← Back to Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide

V-259977

CAT II (Medium)

The Enterprise Voice, Video, and Messaging Endpoint must generate audit records showing starting and ending time for user access to the system.

Rule ID

SV-259977r948898_rule

STIG

Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide

Version

V1R3

CCIs

CCI-000172

Discussion

Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident, or identify those responsible for one. Audit records are commonly produced by session management and border elements. Many Enterprise Voice, Video, and Messaging Endpoints are not capable of providing audit records and instead rely on session management and border elements. Enterprise Voice, Video, and Messaging Endpoints capable of producing audit records provide supplemental confirmation of monitored events. Enterprise Voice, Video, and Messaging Endpoints that communicate beyond these defined environments must generate audit records.

Check Content

Verify the Enterprise Voice, Video, and Messaging Endpoint generates audit records showing starting and ending time for user access to the system.

If the Enterprise Voice, Video, and Messaging Endpoint does not generate audit records showing starting and ending time for user access, this is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Endpoint to generate audit records showing starting and ending time for user access to the system.