Details
From the perspective of security, the equipment should support the NTP clock synchronization protocol to ensure that all the equipment in the network have the same clock and that the log timestamps are correct. ROSNG supports the NTP protocol.
In addition, in order to ensure the security of the NTP protocol, it supports ACL filtering to limit NTP packets that enter the IP network device from the external network, and allows MD5 authentication on NTP sessions.
Solution
It is recommended to config NTP for clock synchronization, and also set the ipv4-access-list filtering rules.
ZXR10#config terminal
ZXR10 (config)#ntp access-group ipv4-access-list xxx
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system ZTE_ROSNG.