AnsweredAssumed Answered

Does RSA Authentication Manager 8.1 SP1 or 8.2 authenticate NTP messages from NTP servers?

Question asked by Brandon Steams on Oct 19, 2016
Latest reply on Oct 19, 2016 by Edward Davis

NIST control V0014671 states:

Network devices must authenticate all NTP messages received from NTP servers and peers.

 

Since NTP is used to ensure accurate log file timestamp information, NTP could pose a security risk if a malicious user were able to falsify NTP information. To launch an attack on the NTP infrastructure, a hacker could inject time that would be accepted by NTP clients by spoofing the IP address of a valid NTP server. To mitigate this risk, the time messages must be authenticated by the client before accepting them as a time source.

Outcomes