The Google Search Appliance must synchronize with internal information system clocks which in turn, are synchronized on a 24 hour frequency with a 24 hour authoritative time source.

From Google Search Appliance Security Technical Implementation Guide

Part of SRG-APP-000117

Associated with: CCI-000160

SV-75205r1_rule The Google Search Appliance must synchronize with internal information system clocks which in turn, are synchronized on a 24 hour frequency with a 24 hour authoritative time source.

Vulnerability discussion

Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysis and investigating system events. Synchronization of system clocks is needed in order to correctly correlate the timing of events that occur across multiple systems. To meet that requirement the organization will define an authoritative time source and frequency to which each system will synchronize its internal clock. An example is utilizing the NTP protocol to synchronize with centralized NTP servers. Time stamps generated by the information system must include both date and time. The time may be expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. Applications not purposed to provide NTP services should not try to compete with or replace NTP functionality and should synchronize with internal information system clocks that are in turn synchronized with an organization defined authoritative time source.

Check content

Open the GSA Web Admin Console at https::8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". If there are valid entries for all DNS servers, DNS suffixes, SMTP servers, NTP servers, this is not a finding.

Fix text

Open the GSA Web Admin Console at https::8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". Ensure that valid entries for all DNS servers, DNS suffixes, SMTP servers, NTP servers.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer