2.3.1.3 Set the 'ntp trusted-key'

Information

Ensure you authenticate the identity of a system to which Network Time Protocol (NTP) will synchronize

This authentication function provides protection against accidentally synchronizing the system to another system that is not trusted, because the other system must know the correct authentication key.

Solution

Configure the NTP trusted key using the following command

hostname(config)#ntp trusted-key {ntp_key_id}

Impact:

Organizations should establish three Network Time Protocol (NTP) hosts to set consistent time across the enterprise. Enabling the 'ntp trusted-key' command enforces encrypted authentication between NTP hosts.

See Also

https://workbench.cisecurity.org/benchmarks/17130

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-7, 800-53|AU-8, CSCv7|6.1

Plugin: Cisco

Control ID: 6a43582b299d3e3f336462c8a2477e0e920e0351cdbddbdedad6c20858533719