← Back to Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide

V-259960

CAT II (Medium)

The Enterprise Voice, Video, and Messaging Endpoint must be configured to produce session (call detail) records containing the identity of all users.

Rule ID

SV-259960r948847_rule

STIG

Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide

Version

V1R3

CCIs

CCI-001487

Discussion

Without information that establishes the identity of the subjects (i.e., users or processes acting on behalf of users) associated with the events, security personnel cannot determine responsibility for the potentially harmful event. Audit records are commonly produced by session management and border elements. Many Enterprise Voice, Video, and Messaging Endpoints are not capable of providing audit records and instead rely on session management and border elements. Enterprise Voice, Video, and Messaging Endpoints capable of producing audit records provide supplemental confirmation of monitored events. Enterprise Voice, Video, and Messaging Endpoints that communicate beyond these defined environments must generate audit records.

Check Content

Verify the Enterprise Voice, Video, and Messaging Endpoint produces session records containing the identity of all users on the call. 

If the Enterprise Voice, Video, and Messaging Endpoint does not produce session records containing the identity of all users on the call, this is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Endpoint to produce session records containing the identity of all users on the call.