Check: JUEX-NM-000440
Juniper EX Series Switches Network Device Management STIG:
JUEX-NM-000440
(in versions v1 r5 through v1 r1)
Title
The Juniper EX switch must be configured to record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). (Cat II impact)
Discussion
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in UTC, a modern continuation of GMT, or local time with an offset from UTC.
Check Content
Determine if the network device records time stamps for audit records that can be mapped to UTC or GMT. This requirement may be verified by demonstration or configuration review. Verify the time zone is UTC. [edit system] time-zone UTC; If the network device does not record time stamps for audit records that can be mapped to UTC or GMT, this is a finding.
Fix Text
Configure the network device to record time stamps for audit records that can be mapped to UTC or GMT. set system time-zone UTC
Additional Identifiers
Rule ID: SV-253921r879747_rule
Vulnerability ID: V-253921
Group Title: SRG-APP-000374-NDM-000299
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001860 |
The organization defines the audit failures which, should they occur, will invoke an organization-defined system mode. |
| CCI-001890 |
The information system records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). |