UCF STIG Viewer Logo

Links within the SS7 network are not encrypted.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7950 DSN09.05 SV-8436r1_rule ECCT-1 ECSC-1 Medium
Description
Requirement: The IAO will ensure that all SS7 links leaving a base/post/camp/station are encrypted. The examination of traffic patterns and statistics can reveal compromising information. Such information may include call source, destination, duration, frequency, and precedence level. The DSN common channel signaling links contain this type of information and must be protected.
STIG Date
Defense Switched Network STIG 2015-01-02

Details

Check Text ( C-7331r1_chk )
Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable.
Fix Text (F-7525r1_fix)
Ensure all SS7 links are, at a minimum, bulk encrypted before leaving the facility or installation.