Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19593 | VVoIP 1225 (GENERAL) | SV-21734r1_rule | COEF-1 DCBP-1 ECSC-1 | Medium |
Description |
---|
Voice phone services are critical to the effective operation of a business, an office, or in support or control of a DoD mission. We rely on these services being available when they are needed. Additionally, it is critical that phone service is available in the event of an emergency situation such as a security breach or life safety event. The ability of maintaining the ability to place calls to emergency services must be maintained. While the DoD voice networks are designed to be extremely reliable, such that continuity of operations (COOP) is supported, there is the potential that a site will be cut off from the DoD network. Based on this fact, each physical site must maintain local commercial phone service in the event the site is cut off. While this works to maintain local emergency service availability for security and life safety emergencies, it also provides the capability to make calls between DoD sites using the commercial network. An additional, non IA benefit is that this supports the ability to make local calls without having to pay toll charges to call a local number via some distant regional access point. Local phone service can be delivered in a number of ways, all of which meet this requirement, while some of them must meet additional requirements to secure them. Delivery options are as follows: > PRI or CAS TDM trunks > Analog phone lines The type and amount of local phone service required can also depend upon the size of the site. The following are some examples: > A large site or main operating base (MOB) could use PRI or CAS TDM trunks connected to the site’s PBX. The larger the site the more trunks are used. > A small site or geographically separate unit (GSU) attached to a MOB. >> May have a PBX and be served similar to a large site. >> May be served by several analog phone lines terminated on discrete instruments or a key system. NOTE: The use of locally delivered commercial VoIP service is prohibited. |
STIG | Date |
---|---|
Voice/Video Services Policy STIG | 2014-04-07 |
Check Text ( C-23865r1_chk ) |
---|
Interview the IAO to confirm compliance with the following requirement: At each B/C/P/S, Ensure local analog or TDM commercial phone service is implemented in support of COOP for DoD calls and local emergency services. This applies to TDM or VVoIP systems conditionally as follows: • Via the sites local, on site, phone system/switch (TDM or VoIP) providing access to the local service from all work areas. • Via dedicated instruments (separate from the DoD site wide phone system) distributed throughout the facility and accessible within a short distance from every work area. NOTE: These dedicated instruments may be stand alone or may be part of a dedicated a key system, PBX, or VoIP network all of which are separate from the DoD VVoIP or TDM phone system. NOTE: The IA premise of this requirement is “availability” and COOP. The purpose of this requirement is to provide local commercial service in the event the site is cut off from the DSN or a main site to which the local site is subtended and tethered (e.g., a small site that has no local switch/LSC and relies on the main site’s switch/LSC for its calling capabilities. NOTE: This requirement supports calls to other DoD facilities in the event the DSN or DISN IP-VS connection is unavailable (i.e., some portion of the network is down preventing access) and is required in support of local emergency services calls. Determine if the site has local commercial phone service. This is a finding in the event the site has no local commercial phone service available. NOTE: This applies to all strategic BCPS, CONUS or OCONUS, large and small, main base (MOB), or tethered GSU, wherever “friendly” local phone service is available and there is a need to call commercial numbers that are local to the site. NOTE: This does not apply to tactical sites in a war zone where “friendly” local phone service is not available. It is recommended that local phone service be obtained if “friendly” service is available |
Fix Text (F-20291r1_fix) |
---|
Contract for and Install local commercial phone service commensurate with the size of the site and the following: Ensure local analog or TDM commercial phone service is implemented in support of COOP for DoD calls and local emergency services. This applies to TDM or VVoIP systems conditionally as follows: • Via the sites local, on site, phone system/switch (TDM or VoIP) providing access to the local service from all work areas. • Via dedicated instruments (separate from the DoD site wide phone system) distributed throughout the facility and accessible within a short distance from every work area. NOTE: These dedicated instruments may be stand alone or may be part of a dedicated a key system, PBX, or VoIP network all of which are separate from the DoD VVoIP or TDM phone system. |