1.9.2 Ensure 'local timezone' is properly configured

Information

Sets the local time zone information so that the time displayed by the ASA is more relevant to those who are viewing it.

Rationale:

Having a correct time set on a Cisco ASA is important for two main reasons. The first reason is that digital certificates compare this time to the range defined by their Valid From and Valid To fields to define a specific validity period. The second reason is to have a relevant time stamps when logging information. Whether you are sending messages to a syslog server, sending messages to an SNMP monitoring station, or performing packet captures, time stamps have little usefulness if you cannot be certain of their accuracy.

Solution

Step 1: Acquire standard zone name (enterprise_zone_name) used by the enterprise (GMT, UTC, EDT, PST)

Step 2: Run the following to configure the required value

hostname(config)# clock timezone <enterprise_zone_name> <local_offset>

Default Value:

By default, the time zone is UTC

See Also

https://workbench.cisecurity.org/benchmarks/7194

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-7, 800-53|AU-8, CSCv7|11.1

Plugin: Cisco

Control ID: eb63e6ebfb648df45407c63034312117718d89ded03cf1964c0d89c54589840f