Title

The Unified Communications Session Manager must be configured to terminate all network connections associated with a communications session at the end of the session. (Cat II impact)

Discussion

Terminating network connections associated with communications sessions includes, for example, de-allocating associated TCP/IP address/port pairs at the operating system level, and de-allocating networking assignments at the application level if multiple application sessions are using a single, operating system level network connection. Unified Communications Session Managers do not conduct media session; they conduct the session termination signaling. Endpoints and border elements conduct the media sessions and de-allocate those resources. However, sessions that do not receive a response from the far end may require the session manager to request termination of communication sessions.

Check Content

Verify the Unified Communications Session Manager terminates all network connections associated with a communications session at the end of the session. If the Unified Communications Session Manager does not terminate all network connections associated with a communications session at the end of the session, this is a finding.

Fix Text

Configure the Unified Communications Session Manager to terminate all network connections associated with a communications session at the end of the session.

Additional Identifiers

Rule ID: SRG-NET-000213-VVSM-00101_rule

Vulnerability ID: SRG-NET-000213-VVSM-00101

Group Title: SRG-NET-000213-VVSM-00101

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.