1.6.2 Ensure redundant NTP servers are configured appropriately

Information

These settings enable use of primary and secondary NTP servers to provide redundancy in case of a failure involving the primary NTP server.
Rationale:
NTP enables the device to maintain an accurate time and date when receiving updates from a reliable NTP server. Accurate timestamps are critical when correlating events with other systems, troubleshooting, or performing investigative work. Logs and certain cryptographic functions, such as those utilizing certificates, rely on accurate time and date parameters. In addition, rules referencing a Schedule object will not function as intended if the devices time and date are incorrect.
For additional security, authenticated NTP can be utilized. If Symmetric Key authentication is selected, only SHA1 should be used, as MD5 is considered severely compromised.

Solution

Navigate to Device > Setup > Services > Services.
Set Primary NTP Server Address appropriately.
Set Secondary NTP Server Address appropriately.
Default Value:
Not configured

See Also

https://workbench.cisecurity.org/files/2104

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8, CSCv6|6.1, CSCv7|6.1

Plugin: Palo_Alto

Control ID: bcf7d71a88a6d6aabc766f60c2a48fa3a97599b3184cf0d9f5c84da7bbf34ced