UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Fire and Emergency Services (FES) communications over a sites private Multi-Line Telephone Systems (MLTS) must provide a direct callback telephone number and physical location of an FES caller to the emergency services answering point or call center through a transfer of Automatic Number Identification (ANI) and extended Automatic Location Identification (ALI) information or access to an extended ALI database.


Overview

Finding ID Version Rule ID IA Controls Severity
V-21510 VVT 2015 (GENERAL) SV-23719r2_rule DCBP-1 Medium
Description
Under FCC rules and the laws of some states, the implementation of Enhanced F&ES telecommunications services requires that the emergency services answering point or call center must be automatically provided with enough location information so that emergency services personnel can locate the calling party within a specified radius at their exact location in the event they are unable provide their location themselves. This is a two-part process that is exacerbated if the call originates from a Multi-Line Telephone System (MLTS). Some of the FCC rules and state laws address the MLTS issue. For enterprise systems, the support for E911 by the enterprise LSC (or any remote LSC construct) is governed by FCC rules, as well as other federal, state, and local law. The design and implementation of all MLTS systems must include reasonable efforts to provide E911, even when the access connection to the Enterprise LSC is severed. Public enhanced F&ES systems are implemented in conjunction with the local exchange carrier (LEC) using their central office switch (CO). When the designated F&ES number is dialed, the CO routes the call to the public F&ES answering point (PSAP) over special trunks that can provide the PSAP with the telephone number from which the emergency call originated and the geographic location of the originating telephone. The originating telephone number is provided as Automatic Number Identification (ANI) information. The geographic location of the originating telephone is provided as Automatic Location Identification (ALI) information. The ALI is generated from the ANI by looking up the ANI in a database. Typically this function is performed by the LEC and the ALI provided is the service delivery address for the telephone number. In some cases the ALI information is housed in a database at the PSAP or a at a third party provider such that the PSAP must make the “database dip” to identify the location of the caller. The information is regularly updated by the LEC based on new service deliveries and disconnections. This process does not go far enough if the originating telephone is behind (part of) a MLTS. An MLTS may serve a large building or may serve multiple buildings in a campus setting. It may also serve small or large remote sites that are geographically distant from the main MLTS switch. As discussed above, the normal process provides the address where the LEC delivers its phone service for the calling number. While this address will serve to get emergency services personnel to the lobby of a building or the front gate of a campus, it will not provide the exact location of the caller. This is where the federal and state MLTS related requirements come in. Under these rules, a MLTS operator and the system itself must provide complete ANI and ALI information to the answering point such that emergency services personnel can easily locate the caller. As such the MLTS must provide the exact location of the originating telephone minimally within a reasonably small area of it. The location information provided for telephones behind a MLTS is called Phone Switch-ALI (PS-ALI). To implement this, the MLTS must first be able to provide the F&ES answering station with the telephone number from which the emergency call originated via ANI. If the answering point is outside the MLTS, the number provided must be the exact Direct Inward Dialing (DID) number of the telephone placing the call so that the answering point can dial it directly. The number provided must not be that of an outbound trunk. Secondly, this phone number must be correlated to its physical address or location within the facility via PS-ALI. To implement PS-ALI, the owner/operator of a MLTS is responsible for maintaining an up-to-date database containing the telephone number (DID number and/or extension number) and physical location of each telephone attached to the MLTS. This database is then used to provide the PS-ALI information to the ALI database(s) accessed by the F&ES answering point. In association with each telephone and telephone number in the MLTS, the PS-ALI information contained in the database includes the following: - The address of the site containing the MLTS unless provided to the answering point by the LEC as part of its ANI/ALI information. - The name (or number) of the building in which the telephone is located. - The address of the building in which the telephone is located. - The floor in the building on which the telephone is located. - The area or quadrant of the floor where the telephone is located. - The room or cube number where the telephone is located. Additional information should be provided to the F&ES answering point and emergency services personnel in the form of up-to-date facility maps and floor plans. The maintenance of facility maps, floor plans, and PS-ALI information to keep them up-to-date is critical to life safety and facility protection and security. This can be an onerous process in light of changes in the facility and moves, adds, and changes within the MLTS. Maintaining accurate location information is exacerbated in a VoIP MLTS due to the ability of an IP phone to change its physical location within the LAN (and possibly beyond) while keeping its telephone number without specific intervention from, or knowledge of the MLTS operator. As such the PS_ALI database can quickly become inaccurate. A situation that could be life threatening. Automated systems can be used with a VoIP system and LAN to identify the general location of an IP phone within the facility based on the LAN switch and port to which the phone is connected. Once this information is obtained from the LAN, it is correlated with the documented location of the LAN switch and documented location of the outlet served by the switchport.
STIG Date
Voice/Video over Internet Protocol STIG 2015-01-05

Details

Check Text ( C-25750r2_chk )
Interview the IAO to validate compliance with the following requirement:
Inspect the telephone system configuration or external database to determine compliance with the requirement. Verify the local DoD Multi-Line Telecommunications System (MLTS), VoIP or traditional, is configured to provide the originating telephone number and the physical location of an F&ES caller to the emergency services answering point through a transfer of Automatic Number Identification (ANI) and Phone Switch Automatic Location Identification (PS-ALI) information or the emergency services answering point is provided automated access to the required PS-ALI database. If the location of an F&ES caller is not is not provided to, or is not accessible by, the emergency services answering point or call center, this is a finding.

NOTE: These requirements also apply to key telephone systems and installations where a single number has multiple appearances (appears on multiple telephones) such that individual instruments in the system can be identified.
Fix Text (F-22299r2_fix)
Configure the local DoD Multi-Line Telecommunications System (MLTS), VoIP or traditional, to provide the originating telephone number and the physical location of an F&ES caller to the emergency services answering point through a transfer of Automatic Number Identification (ANI) and Phone Switch Automatic Location Identification (PS-ALI) information or the emergency services answering point is provided automated access to the required PS-ALI database.