The NSX-T Manager must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC).
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-251783 | SRG-APP-000374-NDM-000299 | TNDM-3X-000069 | SV-251783r879747_rule | 2023-06-22 | 1 |
Description
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis.
Time stamps generated by the application include date and time. Time is commonly expressed in UTC, a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC.
ℹ️ Check
From the NSX-T Manager web interface, go to System >> Fabric >> Profiles >> Node Profiles. Click "All NSX Nodes" and verify the time zone.
or
From an NSX-T Manager shell, run the following command(s):
> get clock
If system clock is not configured with the UTC time zone, this is a finding.
Note: This check must be run from each NSX-T Manager as they are configured individually if done from the command line.
✔️ Fix
To configure a profile to apply NTP servers to all NSX-T Manager nodes, do the following:
From the NSX-T Manager web interface, go to System >> Fabric >> Profiles >> Node Profiles. Click "All NSX Nodes", and then click "Edit".
In the time zone drop-down list, select "UTC", and then click "Save".
or
From an NSX-T Manager shell, run the following command(s):
> set timezone UTC
Note: This fix must be run from each NSX-T Manager as they are configured individually if done from the command line.