UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The hardware Voice Video Endpoint must use Media Access Control Security (MACsec) to protect the confidentiality and integrity of transmitted information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-66697 SRG-NET-000371-VVEP-00008 SV-81187r2_rule Medium
Description
Media Access Control Security is an industry-standard security technology that provides secure communication for all traffic on Ethernet links. MACsec provides point-to-point security on Ethernet links between directly connected nodes and is capable of identifying and preventing most security threats, including denial of service, intrusion, man-in-the-middle, masquerading, passive wiretapping, and playback attacks. MACsec is standardized in IEEE 802.1AE. MACsec can be used in combination with other security protocols such as IP Security (IPsec) and Secure Sockets Layer (SSL) to provide end-to-end network security. Without protection of the transmitted information, confidentiality and integrity may be compromised as unprotected communications can be intercepted and either read or altered. MACsec protects hardware endpoints during registration, authentication, and media streaming that often involve unsecured protocols, ensuring data integrity and confidentiality is maintained.
STIG Date
Voice Video Endpoint Security Requirements Guide 2016-06-24

Details

Check Text ( C-67323r1_chk )
If the Voice Video Endpoint is not a hardware endpoint, this check procedure is Not Applicable.

Verify the hardware Voice Video Endpoint uses MACsec to protect the confidentiality and integrity of transmitted information.

If the hardware Voice Video Endpoint does not implement MACsec to protect the confidentiality and integrity of transmitted information, this is a finding.
Fix Text (F-72773r1_fix)
Configure the hardware Voice Video Endpoint to implement MACsec to protect the confidentiality and integrity of transmitted information.