UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Local commercial phone service must be provided in support of continuity of operations (COOP) and Fire and Emergency Services (FES) communications.


Overview

Finding ID Version Rule ID IA Controls Severity
V-259914 SRG-VOIP-000340 SV-259914r948760_rule Medium
Description
Voice phone services are critical to the effective operation of the DOD mission. Phone service must be available an emergency, such as a security breach or life safety event. The ability to place calls to emergency services must be maintained. While the DOD voice networks are designed to be extremely reliable to support COOP, a site could be cut off from the DOD network. Therefore, each physical site must maintain local commercial phone service. While this works to maintain local emergency service availability for security and life safety emergencies, it also provides the capability to make calls between DOD sites using the commercial network. An additional, non-IA benefit is that this supports the ability to make local calls without having to pay toll charges to call a local number via some distant regional access point. Local phone service can be delivered in a number of ways, all of which meet this requirement, while some of them must meet additional requirements to secure them. Delivery options are as follows: - PRI or CAS TDM trunks. - Analog phone lines. The following are some examples: - A large site may use PRI, CAS, or POTS analog trunks connected to the site's PBX. - A small site or office attached to a large site. - May have a PBX and be served similar to a large site. - May be served by several analog phone lines terminated on Voice Video Endpoints.
STIG Date
Enterprise Voice, Video, and Messaging Policy Security Requirements Guide 2024-03-12

Details

Check Text ( C-63645r946661_chk )
If the system does not support a minimum of 96 instruments, this is not applicable.

If the site is in a tactical war zone where "friendly" service is not available, this is not applicable.

Interview the ISSO to verify the site has local analog or TDM commercial phone service provided to support COOP and FES calls. The most common methods to implement TDM or VVoIP systems are as follows:
- Connect local commercial service to the site's local phone system/switch (TDM or VVoIP) and program access to the local service from all Voice Video Endpoints.
- Connect local commercial service to dedicated Voice Video Endpoints (separate from the site's local phone system) throughout the facility and accessible in all work areas. These dedicated Voice Video Endpoints may be standalone or part of a dedicated a key system, PBX, or VVoIP network separate from the site's local VVoIP or TDM phone system.
- Sites may use mobile devices for COOP and FES calls in support of nonsensitive unclassified areas.

NOTE: The IA premise of this requirement is "availability" and COOP. The purpose of this requirement is to provide local commercial service if the site is cut off from DISN service or the main site to which the local site is subtended and tethered.

If the site does not have local analog or TDM commercial phone service provided to support COOP and FES calls, this is a finding.

If the local commercial service is VoIP or VVoIP, this is a finding.
Fix Text (F-63552r946662_fix)
Implement local commercial phone service (analog or TDM) according to the size of the site and the following:

Ensure local analog or TDM commercial phone service supports COOP and FES calls. This applies to TDM or VVoIP systems conditionally as follows:
- Connect local commercial service to the site's local phone system/switch (TDM or VVoIP) and program access to the local service from all Voice Video Endpoints.
- Connect local commercial service to dedicated Voice Video Endpoints (separate from the site's local phone system) throughout the facility and accessible in all work areas. These dedicated Voice Video Endpoints may be standalone or part of a dedicated a key system, PBX, or VVoIP network separate from the site's local VVoIP or TDM phone system.
- Sites may use mobile devices for COOP and FES calls in support of nonsensitive unclassified areas.