2.3.1.3 Set the 'ntp trusted-key'

Information

Ensure you authenticate the identity of a system to which Network Time Protocol (NTP) will synchronize

Rationale:

This authentication function provides protection against accidentally synchronizing the system to another system that is not trusted, because the other system must know the correct authentication key.

Impact:

Organizations should establish three Network Time Protocol (NTP) hosts to set consistent time across the enterprise. Enabling the 'ntp trusted-key' command enforces encrypted authentication between NTP hosts.

Solution

Configure the NTP trusted key using the following command

hostname(config)#ntp trusted-key {ntp_key_id}

Default Value:

Authentication of the identity of the system is disabled.

See Also

https://workbench.cisecurity.org/files/3762

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-7, 800-53|AU-8, CSCv7|6.1

Plugin: Cisco

Control ID: 26667ed8ded85d0d65386b76862f2a91b2e3ba1a8267f4ced2f9397e0c8d0df2