The A/B, A/B/C, or A/B/C/D switch used for network switching in IP-based VTC systems implementing a single CODEC that supports conferences on multiple networks with different classification levels must be TEMPEST certified.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-259899 | SRG-VOIP-000190 | SRG-VOIP-000190 | SV-259899r948743_rule | 2024-03-12 | 1 |
| Description |
|---|
| Committee on National Security Systems Advisory Memorandum (CNSSAM) TEMPEST/01-13, RED/BLACK Installation Guidance, provides criteria for the installation of electronic equipment, cabling, and facility support for the processing of secure information. National policy requires that systems and facilities processing NSI must be reviewed by a Certified TEMPEST Technical Authority (CTTA) to achieve TEMPEST security. The RED/BLACK guidance contained in TEMPEST/01-13 will be considered by the CTTA along with other measures (e.g., TEMPEST Zoning, TEMPEST-suppressed equipment and shielding) to determine the most cost-effective countermeasures to achieve TEMPEST security. Only those RED/BLACK criteria specifically identified by the CTTA will be implemented. |
| ℹ️ Check |
|---|
| Review the documentation to determine if the A/B, A/B/C, or A/B/C/D switch is TEMPEST certified. Review TEMPEST certification documentation provided by a CTTA or the vendor to determine if the switch is TEMPEST certified. If the A/B, A/B/C, or A/B/C/D switch is not on the list, or satisfactory documentation is not provided, this is a finding. |
| ✔️ Fix |
|---|
| Obtain and install a TEMPEST-certified A/B, A/B/C, or A/B/C/D switch. |