← Back to Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide

V-260012

CAT II (Medium)

The Enterprise Voice, Video, and Messaging Session Manager must be configured to uniquely identify each Voice Video Endpoint device before registration.

Rule ID

SV-260012r948997_rule

STIG

Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide

Version

V1R2

CCIs

CCI-000778

Discussion

Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Typically, devices can be identified by MAC or IP address, but certificates provide a greater level of security. Identification of devices works with registration of devices as part of a defense in depth approach to Voice Video networks. Registration is the process of authorizing endpoints to communicate with the session manager. Registration occurs with the SIP server in VoIP systems and with a gatekeeper in H.323 systems. Without enforcing registration, an adversary could impersonate a legitimate device on the Voice Video network.

Check Content

Verify the Enterprise Voice, Video, and Messaging Session Manager uniquely identifies all Voice Video Endpoint devices before registration.

If the Enterprise Voice, Video, and Messaging Session Manager does not uniquely identify all Voice Video Endpoint devices before registration, this is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Session Manager to uniquely identify all Voice Video Endpoint devices before registering those devices.