Check: AADC-NM-000113
A10 Networks ADC NDM STIG:
AADC-NM-000113
(in version v1 r1)
Title
The A10 Networks ADC must authenticate Network Time Protocol sources. (Cat II impact)
Discussion
If Network Time Protocol is not authenticated, an attacker can introduce a rogue NTP server. This rogue server can then be used to send incorrect time information to network devices, which will make log timestamps inaccurate and affected scheduled actions. NTP authentication is used to prevent this tampering by authenticating the time source.
Check Content
Review the device configuration. The following command includes an output modifier to display only NTP-related configuration: show run | include ntp The output should contain either the "ntp auth-key" command or the "ntp trusted-key" command. If it does not, this is a finding.
Fix Text
The following command configures NTP authentication: ntp [auth-key ID-num M string] This creates an authentication key. For ID-num, enter a value between 1-65535. For string, enter a series of 1-31 alphanumeric characters for the key. This value is stored in the system using the A10 encryption algorithm. The following command also configures NTP authentication: ntp [trusted-key ID-num] This adds an authentication key to the list of trusted keys. For num, enter the identification number of a configured authentication key to add the key to the trusted key list. You can enter more than one number, separated by whitespace, to simultaneously add multiple authentication keys to the trusted key list.
Additional Identifiers
Rule ID: SV-82575r1_rule
Vulnerability ID: V-68085
Group Title: SRG-APP-000395-NDM-000310
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001967 |
The information system authenticates organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based. |
Controls
Number | Title |
---|---|
IA-3 (1) |
Cryptographic Bidirectional Authentication |