The Enterprise Voice, Video, and Messaging Endpoint must be configured to use FIPS-compliant algorithms for network traffic.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
high	V-259973	SRG-NET-000371	SRG-NET-000371-VVEP-00037	SV-259973r948886_rule	2024-08-02	1

Description
Without protection of the transmitted information, confidentiality and integrity may be compromised as unprotected communications can be intercepted and either read or altered. TLS can be used to secure SIP and SCCP signaling by configuring the session manager in a secure mode. DOD-to-DOD voice communications are generally considered to contain sensitive information and therefore DOD voice and data traffic crossing the unclassified DISN must be encrypted. Cryptographic mechanisms such as Media Access Control Security (MACsec) implemented to protect information include cryptographic hash functions that have common application in digital signatures, checksums, and message authentication codes.

Description

Without protection of the transmitted information, confidentiality and integrity may be compromised as unprotected communications can be intercepted and either read or altered. TLS can be used to secure SIP and SCCP signaling by configuring the session manager in a secure mode. DOD-to-DOD voice communications are generally considered to contain sensitive information and therefore DOD voice and data traffic crossing the unclassified DISN must be encrypted. Cryptographic mechanisms such as Media Access Control Security (MACsec) implemented to protect information include cryptographic hash functions that have common application in digital signatures, checksums, and message authentication codes.

ℹ️ Check
Verify the Enterprise Voice, Video, and Messaging Endpoint uses encryption for network traffic. If the Enterprise Voice, Video, and Messaging Endpoint does not use encryption for network traffic, this is a finding.

✔️ Fix
Configure the Enterprise Voice, Video, and Messaging Endpoint to use encryption for network traffic.