Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19653 | VVoIP 5305 | SV-21794r2_rule | ECSC-1 | Medium |
Description |
---|
IEEE 802.1x is a protocol used to control access to LAN services via a network access switch port or wireless access point that requires a device or user to authenticate to the network element and become authorized by the authentication server before accessing the network. This standard is used to activate the network access switch port limiting traffic to a specific VLAN or install traffic filters. This method is more secure and capable than using basic MAC based port security. It is required to be used in certain circumstances by the Network Infrastructure STIG. When 802.1x is used, all devices connecting to the LAN are required to use 802.1x. |
STIG | Date |
---|---|
Voice/Video over Internet Protocol (VVoIP) STIG | 2015-12-29 |
Check Text ( C-24004r2_chk ) |
---|
Review site documentation to confirm the VVoIP and VTC endpoints integrate into the implemented 802.1x network access control system. When the network access control implementation uses 802.1x and the network access switch ports are configured as 802.1x authenticators, ensure the VVoIP and VTC endpoints integrate into the 802.1x access control system. If the VVoIP and VTC endpoints do not integrate into the implemented 802.1x network access control system, this is a finding. If 802.1x is used within the LAN but one or more VVoIP or VTC endpoints are not configured as 802.1x supplicants whether the endpoints support 802.1x or not, this is a finding. |
Fix Text (F-20357r2_fix) |
---|
Implement and document the VVoIP and VTC endpoints integrated into the implemented 802.1x network access control system. |