UCF STIG Viewer Logo

The Voice Video Endpoint must limit the number of concurrent sessions to two (2) users.


Overview

Finding ID Version Rule ID IA Controls Severity
V-206751 SRG-NET-000053-VVEP-00009 SV-206751r604140_rule Medium
Description
Voice video endpoint management includes the ability to control the number of user sessions and limiting the number of allowed user sessions helps limit risk related to DoS attacks. Voice video endpoint sessions occur peer-to-peer for media streams and client-server with session managers. For those endpoints that conference together multiple streams, the limit may be increased according to policy but a limit must still exist.
STIG Date
Voice Video Endpoint Security Requirements Guide 2020-12-04

Details

Check Text ( C-7007r363776_chk )
Verify the Voice Video Endpoint limits the number of concurrent sessions to two users. Local policy may justify and increase the limit on concurrent user sessions to a number higher than two.

If the Voice Video Endpoint does not limit the number of concurrent sessions to two users, or the limit set by local policy, this is a finding.
Fix Text (F-7007r363777_fix)
Configure the Voice Video Endpoint to limit the number of concurrent sessions to two users or the limit set by local policy.