Details
NTP(Network Time Protocol) synchronization should be configured and enabled on each
VMware ESXi host. Verify that the NTP time server is correct for each host to ensure
accurate time for system event logs.
*Rationale*
By ensuring that all systems use the same relative time source (including the relevant
localization offset), and that the relative time source can be correlated to an agreed-upon
time standard, you can make it simpler to track and correlate an intruder’s actions when
reviewing the relevant log files. Incorrect time settings can make it difficult to inspect and
correlate log files to detect attacks, and can make auditing inaccurate.
Solution
To implement the recommended configuration state, run the following PowerCLI
command-# Set the NTP Settings for all hosts
# If an internal NTP server is used replace pool.ntp.org with
# the IP address of the internal NTP server
$NTPServers = ‘pool.ntp.org’, ‘pool2.ntp.org’ Get-VMHost | Add-VmHostNtpServer $NTPServers
Default Value-The prescribed state is not the default state.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system VMware.