Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-66699 | SRG-NET-000053-VVEP-00009 | SV-81189r1_rule | Medium |
Description |
---|
Voice video endpoint management includes the ability to control the number of user sessions and limiting the number of allowed user sessions helps limit risk related to DoS attacks. Voice video endpoint sessions occur peer-to-peer for media streams and client-server with session managers. For those endpoints that conference together multiple streams, the limit may be increased according to policy but a limit must still exist. |
STIG | Date |
---|---|
Voice Video Endpoint Security Requirements Guide | 2017-01-04 |
Check Text ( C-67325r1_chk ) |
---|
Verify the Voice Video Endpoint limits the number of concurrent sessions to two users. Local policy may justify and increase the limit on concurrent user sessions to a number higher than two. If the Voice Video Endpoint does not limit the number of concurrent sessions to two users, or the limit set by local policy, this is a finding. |
Fix Text (F-72775r1_fix) |
---|
Configure the Voice Video Endpoint to limit the number of concurrent sessions to two users or the limit set by local policy. |