Title

An ISDN-based VTC system supporting secure (classified) and non-secure (unclassified) conferences while implementing dialing capability from the CODEC must utilize an approved EIA-366-A dial isolator that disconnects the dialing channel between the CODEC and IMUX when the IMUX signals it is connected to another IMUX (i.e., the session is connected). (Cat II impact)

Discussion

When dialing is performed from the CODEC, an EIA-366 connection is made between the CODEC and the IMUX to carry the dialing instructions to the IMUX which actually performs the dialing function. This is not an issue if there is no EIA-366-A connection between the CODEC and the IMUX and all dialing is performed from the IMUX.

Check Content

Review the documentation to determine whether an approved EIA-366-A dial isolator is in place. DISN Video Services (DVS) maintains a list of A/B switches and dial isolators that have been TEMPEST certified to meet the above requirements at http://disa.mil/Services/Network-Services/Video/~/media/Files/DISA/Services/DVS/red_black_peripherals.xls. If a dial isolator is not implemented and used, or the dial isolator is not on the list, this is a finding. If there is no EIA-366-A connection between the CODEC and the IMUX and all dialing is performed from the IMUX, this is not a finding.

Fix Text

Obtain and install an approved EIA-366-A dial isolator unless there is no EIA-366-A connection between the CODEC and the IMUX and all dialing is performed from the IMUX.

Additional Identifiers

Rule ID: SV-55772r1_rule

Vulnerability ID: V-43043

Group Title: RTS-VTC 7380 [ISDN]

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.