1.9.1.1 Ensure 'NTP authentication' is enabled

Information

Enables NTP authentication in order to receive time information only from trusted sources

Rationale:

When authentication is not enabled, attackers can disguise as NTP servers and broadcast wrong time and it will be difficult to correlate events upon an incident. In some other cases, attackers can perform NTP DDoS attacks such as NTP Amplification.

Solution

Run the following command to enable NTP authentication

hostname(config)#ntp authenticate

Default Value:

Disabled by default

See Also

https://workbench.cisecurity.org/benchmarks/7194

Item Details

Category: ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-18, 800-53|AU-7, 800-53|AU-8, 800-53|SC-23, CSCv7|6.1

Plugin: Cisco

Control ID: a539072b42bc46c85e86f5f146d7a56e9f35adaf31d73329ca6516ad12c4f352