2.3.1.3 Set the 'ntp trusted-key'

Information

Ensure you authenticate the identity of a system to which Network Time Protocol (NTP) will synchronize

Rationale:

This authentication function provides protection against accidentally synchronizing the system to another system that is not trusted, because the other system must know the correct authentication key.

Impact:

Organizations should establish three Network Time Protocol (NTP) hosts to set consistent time across the enterprise. Enabling the 'ntp trusted-key' command enforces encrypted authentication between NTP hosts.

Solution

Configure the NTP trusted key using the following command

hostname(config)#ntp trusted-key {ntp_key_id}

Default Value:

Authentication of the identity of the system is disabled.

See Also

https://workbench.cisecurity.org/files/3829

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-7, 800-53|AU-8, CSCv7|6.1

Plugin: Cisco

Control ID: 8a1568733d6b294b984becd4687716378e4649385948bc1b55fac2248d7d2b2a