Fortigate - Review the NTP server configuration

Information

Ensuring that approved NTP servers are used allows for accurate log/audit file correlation.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Use this command to configure Network Time Protocol (NTP) servers.
config system ntp
set ntpsync {enable | disable}
set source-ip <ipv4_addr>
set syncinterval <interval_int>
set type {fortiguard | custom}
set server-mode {enable | disable}
set interface <interface_list>
config ntpserver
edit <serverid_int>
set authentication {enable | disable}
set key <password_str>
set key-id <int>
set ntpv3 {enable | disable}
set server <ipv4_addr>[/<hostname_str>]
end
end

See Also

https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8, CSCv6|6.1

Plugin: FortiGate

Control ID: 45b9278b600c0c7f76da544481475f5c2b55f943c042427e19d6e44dcc2547e1