Details
Define an authentication key for Network Time Protocol (NTP).
Rationale:
Using an authentication key provides a higher degree of security as only authenticated NTP servers will be able to update time for the Cisco device.
Impact:
Organizations should establish three Network Time Protocol (NTP) hosts to set consistent time across the enterprise. Enabling the ‘ntp authentication-key’ command enforces encrypted authentication between NTP hosts.
Solution
Configure at the NTP key ring and encryption key using the following command
hostname(config)#ntp authentication-key {ntp_key_id} md5 {ntp_key_hash}
Default Value:
No authentication key is defined for NTP.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Cisco.