LAN NEs supporting VV0IP services are NOT interconnected with redundant uplinks following physically diverse paths to physically diverse NEs in the layer above OR each uplink can NOT support the full bandwidth handled by the NE AND/OR the appropriate routing protocol is NOT configured to affect the failover from one uplink to the other in the event of the failure of one.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-21518	VVoIP 5116 (LAN)	SV-23730r1_rule	DCBP-1	Medium

Description
Policy sets the minimum requirements for the availability and reliability of VVoIP systems and the supporting LAN with emphasis on C2 communications. The high availability and reliability required for spedial-C2 and C2 users is achieved in part by interconnecting LAN network elements with redundant uplinks via geographically diverse paths. For further detail, see VVoIP 5115 (LAN)

STIG	Date
Voice/Video over Internet Protocol STIG	2015-01-05

Details

Check Text ( C-25772r1_chk )
Interview the IAO to validate compliance with the following requirement: Ensure all LAN NEs supporting VVUC services are interconnected with redundant uplinks following physically diverse paths to physically diverse NEs in the layer above. Additionally ensure that each uplink can support the full bandwidth handled by the NE and the appropriate routing protocol is configured to affect the failover from one uplink to the other in the event of the failure of one. NOTE: This applies to access layer NEs connected to distribution layer NEs and distribution NEs connected to core layer NEs. Determine if the LAN directly supports Special-C2 users and C2 users. Determine which parts of the LAN support Special-C2 users, which parts support C2 users, and which parts support only C2R and Non-C2/admin users. Use this information when performing the next steps.

Check Text ( C-25772r1_chk )

Interview the IAO to validate compliance with the following requirement:

Ensure all LAN NEs supporting VVUC services are interconnected with redundant uplinks following physically diverse paths to physically diverse NEs in the layer above. Additionally ensure that each uplink can support the full bandwidth handled by the NE and the appropriate routing protocol is configured to affect the failover from one uplink to the other in the event of the failure of one.

NOTE: This applies to access layer NEs connected to distribution layer NEs and distribution NEs connected to core layer NEs.

Determine if the LAN directly supports Special-C2 users and C2 users. Determine which parts of the LAN support Special-C2 users, which parts support C2 users, and which parts support only C2R and Non-C2/admin users. Use this information when performing the next steps.

Fix Text (F-22310r1_fix)
Ensure all LAN NEs supporting VVUC services are interconnected with redundant uplinks following physically diverse paths to physically diverse NEs in the layer above. Additionally ensure that each uplink can support the full bandwidth handled by the NE and the appropriate routing protocol is configured to affect the failover from one uplink to the other in the event of the failure of one. NOTE: This applies to access layer NEs connected to distribution layer NEs and distribution NEs connected to core layer NEs. Run cable, upgrade, or reroute as necessary.

Fix Text (F-22310r1_fix)

Ensure all LAN NEs supporting VVUC services are interconnected with redundant uplinks following physically diverse paths to physically diverse NEs in the layer above. Additionally ensure that each uplink can support the full bandwidth handled by the NE and the appropriate routing protocol is configured to affect the failover from one uplink to the other in the event of the failure of one.
NOTE: This applies to access layer NEs connected to distribution layer NEs and distribution NEs connected to core layer NEs.

Run cable, upgrade, or reroute as necessary.