STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must synchronize internal information system clocks to the authoritative time source when the time difference is greater than one second.

DISA Rule

SV-100447r1_rule

Vulnerability Number

V-89797

Group Title

SRG-OS-000356-GPOS-00144

Rule Version

VRAU-SL-001130

Severity

CAT II

CCI(s)

• CCI-002046 - The information system synchronizes the internal system clocks to the authoritative time source when the time difference is greater than the organization-defined time period.

Weight

10

Fix Recommendation

The "ntp" service can be enabled with the following command:

# chkconfig ntp on
# service ntp start

Configure the time server for the authoritative time source with the following steps:

1. Edit /etc/ntp.conf and locate the "server" entry.
2. Replace the address with the address of the authoritative time source.
3. Save the /etc/ntp.conf file.
4. Restart the ntp daemon with /etc/init.d/ntp start.

Check Contents

Run the following command to determine the current status of the "ntpd" service:

# service ntp status

If the service is configured, the command should show a list of the ntp servers and the status of the synchronization.

If it does not, this is a finding.

Vulnerability Number

V-89797

Documentable

False

Rule Version

VRAU-SL-001130

Severity Override Guidance

Run the following command to determine the current status of the "ntpd" service:

# service ntp status

If the service is configured, the command should show a list of the ntp servers and the status of the synchronization.

If it does not, this is a finding.

Check Content Reference

M

Target Key

3459

Comments