← Back to Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide

V-259997

CAT II (Medium)

The Enterprise Voice, Video, and Messaging Session Manager must produce session (call) records containing timestamps (date and time) for all session connections.

Rule ID

SV-259997r948952_rule

STIG

Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide

Version

V1R2

CCIs

CCI-000131

Discussion

Without the capability to generate session records, it is difficult to establish, correlate, and investigate the events relating to an incident, or identify those responsible. Session records are generated from several components within the Voice Video system (e.g., session manager, session border control, gateway, gatekeeper, or endpoints). Session record content that may be necessary to satisfy this requirement includes, for example, type of connection, connection origination, time stamps, outcome, user identities, and user identifiers.

Check Content

Verify the Enterprise Voice, Video, and Messaging Session Manager produces session records containing when (date and time) the connection was established and terminated.

If the Enterprise Voice, Video, and Messaging Session Manager does not produce session records containing timestamps (date and time) for all session connections, this is a finding.

Fix Text

Configure the Enterprise Voice, Video, and Messaging Session Manager to produce session records containing when (date and time) the connection was established and terminated.