Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19443 | VVoIP 1215 (GENERAL) | SV-21494r1_rule | COEF-1 DCBP-1 ECSC-1 | Medium |
Description |
---|
Voice phone services are critical to the effective operation of a business, an office, or in support or control of a DoD mission. We rely on these services being available when they are needed. Additionally, it is critical that phone service is available in the event of an emergency situation such as a security breach or life safety event. The ability of maintaining the ability to place calls to emergency services must be maintained. While the DoD voice networks are designed to be extremely reliable, such that continuity of operations (COOP) is supported, there is the potential that a site will be cut off from the DoD network. Additionally, some site’s DoD VoIP phone systems are implemented without a local LSC. The LSC is located at some remote location and may serve several sites, both large and small. This scenario is sometimes called “long Local” service. Such an implementation can be used in regionalized organizational intranets and in MOBs with their tethered GSUs. This implementation scenario provides for central management of the overall phone system, saves in initial implementation cost, and saves in operating costs. As such this scenario has many benefits. Unfortunately, the reality of this implementation is that in order to place a call between two endpoints within the local site or to place a call via the local commercial service connection, the initiating end instrument has to send its signal messages to the remote LSC over the DISN WAN connection, then the LSC has to signal the called instrument or MG over the same WAN connection. Several messages are sent (back and forth) over the WAN connection before the two local endpoints can send their media streams directly between themselves. While the need to signal over the WAN connection can cause longer call setup time which can be extended if there is congestion in the network, no call can be placed anywhere from the local site if it is cut off from its LSC. Based on this fact, and in support of maintaining viable local voice services in the event the site is cut off from its remote LSC, each physical site must maintain minimal local call control as a backup so that local intra-site and local commercial network calls can be placed. While this works to maintain local emergency service availability for security and life safety emergencies, it also provides the capability to make calls between DoD sites using the commercial network. |
STIG | Date |
---|---|
Voice/Video Services Policy STIG | 2014-04-07 |
Check Text ( C-23709r1_chk ) |
---|
Interview the IAO to confirm compliance with the following requirement: In the event the site has a VVOIP phone system which is implemented so that the endpoints are controlled by a LSC at a remote site, (e.g., implemented as “long Local” service), AND, the site does not have a separate commercial phone system (dedicated PBX, key system or discrete instruments) available, ensure the site has a backup VoIP call control capability such that it can minimally make local internal and local commercial network calls in the event the site is cut off from the remote LSC. That is, ensure the site has a backup VoIP call control capability such that normal or semi normal phone service is maintained in the event the site is cut off from the remote LSC; or ensure the site has an alternate phone system or instruments through which local commercial calls can be made. This is a finding in the event of the following: The VVoIP phone system is controlled by a remote LSC. AND The site does not have a local backup call control agent to maintain functionality of the VVoIP phones for both intra-site calls and external commercial network calls. AND The site does not have an alternate phone system for making external commercial network calls. NOTE: In general, reliance on DoD provided or personal cell phones does not meet this requirement due to the fact that good signal strength is not universal and reliable particularly in buildings and cell phones are not permitted everywhere in DoD facilities. This might, however, be a viable solution in some instances. NOTE: The minimum capability for placement of line-side precedence calls is dependant upon the C2 requirements of the site in question and should be determined in conjunction with the local command authority. To satisfy this requirement, however, the minimum requirement is the maintenance of ROUTINE call placement capabilities. |
Fix Text (F-20187r1_fix) |
---|
Ensure the site has a backup VoIP call control capability such that normal or semi normal phone service is maintained in the event the site is cut off from the remote LSC or ensure the site has an alternate phone system or instruments through which local commercial calls can be made. NOTE: The minimum capability for placement of line-side precedence calls is dependant upon the C2 requirements of the site in question and should be determined in conjunction with the local command authority. To satisfy this requirement, however, the minimum requirement is the maintenance of ROUTINE call placement capabilities. |