6.7.4 Ensure NTP uses version 4

Information

Version 4 of the NTP protocol should be utilized.

Rationale:

NTP is one of the oldest Internet Standard protocols and has been around for over 30 years. As with most protocols, during its lifetime, NTP has received numerous revisions and updates to ensure it remains reliable and secure to use in modern networks.

The current reference version of NTP is Version 4. Version 4 adds significant enhancements to the protocols security which means it is widely accepted as the defacto standard for secure implementation and should be used for all network devices.

Solution

Configure each External NTP Server to use NTP Version 4 using the following commands under the [edit system ntp] hierarchy:

[edit system ntp]
user@host#set server <Servers IP> version 4

Default Value:

By default all Juniper routers use NTP Version 4 when a server is explicitly configured.

See Also

https://workbench.cisecurity.org/files/3069

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8, CSCv6|6.1, CSCv7|6.1

Plugin: Juniper

Control ID: 93d8771b453a6e94e1e0dd9cd7918c5c192afeb03e4ca43ba034c5ccb19f20dd