Details

From the perspective of security, the equipment should support the NTP clock synchronization protocol to ensure that all the equipment in the network have the same clock and that the log timestamps are correct. ROSNG supports the NTP protocol.

In addition, in order to ensure the security of the NTP protocol, it supports ACL filtering to limit NTP packets that enter the IP network device from the external network, and allows MD5 authentication on NTP sessions.

Solution

It is recommended to config NTP for clock synchronization.

ZXR10(config)#ntp enable

Supportive Information

The following resource is also helpful.

• https://support.zte.com.cn/support/doccenter/DocumentProductHandBookDetail.aspx?sid=102&id=30768582&type=docfeedback

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system ZTE_ROSNG.

References

• 800-53|AU-8.

Source

• Tenable.com/audits