Navigate

Check: CACI-ND-000001

Cisco ACI NDM STIG: CACI-ND-000001 (in version v1 r0.1)

Title

The Cisco ACI must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC). (Cat II impact)

Discussion

If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in UTC or local time with an offset from UTC.

Check Content

1. Navigate to Fabric >> Fabric Policies >> Pod >> Date and Time >> default. 2. Verify that UTC is selected. If the Cisco ACI is not configured to use the UTC time zone, this is a finding.

Fix Text

1. Navigate to Fabric >> Fabric Policies >> Pod >> Date and Time >> default to set the Time Zone. 2. Configure the Display time to be UTC and assign the appropriate Time Zone for the APIC's location.

Additional Identifiers

Rule ID: SV-271916r1067380_rule

Vulnerability ID: V-271916

Group Title: SRG-APP-000374-NDM-000299

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001890	Record time stamps for audit records that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or that include the local time offset as part of the time stamp.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AU-8	Time Stamps