STIGQter STIGQter: STIG Summary: A10 Networks ADC NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 15 Apr 2016: The A10 Networks ADC must authenticate Network Time Protocol sources.

DISA Rule

SV-82575r1_rule

Vulnerability Number

V-68085

Group Title

SRG-APP-000395-NDM-000310

Rule Version

AADC-NM-000113

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The following command configures NTP authentication:
ntp [auth-key ID-num M string]
This creates an authentication key. For ID-num, enter a value between 1-65535. For string, enter a series of 1-31 alphanumeric characters for the key. This value is stored in the system using the A10 encryption algorithm.

The following command also configures NTP authentication:
ntp [trusted-key ID-num]
This adds an authentication key to the list of trusted keys. For num, enter the identification number of a configured authentication key to add the key to the trusted key list. You can enter more than one number, separated by whitespace, to simultaneously add multiple authentication keys to the trusted key list.

Check Contents

Review the device configuration.

The following command includes an output modifier to display only NTP-related configuration:
show run | include ntp

The output should contain either the "ntp auth-key" command or the "ntp trusted-key" command.

If it does not, this is a finding.

Vulnerability Number

V-68085

Documentable

False

Rule Version

AADC-NM-000113

Severity Override Guidance

Review the device configuration.

The following command includes an output modifier to display only NTP-related configuration:
show run | include ntp

The output should contain either the "ntp auth-key" command or the "ntp trusted-key" command.

If it does not, this is a finding.

Check Content Reference

M

Target Key

2915

Comments