STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:SV-23735r1_rule
V-21523
Deficient design: VVoIP system re: NTP
VVoIP 5250 (LAN)
CAT II
10
Implement NTP usage in the VVoIP system in accordance with the Network Infrastructure STIG policy and requirements.
Ensure the VVoIP system’s time is synchronized with or receives its time from the two internal LAN NTP servers that are configured within the LAN management VLAN in accordance with the Network Infrastructure STIG. Further ensure the VVoIP endpoints receive their time from the VVoIP system controller.
NOTE: Implementing NTP within the VVoIP system will require the system/call controller to be configured to receive authenticated NTP messages from the two NTP server IP addresses via its management interface. This will require that permissions be granted between the VVoIP management VLAN and the LAN management VLAN such that NTP requests and responses can flow between the VVoIP system controller and the two NTP servers in the LAN management VLAN. If the VVoIP endpoints time is synchronized via NTP, the VVoIP controller will have to serve as their NTP server since the endpoints do not have access to the VVoIP or LAN management VLANs and should not be permitted such access.
Inspect the configuration of the VVoIP system controller and its endpoints to validate that the endpoints’ time is synchronized from the VVoIP controller and not from an independent source.
V-21523
False
VVoIP 5250 (LAN)
Inspect the configuration of the VVoIP system controller and its endpoints to validate that the endpoints’ time is synchronized from the VVoIP controller and not from an independent source.
M
Information Assurance Officer
594