The Dell OS10 Switch must authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based.

An XCCDF Rule

Details
Profiles

Description

If NTP is not authenticated, an attacker can introduce a rogue NTP server. This rogue server can then be used to send incorrect time information to network devices, which will make log timestamps inaccurate and affect scheduled actions. NTP authentication is used to prevent this tampering by authenticating the time source.

ID: SV-269794r1051767_rule
Version: OS10-NDM-000750
Severity: Medium
References: CCI-001967
Updated: about 2 months ago

Remediation Templates

Configure the OS10 Switch to authenticate NTP sources using authentication that is cryptographically based:

OS10(config)# ntp authenticate
OS10(config)# ntp trusted-key 345
OS10(config)# ntp authentication-key 345 sha2-256 0 <key>
OS10(config)# ntp server 192.0.2.1 key 345 preferred
OS10(config)# ntp server 192.0.2.5 key 345

The Dell OS10 Switch must authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based.

Description

Remediation Templates

A Manual Procedure