2.2.1.1 Ensure time synchronization is in use

Information

System time should be synchronized between all systems in an environment. This is typically done by establishing an authoritative time server or set of servers and having all systems synchronize their clocks to them.

Rationale:

Time synchronization is important to support time sensitive security mechanisms like Kerberos and also ensures log files have consistent time records across the enterprise, which aids in forensic investigations.

Notes:

On systems where host based time synchronization is not available, verify that chrony or NTP is installed.

On systems where host based time synchronization is available consult your documentation and verify that host based synchronization is in use.

If another method for time synchronization is being used, this section may be skipped.

Only one time synchronization package should be installed

Solution

Run One of the following commands to install chrony or NTP:
To install chrony:
Run the following command:

# yum install chrony

OR
To install ntp:
Run the following command:

# yum install ntp

Note: On systems where host based time synchronization is available consult your virtualization software documentation and setup host based synchronization.

See Also

https://workbench.cisecurity.org/files/3144

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8, CSCv6|6.1, CSCv7|6.1

Plugin: Unix

Control ID: 701c1beb791b10b244f78dfe53c9f79217536de8e3953637cdee6def65d2b219