1.6.2 Ensure redundant NTP servers are configured appropriately

Information

These settings enable use of primary and secondary NTP servers to provide redundancy in case of a failure involving the primary NTP server.
Rationale:
NTP enables the device to maintain an accurate time and date when receiving updates from a reliable NTP server. Accurate timestamps are critical when correlating events with other systems, troubleshooting, or performing investigative work. Logs and certain cryptographic functions, such as those utilizing certificates, rely on accurate time and date parameters. In addition, rules referencing a Schedule object will not function as intended if the device's time and date are incorrect.

For additional security, authenticated NTP can be utilized. If Symmetric Key is selected, only SHA1 should be used as MD5 is considered severely compromised.

Solution

Navigate to Device > Setup > Services > Services.
Set Primary NTP Server Address appropriately.
Set Secondary NTP Server Address appropriately.
or
To remediate these settings, execute the following CLI commands:
[email protected]#set deviceconfig system ntp-servers primary-ntp-server
[email protected]#set deviceconfig system ntp-servers secondary-ntp-server
Default Value:
Not configured

See Also

https://workbench.cisecurity.org/files/1780

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8(1), 800-53|AU-8(2), CSCv6|6.1

Plugin: Palo_Alto

Control ID: 6010a6b280d432fbaa1ac270faff61aa45ea6be98308fd5ec410dfbbfb4497df