plans. |
| ☐ | SV-206815r508661_rule | The Voice Video Session Manager must produce session (call) records containing the type of session connection. |
| ☐ | SV-206816r508661_rule | The Voice Video Session Manager must produce session (call) records containing when (date and time) the connection was established. |
| ☐ | SV-206817r508661_rule | The Voice Video Session Manager must produce session (call) records containing when (date and time) the connection was terminated. |
| ☐ | SV-206818r508661_rule | The Voice Video Session Manager must produce session (call) records containing where (location) the connection originated. |
| ☐ | SV-206819r508661_rule | The Voice Video Session Manager must produce session (call) records containing the identity of the initiator of the call. |
| ☐ | SV-206820r508661_rule | The Voice Video Session Manager must produce session (call) records containing the outcome (status) of the connection. |
| ☐ | SV-206821r508661_rule | The Voice Video Session Manager must produce session (call) records containing the identity of the users and identifiers associated with the session. |
| ☐ | SV-206822r508661_rule | The Voice Video Session Manager must alert the ISSO and SA (at a minimum) in the event of a session (call) record system failure. |
| ☐ | SV-206823r508661_rule | The Voice Video Session Manager must protect session (call) records from unauthorized modification. |
| ☐ | SV-206824r508661_rule | The Voice Video Session Manager must protect session (call) records from unauthorized deletion. |
| ☐ | SV-206825r508661_rule | The Voice Video Session Manager must produce session (call) records for events determined to be significant and relevant by local policy. |
| ☐ | SV-206826r508661_rule | The Voice Video Session Manager must be configured to disable non-essential capabilities. |
| ☐ | SV-206827r508661_rule | The Voice Video Session Manager must only use of ports, protocols, and services allowed per the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and Vulnerability Assessments (VAs). |
| ☐ | SV-206828r508661_rule | The Voice Video Session Manager must implement attack-resistant mechanisms for Voice Video endpoint registration. |
| ☐ | SV-206829r508661_rule | The Voice Video Session Manager must uniquely identify each Voice Video endpoint device before registration. |
| ☐ | SV-206830r508661_rule | The Voice Video Session Manager must use encryption for signaling and media traffic. |
| ☐ | SV-206831r508661_rule | The Voice Video Session Manager must terminate all network connections associated with a communications session at the end of the session, or the session must be terminated after 15 minutes of inactivity. |
| ☐ | SV-206832r508661_rule | The Voice Video Session Manager supporting Command and Control (C2) communications must associate multilevel precedence and preemption (MLPP) attributes when exchanged between unified capabilities (UC) systems. |
| ☐ | SV-206833r508661_rule | The Voice Video Session Manager supporting Command and Control (C2) communications must validate the integrity of transmitted multilevel precedence and preemption (MLPP) attributes. |
| ☐ | SV-206834r508661_rule | The Voice Video Session Manager must protect the authenticity of communications sessions. |
| ☐ | SV-206835r508661_rule | The Voice Video Session Manager must fail to a secure state if system initialization fails, shutdown fails, or aborts fail. |
| ☐ | SV-206836r508661_rule | In the event of a system failure, Voice Video Session Managers must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. |
| ☐ | SV-206837r508661_rule | The Voice Video Session Manager must generate session (call) records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information. |
| ☐ | SV-206838r508661_rule | The Voice Video Session Manager must restrict Voice Video endpoint user access outside of operational hours. |
| ☐ | SV-206839r508661_rule | The Voice Video Session Manager must immediately enforce changes to privileges of Voice Video endpoint user access. |
| ☐ | SV-206840r508661_rule | The Voice Video Session Manager must immediately enforce changes to privileges of Voice Video endpoint device access. |
| ☐ | SV-206842r508661_rule | The Voice Video Session Manager must provide centralized management of session (call) records. |
| ☐ | SV-206843r508661_rule | The Voice Video Session Manager must off-load session (call) records onto a different system or storage media. |
| ☐ | SV-206844r508661_rule | The Voice Video Session Manager must require Voice Video endpoints to re-register at least every three (3) hours. |
| ☐ | SV-206845r508661_rule | The Voice Video Session Manager must require Voice Video peers to re-register (re-authenticate) at least every hour. |
| ☐ | SV-206846r508661_rule | The Voice Video Session Manager must authenticate each Voice Video endpoint devices before registration. |
| ☐ | SV-206847r508661_rule | The Voice Video Session Manager must authenticate each Voice Video peer (trunk) before registration. |
| ☐ | SV-206848r508661_rule | The Voice Video Session Manager must provide an explicit indication of current participants in all videoconference-based and IP-based online meetings and conferences (excluding audio-only teleconferences using traditional telephony). |
| ☐ | SV-206849r508661_rule | The Voice Video Session Manager supporting Command and Control (C2) communications must associate multilevel precedence and preemption (MLPP) attributes when exchanged between unified capabilities (UC) system components. |
| ☐ | SV-206850r508661_rule | The Voice Video Session Manager supporting Command and Control (C2) communications must limit and reserve bandwidth based on priority of the traffic type. |
| ☐ | SV-206851r508661_rule | The Voice Video Session Manager must protect the confidentiality of transmitted configuration files, signaling, and media streams. |
| ☐ | SV-206852r508661_rule | The Voice Video Session Manager must protect the integrity of transmitted configuration files, signaling, and media streams. |
| ☐ | SV-206853r508661_rule | The Voice Video Session Manager must implement NIST FIPS-validated cryptography to generate cryptographic hashes and to protect sensitive unclassified information. |
| ☐ | SV-206854r508661_rule | The Voice Video Session Manager must prohibit remote activation of collaborative computing devices (excluding centrally managed, dedicated videoconference suites located in approved videoconference locations). |
| ☐ | SV-206855r508661_rule | The Voice Video Session Manager must route Fire and Emergency Services (FES) communications as a priority call in a non-blocking manner. |
| ☐ | SV-206856r508661_rule | The Voice Video Session Manager must provide Fire and Emergency Services (FES) with the Automatic Number Identification (ANI) of the initiator of the call. |
| ☐ | SV-206857r508661_rule | The Voice Video Session Manager must provide Fire and Emergency Services (FES) with the Automatic Location Identification (ALI) of the initiator of the call. |
| ☐ | SV-206858r508661_rule | The Voice Video Session Manager must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, Communication Tasking Orders (CTOs), and DTMs. |
| ☐ | SV-206859r508661_rule | The Voice Video Session Manager must be configured to obfuscate passwords within configuration files. |
| ☐ | SV-206860r508661_rule | The Voice Video Session Manager used for unclassified communication within a Sensitive Compartmented Information Facility (SCIF) or Special Access Program Facility (SAPF) must be configured in accordance with the Committee on National Security Systems Instruction (CNSSI) 5000. |
| ☐ | SV-206861r508661_rule | The Voice Video Session Manager must apply 802.1Q VLAN tags to signaling and media traffic or be in a private subnet. |
| ☐ | SV-206862r508661_rule | The Voice Video Session Manager must use a voice or video VLAN, separate from all other VLANs. |
STIGQter: STIG Summary: