800-53|AU-8(2)

Title

SECONDARY AUTHORITATIVE TIME SOURCE

Description

The information system identifies a secondary authoritative time source that is located in a different geographic region than the primary authoritative time source.

Reference Item Details

Category: AUDIT AND ACCOUNTABILITY

Parent Title: TIME STAMPS

Family: AUDIT AND ACCOUNTABILITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6.2 Ensure redundant NTP servers are configured appropriatelyPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
1.6.2 Ensure redundant NTP servers are configured appropriatelyPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
2.1.1.2 Ensure systemd-timesyncd is configured - FallbackNTPUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.1.2 Ensure systemd-timesyncd is configured - FallbackNTPUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.3.1 Ensure NTP is enabled and IP address is set for Primary and Secondary NTP server - ntp server secondaryCheckPointCIS Check Point Firewall L1 v1.1.0
13 - Network Time ProtocolNetapp_APINetApp Security Hardening Guide for ONTAP 9 v1.7.0
AMLS-NM-000280 - The Arista Multilayer Switch must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources - NTP Server 1AristaDISA STIG Arista MLS DCS-7000 Series NDM v1r3
AMLS-NM-000280 - The Arista Multilayer Switch must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources - NTP Server 2AristaDISA STIG Arista MLS DCS-7000 Series NDM v1r3
CASA-ND-000940 - The Cisco ASA must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - ntp serverCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-000940 - The Cisco ASA must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - ntp server preferCiscoDISA STIG Cisco ASA NDM v1r1
CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - NTP_SERVER_1CiscoDISA STIG Cisco IOS Router NDM v2r4
CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - NTP_SERVER_1CiscoDISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - NTP_SERVER_1CiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - NTP_SERVER_2CiscoDISA STIG Cisco IOS Router NDM v2r4
CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - NTP_SERVER_2CiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - NTP_SERVER_2CiscoDISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - feature ntpCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - ntp commitCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - ntp distributeCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - ntp serversCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources.CiscoDISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources.CiscoDISA STIG Cisco IOS XE Switch NDM v2r3
F5BI-DM-000201 - The BIG-IP appliance must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources.F5DISA F5 BIG-IP Device Management 11.x STIG v2r1
FGFW-ND-000120 - The FortiGate device must synchronize internal information system clocks using redundant authoritative time sources. - ntp server 1FortiGateDISA Fortigate Firewall NDM STIG v1r1
FGFW-ND-000120 - The FortiGate device must synchronize internal information system clocks using redundant authoritative time sources. - ntp server 2FortiGateDISA Fortigate Firewall NDM STIG v1r1
JUNI-ND-001020 - The Juniper router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - primary/preferJuniperDISA STIG Juniper Router NDM v2r1
JUNI-ND-001020 - The Juniper router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources - secondaryJuniperDISA STIG Juniper Router NDM v2r1
NET0812 - Two NTP servers are not used to synchronize time - 'Second NTP Server'CiscoDISA STIG Cisco L2 Switch V8R27
NET0813 - NTP messages are not authenticated - 'ntp authentication-key NTP_SERVER_2'CiscoDISA STIG Cisco L2 Switch V8R27
PANW-NM-000100 - The Palo Alto Networks security platform must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources.Palo_AltoDISA STIG Palo Alto NDM v2r1
SYMP-NM-000110 - Symantec ProxySG must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources.BlueCoatDISA Symantec ProxySG Benchmark NDM v1r2