Session Initiation Protocol (SIP) security mode must be configured.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-40777	DTOO421	SV-52835r1_rule		Medium

Description
Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat, using the Session Initiation Protocol (SIP). SIP is widely used for controlling multimedia communication sessions, such as voice and video calls over Internet Protocol (IP) networks. By using TLS it would render a sniff/man in the middle attack very difficult to impossible to achieve within the time period in which a given conversation could be attacked. TLS authenticates all parties and encrypts all traffic. This does not prevent listening over the wire, but the attacker cannot read the traffic unless the encryption is broken.

Description

Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat, using the Session Initiation Protocol (SIP). SIP is widely used for controlling multimedia communication sessions, such as voice and video calls over Internet Protocol (IP) networks. By using TLS it would render a sniff/man in the middle attack very difficult to impossible to achieve within the time period in which a given conversation could be attacked. TLS authenticates all parties and encrypts all traffic. This does not prevent listening over the wire, but the attacker cannot read the traffic unless the encryption is broken.

STIG	Date
Microsoft Lync 2013 STIG	2018-04-04

Details

Check Text ( C-47152r1_chk )
Verify the policy value for Computer Configuration -> Administrative Templates -> Microsoft Lync 2013 -> Microsoft Lync Feature Policies "Configure SIP security mode" is set to "Enabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\office\15.0\lync Criteria: If the value enablesiphighsecuritymode is REG_DWORD = 1, this is not a finding.

Check Text ( C-47152r1_chk )

Verify the policy value for Computer Configuration -> Administrative Templates -> Microsoft Lync 2013 -> Microsoft Lync Feature Policies "Configure SIP security mode" is set to "Enabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKLM\Software\Policies\Microsoft\office\15.0\lync

Criteria: If the value enablesiphighsecuritymode is REG_DWORD = 1, this is not a finding.

Fix Text (F-45761r1_fix)
Set the policy value for Computer Configuration -> Administrative Templates -> Microsoft Lync 2013 -> Microsoft Lync Feature Policies "Configure SIP security mode" to "Enabled".