Title

The local Enterprise Voice, Video, and Messaging system must have the capability to place intrasite and local phone calls when network connectivity is severed from the remote centrally located session controller. (Cat II impact)

Discussion

Voice phone services are critical to the effective operation of a business, an office, or in support or control of a DOD mission. It is critical that phone service is available in the event of an emergency situation, such as a security breach or life safety event. The ability to place calls to emergency services must be maintained. DOD voice networks are designed to be extremely reliable and provide continuity of operations (COOP) support. However, the potential exists that a site may become severed from the DOD network. Some site's DOD VoIP phone systems are implemented without a local session controller. The session controller may be located remotely and serve several sites by providing long local service. This implementation scenario provides for central management of the overall phone system, saves in initial implementation cost, and saves in operating costs. Therefore, this scenario has many benefits. Unfortunately, to place a call between two endpoints within the local site or to place a call via the local commercial service connection, the initiating end instrument has to send its signal messages to the remote session controller over the DISN WAN connection, and then the session controller has to signal the called instrument or media gateway over the same WAN connection. Several messages are sent (back and forth) over the WAN connection before the two local endpoints can send their media streams directly between themselves. While the need to signal over the WAN connection can cause longer call setup time, which can be extended if there is congestion in the network, no call can be placed anywhere from the local site if it is cut off from its session controller. Based on this fact, and in support of maintaining viable local voice services in the event the site is cut off from its remote session controller, each physical site must maintain minimal local call control as a backup so that local intrasite and local commercial network calls can be placed. While this works to maintain local emergency service availability for security and life safety emergencies, it also provides the capability to make calls between DOD sites using the commercial network.

Check Content

Review site documentation to confirm the local Enterprise Voice, Video, and Messaging system has the capability to place intrasite and local phone calls when network connectivity is severed from the remote centrally located session controller. If the local Enterprise Voice, Video, and Messaging system does not have the capability to place intrasite and local phone calls when network connectivity is severed, this is a finding. Reliance on government-furnished equipment or personal cellphones does not meet this requirement because signal strength and reliability are reduced inside buildings, and cellphones are not permitted in most DOD facilities. The minimum capability for placement of line-side precedence calls depends on the command and control (C2) requirements of the site and must be determined in conjunction with the local command authority. To satisfy this requirement, at a minimum, ROUTINE call placement capabilities must be maintained.

Fix Text

Implement and document the local Enterprise Voice, Video, and Messaging system with the capability to place intrasite and local phone calls when network connectivity is severed. The minimum capability for placement of line-side precedence calls depends on the C2 requirements of the site and must be determined in conjunction with the local command authority. To satisfy this requirement, at a minimum, ROUTINE call placement capabilities must be maintained.

Additional Identifiers

Rule ID: SV-259910r948756_rule

Vulnerability ID: V-259910

Group Title: SRG-VOIP-000300

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.