Check: SRG-NET-000048-VVEP-00100
Enterprise Voice, Video, and Messaging Endpoint SRG:
SRG-NET-000048-VVEP-00100
(in versions v1 r2 through v1 r1)
Title
The Enterprise Voice, Video, and Messaging Endpoint must notify the user, upon successful logon (access) to the network element, of the date and time of the last logon (access). (Cat II impact)
Discussion
Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. This applies to network elements that have the concept of a user account and have the login function residing on the network element.
Check Content
Verify that the Enterprise Voice, Video, and Messaging Endpoint notifies the user, upon successful logon (access) to the network element, of the date and time of the last logon (access). If the Enterprise Voice, Video, and Messaging Endpoint does not notify the user, upon successful logon (access) to the network element, of the date and time of the last logon (access), this is a finding.
Fix Text
Configure the Enterprise Voice, Video, and Messaging Endpoint to notify the user, upon successful logon (access) to the network element, of the date and time of the last logon (access).
Additional Identifiers
Rule ID: SV-259952r987730_rule
Vulnerability ID: V-259952
Group Title: SRG-NET-000048
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000052 |
Notify the user, upon successful logon (access) to the system, of the date and time of the last logon (access). |
| CCI-000366 |
Implement the security configuration settings. |