Check: AMLS-NM-000290
Arista MLS DCS-7000 Series NDM STIG:
AMLS-NM-000290
(in versions v1 r3 through v1 r2)
Title
The Arista Multilayer Switch must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). (Cat II impact)
Discussion
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC.
Check Content
Determine if the network device records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). This requirement may be verified by demonstration or configuration review. If the network device does not record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), this is a finding. This can be configured with the following command: clock timezone GMT and verified by show run section clock Log records can be validated with: show logging
Fix Text
Configure the network device to record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). This can be configured with the following command: clock timezone GMT
Additional Identifiers
Rule ID: SV-75325r1_rule
Vulnerability ID: V-60867
Group Title: SRG-APP-000374-NDM-000299
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001890 |
The information system records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). |
Controls
Number | Title |
---|---|
AU-8 |
Time Stamps |