2.3.1 Ensure NTP is enabled and IP address is set for Primary and Secondary NTP server - ntp server primary

Information

These settings enable the use of primary and secondary NTP servers to provide redundancy in case of a failure involving the primary NTP server.

Rationale:

NTP enables the device to maintain accurate time and date when receiving updates from a reliable NTP server. Accurate timestamps are critical when correlating events with other systems, troubleshooting, or performing investigative work. Logs and certain cryptographic functions, such as those utilizing certificates, rely on accurate time and date parameters. In addition, rules referencing a Schedule object will not function as intended if the device's time and date are incorrect. For additional security, authenticated NTP can be utilized. If Symmetric Key authentication is selected, only SHA1 should be used, as MD5 is considered severely compromised.

Solution

Run the following command to enable the NTP and configure the Primary & Secondary NTP server.
CLI:

Hostname> set ntp active on
Hostname> set ntp server primary ntpserver.time.com version 3
Hostname> set ntp server primary 10.22.13.33 version 3

GUI:

System Management > Time > Set Time and Date > Checked Set Time and Date automatically using Network Time Protocol (NTP) and configured the Primary NTP Server and Secondary NTP server

Default Value:

No

See Also

https://workbench.cisecurity.org/files/2828

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8(1), CSCv6|6.1

Plugin: CheckPoint

Control ID: 24317a79050b47ad0f955feb7e58a08411b88b25b2752c77ea80c87498e5b123