Details

Many secure protocols and auditing functions rely on system times being synchronized with a reliable time source, either within or (where security considerations permit) external to the managed network. One of the most commonly used protocols to accomplish this is the Network Time Protocol (NTP), which can use both local and Internet-hosted servers to synchronize system time across a network. NTP should be configured and enabled on the device prior to enabling secure management protocols.

Solution

For example, to configure a switch to use NTP authentication and connect to a local NTP server at 10.100.1.254 using the switch management port:

switch(config)# ntp authentication
switch(config)# ntp authentication-key 1 md5 myPassword
switch(config)# ntp server 10.100.1.254 prefer
switch(config)# ntp vrf mgmt

Supportive Information

The following resource is also helpful.

• https://support.hpe.com/hpesc/public/docDisplay?docId=a00053695en_us

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability, Identification and Authentication.This control applies to the following type of system ArubaOS.

References

• 800-53|AU-8(1)
• 800-53|IA-2.

Source

• Tenable.com/audits