) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Instant Messaging Checklist Version 1, Release 2.5 Checklist Details (Checklist Revisions)
Supporting Resources:
-
Download Prose - Instant Messaging Checklist
- Defense Information Systems Agency
Target:
| Target | CPE Name |
|---|---|
| Ezenia InfoWorkSpace 2.5.1.3 | cpe:/a:ezenia:infoworkspace:2.5.1.3 (View CVEs) |
| IBM Lotus SameTime 8.5.1 | cpe:/a:ibm:lotus_sametime:8.5.1 (View CVEs) |
| Ipswitch Instant Messaging 2.02 | cpe:/a:ipswitch:instant_messaging:2.02 (View CVEs) |
| Jabber XCP 5.0 | cpe:/a:jabber:jabber_xcp:5.0 (View CVEs) |
| Liquid Communication Systems, LLC Effusia Business Messenger 4.3 | cpe:/a:liquidcs:effusia_business_messenger:4.3 (View CVEs) |
| Liquid Communication Systems, LLC Effusia Business Messenger Server 4.0 | cpe:/a:liquidcs:effusia_business_messenger_server:4.0 (View CVEs) |
| Microsoft Live Communications Server 2005 | cpe:/a:microsoft:live_communications_server:2005 (View CVEs) |
| Microsoft Office Communications Server | cpe:/a:microsoft:office_communications_server (View CVEs) |
| Sigaba Secure Instant Messaging 1.2 | cpe:/a:sigaba:secure_instant_messaging:1.2 (View CVEs) |
| WiredRed e/Pop Instant Messaging 4.5 | cpe:/a:wiredred:e%2fpop:4.5 (View CVEs) |
Checklist Highlights
- Checklist Name:
- Instant Messaging Checklist
- Checklist ID:
- 360
- Version:
- Version 1, Release 2.5
- Type:
- Compliance
- Review Status:
- Archived
- Authority:
- Governmental Authority: Defense Information Systems Agency
- Original Publication Date:
- 04/15/2009
Checklist Summary:
There are many instant messaging platforms and protocols available. The instant messaging checklist should be used for enterprise instant messaging systems. These requirements do not apply to Managed Enterprise Services. Some of the more popular enterprise instant messaging systems include the following: - IBM Lotus Instant Messaging - Jabber XCP - Infoworkspace - Microsoft Live Communications Server - Ipswitch Instant Messaging - WiredRed e/Pop - Effusia Business Messenger - Sigaba Secure IM - Sun One Instant Messaging If it cannot be determined the instant messaging system is an enterprise instant messaging system, then research the product on the Internet or vendor's website. If it still cannot be determined, call the vendor and ask them directly. NOTE: Video teleconferencing is covered in the Video Tele-Conferencing STIG.
Checklist Role:
- Business Productivity Application
Known Issues:
Not provided.
Target Audience:
Not provided.
Target Operational Environment:
- Managed
- Specialized Security-Limited Functionality (SSLF)
Testing Information:
Not provided.
Regulatory Compliance:
DoDD 8500.1
Comments/Warnings/Miscellaneous:
The requirements to perform an Instant Messaging SRR are as follows: - Instant Messaging Security Technical Implementation Guide - The Instant Messaging STIG will assist the reviewer with further detail in performing the instant messaging checks. The Instant Messaging STIG may be downloaded from the IASE web site located at http://iase.disa.mil. - Instant Messaging SRR Checklist - A comprehensive list of checks that provide step-by-step procedures on performing an Instant Messaging SRR. The checklist may be downloaded from IASE web site located at http://iase.disa.mil. - User access to the Vulnerability Management System (VMS) which is located at https://vms.disa.mil/VMSMain.asp
Disclaimer:
Not provided.
Product Support:
Not provided.
Point of Contact:
disa.stig_spt@mail.mil
Sponsor:
Not provided.
Licensing:
Not provided.
Change History:
Updated "Point of Contact" - 08 January 2015 Updated URL to reflect change to the DISA website - http --> https moved to archive status - 4/15/19
Dependency/Requirements:
| URL | Description |
|---|
References:
| Reference URL | Description |
|---|