Check: SRG-NET-000076-VVSM-00030
Voice Video Session Management SRG:
SRG-NET-000076-VVSM-00030
(in versions v2 r2 through v1 r5)
Title
The Voice Video Session Manager must produce session (call) records containing where (location) the connection originated. (Cat II impact)
Discussion
Without the capability to generate session records, it is difficult to establish, correlate, and investigate the events relating to an incident, or identify those responsible. Session records are generated from several components within the Voice Video system (e.g., session manager, session border control, gateway, gatekeeper, or endpoints). Session record content that may be necessary to satisfy this requirement includes, for example, type of connection, connection origination, time stamps, outcome, user identities, and user identifiers. Additionally, an adversary must not be able to modify or delete session records.
Check Content
Verify the Voice Video Session Manager produces session records containing where (location) the connection originated. If the Voice Video Session Manager does not produce session records containing where (location) the connection originated, this is a finding.
Fix Text
Configure the Voice Video Session Manager to produce session records containing where (location) the connection originated.
Additional Identifiers
Rule ID: SV-206818r508661_rule
Vulnerability ID: V-206818
Group Title: SRG-NET-000076
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000132 |
The information system generates audit records containing information that establishes where the event occurred. |
Controls
Number | Title |
---|---|
AU-3 |
Content Of Audit Records |