The Enterprise Voice, Video, and Messaging Endpoint must be configured to produce session (call detail) records containing the identity of all users.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-259960 | SRG-NET-000079-VVEP-00026 | SV-259960r948847_rule | CCI-001487 | medium |
| Description | ||||
| Without information that establishes the identity of the subjects (i.e., users or processes acting on behalf of users) associated with the events, security personnel cannot determine responsibility for the potentially harmful event. Audit records are commonly produced by session management and border elements. Many Enterprise Voice, Video, and Messaging Endpoints are not capable of providing audit records and instead rely on session management and border elements. Enterprise Voice, Video, and Messaging Endpoints capable of producing audit records provide supplemental confirmation of monitored events. Enterprise Voice, Video, and Messaging Endpoints that communicate beyond these defined environments must generate audit records. | ||||
| STIG | Date | |||
| Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide | 2024-08-02 | |||
Details
Check Text (C-259960r948847_chk)
Verify the Enterprise Voice, Video, and Messaging Endpoint produces session records containing the identity of all users on the call.
If the Enterprise Voice, Video, and Messaging Endpoint does not produce session records containing the identity of all users on the call, this is a finding.
Fix Text (F-63598r948846_fix)
Configure the Enterprise Voice, Video, and Messaging Endpoint to produce session records containing the identity of all users on the call.