Voice Video Endpoint SRG Version Comparison

There are 12 differences between versions v1 r4 (Jan. 1, 0001) (the "left" version) and v2 r2 (July 27, 2022) (the "right" version).

Check SRG-NET-000311-VVEP-00062 was added to the benchmark in the "right" version.

This check's original form is available here.

Title

The Voice Video Endpoint processing classified calls must be properly marked with the highest security level of the information being processed.

Check Content

If the Voice Video Endpoint is a soft client, this is Not Applicable. If the Voice Video Endpoint does not process classified calls, this is Not Applicable. Verify the Voice Video Endpoint processing classified calls is properly marked with the highest security level of the information being processed. If the Voice Video Endpoint processing classified calls is not properly marked with the highest security level of the information being processed, this is a finding.

Discussion

Without the association of security attributes to information, there is no basis for the network element to make security related access-control and flow-control decisions. Security attributes includes marking data as classified or FOUO. These security attributes may be assigned manually or during data processing but either way, it is imperative these assignments are maintained while the data is in process. If the security attributes are lost when the data is being processed, there is the risk of a data compromise. All hardware Voice Video endpoints processing classified calls, including phones and terminals, must be properly marked with the highest class-mark of the system. (Formerly DRSN 1098).

Fix

Properly mark the Voice Video Endpoint processing classified calls with the highest security level of the information being processed.