Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-16094 | VVoIP 1920 (GENERAL) | SV-17082r1_rule | Medium |
Description |
---|
This and several other requirements discuss the implementation of PC soft-phones or UC applications as the primary and only communications device in the user’s workspace. While this degrades the protections afforded a hardware based system, the trend is to use more and more PC based communications applications due to their advanced features, collaborative benefits, and perceived reduced cost. This soft-phone use case results in the elimination of hardware based telephones on user’s desks in the workplace. This can be seen as, or result in, trading down (from a hardware based system) with regard to availability, reliability, and quality of service since the data network is generally more susceptible to compromise from many sources inside and outside the local LAN making the soft-phones more exposed to attack. This also means that there will be no telephone available in the workspace if the PC is not powered on, or the application is not loaded, or the PC is not fully functional. While this is undesirable from an IA standpoint, a business case can be developed to support it. NOTE: The recommended relationship between PC soft-phone/UC applications and hardware based endpoints in the normal work area is that the PC application should augment the functionality of, or be a backup to, the hardware based instrument in the user’s workspace. The implementation of PC soft-phones or UC applications in the user work space as their only endpoint has several ramifications that must be considered. The following is a list of some of these: • The PC becomes a single point of failure for communications services provided to a user in their workspace. A widespread problem, which affects many PCs or the network infrastructure, may disable all communications for many users at one time. Users may not even have a means to report the failure without using an alternate communications system. A fast spreading worm or power outage could create such a situation. While some may argue that “users can call on their cell phones”, service may not be available or their use may not be permitted in the facility. This translates into the following: - The loss of functionality and efficiency as in lost time due to the inability to communicate when the PC or soft-phone application is not running or functioning properly. • The protections afforded hardware based endpoints by the use of the voice protection zone such as VoIP VLAN(s), and others are missing for soft-phones in a widespread use/implementation scenario and, depending on the implementation on the PC, may degrade the protections afforded hardware based endpoints. Such is the case for all software based communications endpoints since they are typically implemented on all PCs and therefore will be connected to the data VLANs. Assured service for voice traffic will be degraded from that obtained with hardware based instruments connected in the voice protection zone. This translates into the following additional IA measures required to protect the VoIP infrastructure (e.g., a firewall between the VoIP and data VLANs). • The hardware based endpoint is not available for use in parallel with, or in place of, the PC. This can be a problem if the PC is having performance or operational issues, is turned off, or is unavailable. Accessing help desk services requiring logging onto the PC to use the voice services and work on a problem could be a real challenge. Rebooting the PC to clear a problem would disconnect the call to the helpdesk. Accessing voice mail or answering the phone while the PC is booting is made impossible reducing efficiency, particularly when the user starts their day. If the user has C2 responsibilities, the IP equivalent of MLPP cannot function properly if application or PC is unavailable. Precedence calls will not be received by the user but will be transferred to their designated alternate answering point. • Emergency communications could be unavailable if the PC is not booted, the communications application is not running, or either is otherwise compromised. Voice communications must be readily available for life safety and medical reasons, as well as other facility security emergencies. A partial mitigation for this in a “soft-phone world” is to place common use hardware telephones within a short distance (e.g., 30 to 50 feet) of every workspace which is an additional cost. This additional distance however, could be an issue in a medical emergency where a worker might be alone in their workspace and their PC or voice communications application not functioning properly, they may not be able to reach the common use instrument depending upon the nature of the medical emergency. If the worker was suffering a heart attack or diabetic emergency, they could die. Business cases therefore need to include the cost of insurance and/or law suites for this eventuality. • The previous 2 items translate into the following: - The addition of common use hardware based instruments placed around the facility (for backup and emergency usage) along with the additionally required LAN cabling and access switch ports. While some may feel that this is not an IA issue, in reality it is since the discussion is truly about availability, which is one of the prime tenets of IA. Additionally, the VoIP controllers (i.e., the equipment that controls the telephone system) must be able to be accessed by the PC soft-phones while being protected as they would be in a normal VoIP system using hardware based instruments. NOTE: Methods for permitting the necessary PC traffic to, from, and between the voice and data zones while protecting the voice zone will be discussed later in this document. |
STIG | Date |
---|---|
Voice Video Services Policy Security Technical Implementation Guide | 2019-01-09 |
Check Text ( C-17138r1_chk ) |
---|
Interview the IAO to validate compliance with the following requirement: In the event PC soft-phones and/or UC applications are implemented as the primary telephone endpoint in the user’s workspace, the IAO will ensure hardware based telephone instruments, are installed within a short distance (e.g., 30 to 50 feet) of every workspace to be used for backup and emergency communications. Determine if PC soft-phones and/or UC applications are implemented as the primary telephone endpoint in user’s workspaces. If so, inspect users work areas to determine if hardware based telephone instruments, are installed within a short distance (e.g., 30 to 50 feet) of every workspace to be used for backup and emergency communications. Cell phones, PDA/PEDs, or other wireless devices are not considered reliable enough to meet this requirement due to lack of reliable signal available everywhere and their inability to be used in certain DoD environments. This is a finding if these conditions are not met. NOTE: This requirement is satisfied by the implementation of hardwired hardware based telephone instruments using any telephony technology. That is, traditional analog, or digital instruments may be used or VoIP based instruments may be used. Such instruments may be part of the local site’s PBX or VoIP system, or may be served from the Local Exchange Carrier (LEC) or Competitive LEC (CLEC). Of additional concern when implementing backup/COOP or emergency telephones is power. Such phones should be remotely powered from a source that can provide backup power. Additionally, the dialing capabilities of backup/COOP or emergency may be limited to internal and/or emergency calls. This means that minimally, emergency services numbers must be reachable from these phones. PART2 manual Minimally select a random sample if not all of the implemented hard-phones and test them to ensure they are functional. This is a finding if non functional phones are found. |
Fix Text (F-16199r1_fix) |
---|
In the event PC soft-phones and/or UC applications are implemented as the primary telephone endpoint in the user’s workspace, the IAO will ensure hardware based telephone instruments, are installed within a short distance (e.g., 30 to 50 feet) of every workspace to be used for backup and emergency communications. NOTE: This requirement is satisfied by the implementation of hardwired hardware based telephone instruments using any telephony technology. That is, traditional analog, or digital instruments may be used or VoIP based instruments may be used. Such instruments may be part of the local site’s PBX or VoIP system, or may be served from the Local Exchange Carrier (LEC) or Competitive LEC (CLEC). Of additional concern when implementing backup/COOP or emergency telephones is power. Such phones should be remotely powered from a source that can provide backup power. Additionally, the dialing capabilities of backup/COOP or emergency may be limited to internal and/or emergency calls. This means that minimally, emergency services numbers must be reachable from these phones. |