The Voice Video Session Manager supporting Command and Control (C2) communications must validate the integrity of transmitted multilevel precedence and preemption (MLPP) attributes.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-62101	SRG-NET-000226-VVSM-00022	SV-76591r1_rule		Medium

Description
If MLPP attributes are not associated with the information being transmitted between components, then access control policies and information flows which depend on these MLPP attributes will not function and unauthorized access may result. When data is exchanged, the MLPP attributes associated with this data must be validated to ensure the data has not been changed. Without the implementation of safeguards which allocate network communication resources based on priority, network availability, and particularly high priority traffic, may be dropped or delayed. DoD relies on the implementation of MLPP to ensure that flag officers and senior staff are provided higher priority for communications than other users. For VoIP and videoconferencing systems, Voice Video Session Managers must communicate using protocols and services that provide expedited packets to users and other systems.

Description

If MLPP attributes are not associated with the information being transmitted between components, then access control policies and information flows which depend on these MLPP attributes will not function and unauthorized access may result. When data is exchanged, the MLPP attributes associated with this data must be validated to ensure the data has not been changed. Without the implementation of safeguards which allocate network communication resources based on priority, network availability, and particularly high priority traffic, may be dropped or delayed. DoD relies on the implementation of MLPP to ensure that flag officers and senior staff are provided higher priority for communications than other users. For VoIP and videoconferencing systems, Voice Video Session Managers must communicate using protocols and services that provide expedited packets to users and other systems.

STIG	Date
Voice Video Session Management Security Requirements Guide	2017-12-28

Details

Check Text ( C-62905r1_chk )
Verify the Voice Video Session Manager supporting C2 communications validates the integrity of transmitted MLPP attributes. If the Voice Video Session Manager supporting C2 communications does not validate the integrity of transmitted MLPP attributes, this is a finding.

Fix Text (F-68021r1_fix)
Configure the Voice Video Session Manager supporting C2 communications to validate the integrity of transmitted MLPP attributes.