>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

5.10.1.3Voice over IP

>Control Description

Voice over Internet Protocol (VoIP) has been embraced by organizations globally as an addition to, or replacement for, public switched telephone network (PSTN) and private branch exchange (PBX) telephone systems. The immediate benefits are lower costs than traditional telephone services and VoIP can be installed in-line with an organization’s existing Internet Protocol (IP) services. Among VoIP’s risks that have to be considered carefully are: myriad security concerns, cost issues associated with new networking hardware requirements, and overarching quality of service (QoS) factors. In addition to the security controls described in this document, the following additional controls shall be implemented when an agency deploys VoIP within a network that contains unencrypted CJI: 1. Establish usage restrictions and implementation guidance for VoIP technologies. 2. Change the default administrative password on the IP phones and VoIP switches. 3. Utilize Virtual Local Area Network (VLAN) technology to segment VoIP traffic from data traffic. Appendix G.2 outlines threats, vulnerabilities, mitigations, and NIST best practices for VoIP.

>Cross-Framework Mappings

SCF

END-07
Compare
MON-01.1
Compare
NET-08
Compare
NET-08.2
Compare

Ask AI

Configure your API key to use AI features.