Check: JUEX-NM-000440
Juniper EX Series Switches Network Device Management STIG:
JUEX-NM-000440
(in versions v2 r2 through v1 r1)
Title
The Juniper EX switch must be configured to record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). (Cat II impact)
Discussion
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in UTC, a modern continuation of GMT, or local time with an offset from UTC.
Check Content
Determine if the network device records time stamps for audit records that can be mapped to UTC or GMT. This requirement may be verified by demonstration or configuration review. Verify the time zone is UTC. [edit system] time-zone UTC; If the network device does not record time stamps for audit records that can be mapped to UTC or GMT, this is a finding.
Fix Text
Configure the network device to record time stamps for audit records that can be mapped to UTC or GMT. set system time-zone UTC
Additional Identifiers
Rule ID: SV-253921r961443_rule
Vulnerability ID: V-253921
Group Title: SRG-APP-000374-NDM-000299
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001860 |
Defines the audit logging failures which, should they occur, will invoke an organization-defined system mode. |
| CCI-001890 |
Record time stamps for audit records that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or that include the local time offset as part of the time stamp. |