STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 6 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide

V-259947

CAT II (Medium)

The Enterprise Voice, Video, and Messaging Endpoint must be configured to use a voice video VLAN, separate from all other VLANs.

Rule ID

SV-259947r1117236_rule

STIG

Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide

Version

V1R3

CCIs

CCI-001368

Discussion

Virtualized networking is used to separate voice video traffic from other types of traffic, such as data, management, and other special types. VLANs provide segmentation at layer 2. Virtual Routing and Forwarding (VRF) provides segmentation at layer 3 and works with Multiprotocol Label Switching (MPLS) for enterprise and WAN environments. When VRF is used without MPLS, it is referred to as VRF lite. For Voice Video systems, subnets, VLANs, and VRFs are used to separate media and signaling streams from all other traffic.

Check Content

Verify the Enterprise Voice, Video, and Messaging Endpoint is configured to use a voice video VLAN separate from all other VLANs. For networks with both VoIP and videoconferencing, best practice is to have a separate voice VLAN and video VLAN.

If the Enterprise Voice, Video, and Messaging Endpoint does not use a voice video VLAN separate from all other VLANs, this is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Endpoint to use a voice video VLAN separate from all other VLANs.