GEN000244 - The system must use time sources local to the enclave.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

A synchronized system clock is critical for the enforcement of time-based policies and the correlation of logs and audit records with other systems. The network architecture should provide multiple time servers within an enclave that provide local service to the enclave and synchronize with time sources outside of the enclave.

If this server is an enclave time server, this requirement is not applicable.

If the system is completely isolated (no connections to networks or other systems), time synchronization is not required as no correlation of events or operation of time-dependent protocols between systems will be necessary. If the system is completely isolated, this requirement is not applicable.

Solution

Remove the server line from /etc/inet/ntp.conf for each NTP server that is external to the enclave.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R2_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8(1), 800-53|AU-8(2), CAT|III, CCI|CCI-001891, CSCv6|6.1, Rule-ID|SV-227563r603266_rule, STIG-ID|GEN000244, STIG-Legacy|SV-26305, STIG-Legacy|V-22292, Vuln-ID|V-227563

Plugin: Unix

Control ID: 561329ce7944c1aced51dfbe43ab3fbc9d35d119ed2667e9d820b8cbda8a587e