An error occurred:

Check: SRG-NET-000138-VVSM-00101

Unified Communications Session Management SRG: SRG-NET-000138-VVSM-00101 (in version v1 r0.1)

Title

The Unified Communications Session Manager must be configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). (Cat I impact)

Discussion

To assure accountability and prevent unauthenticated access, organizational users must be uniquely identified and authenticated to prevent potential misuse and compromise of the system. Sharing of accounts prevents accountability and non-repudiation. Organizational users must be uniquely identified and authenticated for all accesses.

Check Content

Verify the Unified Communications Session Manager uniquely identifies all users. If the Unified Communications Session Manager does not uniquely identify all users, then is a finding.

Fix Text

Configure the Unified Communications Session Manager to uniquely identify all users.

Additional Identifiers

Rule ID: SRG-NET-000138-VVSM-00101_rule

Vulnerability ID: SRG-NET-000138-VVSM-00101

Group Title: SRG-NET-000138-VVSM-00101

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000764

Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-2

Identification and Authentication (organizational Users)