Title

The Enterprise Voice, Video, and Messaging Session Manager must be configured to terminate all network connections associated with a communications session at the end of the session. (Cat II impact)

Discussion

Terminating network connections associated with communications sessions includes, for example, de-allocating associated TCP/IP address/port pairs at the operating system level, and de-allocating networking assignments at the application level if multiple application sessions are using a single, operating system level network connection. Enterprise Voice, Video, and Messaging Session Managers do not conduct media session; they conduct the session termination signaling. Endpoints and border elements conduct the media sessions and de-allocate those resources. However, sessions that do not receive a response from the far end may require the session manager to request termination of communication sessions.

Check Content

Verify the Enterprise Voice, Video, and Messaging Session Manager terminates all network connections associated with a communications session at the end of the session. If the Enterprise Voice, Video, and Messaging Session Manager does not terminate all network connections associated with a communications session at the end of the session, this is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Session Manager to terminate all network connections associated with a communications session at the end of the session.

Additional Identifiers

Rule ID: SV-260013r949000_rule

Vulnerability ID: V-260013

Group Title: SRG-NET-000213

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.