Details
Ensure you authenticate the identity of a system to which Network Time Protocol (NTP) will synchronize
Rationale:
This authentication function provides protection against accidentally synchronizing the system to another system that is not trusted, because the other system must know the correct authentication key.
Impact:
Organizations should establish three Network Time Protocol (NTP) hosts to set consistent time across the enterprise. Enabling the ‘ntp trusted-key’ command enforces encrypted authentication between NTP hosts.
Solution
Configure the NTP trusted key using the following command
hostname(config)#ntp trusted-key {ntp_key_id}
Default Value:
Authentication of the identity of the system is disabled.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Cisco.