← Back to Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide

V-260024

CAT I (High)

The Enterprise Voice, Video, and Messaging Session Manager must be configured to offload session (call) records to a central log server.

Rule ID

SV-260024r949033_rule

STIG

Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide

Version

V1R2

CCIs

CCI-001851

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. This requirement only applies to components where this is specific to the function of the device (e.g., IDPS sensor logs, firewall logs). This does not apply to audit logs generated on behalf of the device itself (management).

Check Content

Verify the Enterprise Voice, Video, and Messaging Session Manager offloads session records to a central log server.

If the Enterprise Voice, Video, and Messaging Session Manager does not offload session records to a central log server, this is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Session Manager to offload session records to a central log server.