Management Services Security - Configure NTP with authentication with more than one trusted server - authentication type

Information

From a security auditing perspective, accurate time is imperative so engineers can correlate system events to gather the root cause of problems. Network Time Protocol (NTP) is an industry standard for synchronizing time between devices to a common reference clock. NTP communicates via UDP and could be a security risk if a malicious user was to spoof the IP address of the NTP server and inject an inaccurate timestamp. To mitigate this potential risk, NTP should be secured by implementing authentication.

Solution

Configure ntp with a trusted key.

user@host# edit system ntp authentication-key <KEY_INDEX>
user@host# set type md5
user@host# set value <KEY>

See Also

http://www.juniper.net/us/en/training/jnbooks/day-one/fundamentals-series/hardening-junos-devices-checklist/

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8(1)

Plugin: Juniper

Control ID: 41b9f3986811902dc566b7e9d78174a2fba1ae3d4927e9aca7777f04c823fccc