The Voice Video Session Manager must use a voice or video VLAN, separate from the default VLAN, the management VLAN, and the data VLAN.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-62151	SRG-NET-000520-VVSM-00025	SV-76641r1_rule		Medium

Description
If the network element does not dynamically reconfigure the data security attributes as data is created and combined, there is the possibility that the security attributes will not correctly reflect the data with which they are associated. For the voice video session manager, the use of 802.1q tags on media and signaling, and the use of VLANs provides this layer of security. VLANs facilitate access and traffic control for voice video system components and enhanced QoS. The voice video core equipment must use separate VLANs from other data types to maintain separation.

Description

If the network element does not dynamically reconfigure the data security attributes as data is created and combined, there is the possibility that the security attributes will not correctly reflect the data with which they are associated. For the voice video session manager, the use of 802.1q tags on media and signaling, and the use of VLANs provides this layer of security. VLANs facilitate access and traffic control for voice video system components and enhanced QoS. The voice video core equipment must use separate VLANs from other data types to maintain separation.

STIG	Date
Voice Video Session Management Security Requirements Guide	2016-06-28

Details

Check Text ( C-62955r1_chk )
Verify the Voice Video Session Manager uses a voice or video VLAN separate from the default VLAN, the management VLAN, and the data VLAN. If the Voice Video Session Manager uses a voice or video VLAN that is not separate from the default VLAN, the management VLAN, and the data VLAN, this is a finding.

Fix Text (F-68071r1_fix)
Configure the Voice Video Session Manager to use a voice or video VLAN, separate from the default VLAN, the management VLAN, and the data VLAN.