NET0812 – Two NTP servers are not used to synchronize time – ‘Second NTP Server’

Details

The network element must use two or more NTP servers to synchronize time.

Without synchronized time, accurately correlating information between devices becomes difficult, if not impossible. If you cannot successfully compare logs between each of your routers, switches, and firewalls, it will be very difficult to determine the exact events that resulted in a network breach incident. NTP provides an efficient and scalable method for network elements to synchronize to an accurate time source.

NOTE: Change ‘NTP_SERVER_2’ to the second NTP server listed for your organization.

Solution

Configure the device to use two separate NTP servers.

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_Network_L2_Switch_V8R27_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Cisco.

References

800-53|AU-8(2)
CAT|III
CSCv6|6.1
Rule-ID|SV-41497r1_rule
STIG-ID|NET0812
Vuln-ID|V-23747

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles