The Enterprise Voice, Video, and Messaging Endpoint must be configured to integrate into the implemented 802.1x network access control system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-259944	SRG-NET-000018-VVEP-00102	SV-259944r948801_rule		Medium

Description
IEEE 802.1x is a protocol used to control access to LAN services via a network access switchport or wireless access point that requires a device or user to authenticate to the network element and become authorized by the authentication server before accessing the network. This standard is used to activate the network access switchport limiting traffic to a specific VLAN or install traffic filters. Implementing 802.1x port security on each access switchport denies all other MAC users, which eliminates the security risk of additional users attaching to a switch to bypass authentication. The hardware Enterprise Voice, Video, and Messaging Endpoint must be an 802.1x supplicant and integrate into the 802.1x access control system. When 802.1x is used, all devices connecting to the LAN are required to use 802.1x. MAC Authentication Bypass is permitted by the Enterprise Voice, Video, and Messaging Requirements Guide when the endpoint does not support 802.1x or required by mission continuity of operation requirements.

Description

IEEE 802.1x is a protocol used to control access to LAN services via a network access switchport or wireless access point that requires a device or user to authenticate to the network element and become authorized by the authentication server before accessing the network. This standard is used to activate the network access switchport limiting traffic to a specific VLAN or install traffic filters. Implementing 802.1x port security on each access switchport denies all other MAC users, which eliminates the security risk of additional users attaching to a switch to bypass authentication. The hardware Enterprise Voice, Video, and Messaging Endpoint must be an 802.1x supplicant and integrate into the 802.1x access control system. When 802.1x is used, all devices connecting to the LAN are required to use 802.1x. MAC Authentication Bypass is permitted by the Enterprise Voice, Video, and Messaging Requirements Guide when the endpoint does not support 802.1x or required by mission continuity of operation requirements.

STIG	Date
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide	2024-03-06

Details

Check Text ( C-63675r948799_chk )
Verify the Enterprise Voice, Video, and Messaging Endpoint is configured to integrate into the implemented 802.1x network access control system. If the Enterprise Voice, Video, and Messaging Endpoint does not integrate into the implemented 802.1x network access control system, this is a finding.

Fix Text (F-63582r948800_fix)
Configure the Enterprise Voice, Video, and Messaging Endpoint to integrate into the implemented 802.1x network access control system.