Vulnerability:
No Time Synchronization Configured. The time synchronization against a network time service NTP was not configured on Fortigate Device.
Description:
Time synchronization for network devices is inherently important, not just for the various services that make use of time, but also for the accurate logging of events. Therefore network devices can be configured to synchronize their time against a network time source in order to ensure that the time is synchronized.
Impact:
Although not a direct threat to security, a device with no time synchronization configured would make it more difficult to correlate events in the logs. This would make a forensic investigation more complex, hindering any troubleshooting. The lack of time synchronization could also cause problems with some systems that depend on accurate time, such as some authentication services.
Solution:
Netsecaddict recommends that all networked devices should synchronize their clocks with a network time source NTP.
Notes for Fortinet FortiGate Firewall with UTM FGT80E devices:
Fortinet FortiGate Firewall with UTM FGT80E devices can be configured to sync the time against a Network Time Protocol (NTP) time source using the web administration interface and the command line interface. From the web interface this can be configured by browsing to “System” then “Config” then “Time”. A time source can be configured from the command line using the following commands:
With GUI console.
Command line
config system global
set ntpserver ip-address
set syncinterval sync-mins
set ntpsync enable
end
Config System ntp
Set type custom
Set syncinterval X
Config ntpserver
Set server x.x.x.x
Set ntpv3 disable
Next
End
After applied NTP custom setting need to verify that NTP is applied or not.
#diag sys ntp status
This article will help you in VAPT activity. For the best practice NTP should enable on device.
Leave a Reply