An error occurred:

Check: SRG-NET-000138-VVSM-00101

Enterprise Voice, Video, and Messaging Session Management SRG: SRG-NET-000138-VVSM-00101 (in version v1 r1)

Title

The Enterprise Voice, Video, and Messaging Session Manager must be configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). (Cat I impact)

Discussion

To ensure accountability and prevent unauthenticated access, organizational users must be uniquely identified and authenticated to prevent potential misuse and compromise of the system. Sharing of accounts prevents accountability and nonrepudiation. Organizational users must be uniquely identified and authenticated for all accesses.

Check Content

Verify the Enterprise Voice, Video, and Messaging Session Manager uniquely identifies all users. If the Enterprise Voice, Video, and Messaging Session Manager does not uniquely identify all users, then is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Session Manager to uniquely identify all users.

Additional Identifiers

Rule ID: SV-260009r948988_rule

Vulnerability ID: V-260009

Group Title: SRG-NET-000138

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000764

Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-2

Identification and Authentication (organizational Users)