UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The hardware Voice Video Endpoint must use a voice video VLAN, separate from the default VLAN, the management VLAN, and the data VLAN.


Overview

Finding ID Version Rule ID IA Controls Severity
V-66703 SRG-NET-000520-VVEP-00011 SV-81193r1_rule Medium
Description
VLANs limit the ability for endpoint devices to hear anything on other VLANs. On an enterprise network, VLANs are used to collocate common data types. A VLAN will logically separate and isolate certain traffic from other traffic on the network, whether data, voice, or other. For this reason, VLANs are ideal for separating voice video management, control, and media traffic on an existing data network. VLANs for voice video traffic are part of a defense-in-depth strategy.
STIG Date
Voice Video Endpoint Security Requirements Guide 2017-01-04

Details

Check Text ( C-67329r1_chk )
If the Voice Video Endpoint is not a hardware endpoint, this check procedure is Not Applicable.

Verify the hardware Voice Video Endpoint implements a voice video VLAN separate from the default VLAN, the management VLAN, and the data VLAN. For networks with both VoIP and videoconferencing, best practice is to have a separate voice VLAN and video VLAN.

If the hardware Voice Video Endpoint does not implement a voice video VLAN separate from the default VLAN, the management VLAN, and the data VLAN, this is a finding.
Fix Text (F-72779r1_fix)
Configure the hardware Voice Video Endpoint to use a voice video VLAN separate from the default VLAN, the management VLAN, and the data VLAN.