STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AU-8 (1) — Time Stamps

CCI-001891

Definition

The information system compares internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.

Parent Control

AU-8 (1)Time StampsAudit and Accountability

Linked STIG Checks (52)

V-255610CAT IIIThe A10 Networks ADC must compare internal information system clocks at least every 24 hours with an authoritative time server.A10 Networks ADC NDM Security Technical Implementation Guide V-243504CAT IIThe Windows Time Service on the forest root PDC Emulator must be configured to acquire its time from an external time source.Active Directory Forest Security Technical Implementation Guide V-252445CAT IIThe macOS system must, for networked systems, compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS).Apple macOS 12 (Monterey) Security Technical Implementation Guide V-257151CAT IIThe macOS system must compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DOD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS).Apple macOS 13 (Ventura) Security Technical Implementation Guide V-219331CAT IIThe Ubuntu operating system must, for networked systems, compare internal information system clocks at least every 24 hours with a server which is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-238356CAT IIThe Ubuntu operating system must, for networked systems, compare internal information system clocks at least every 24 hours with a server which is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-260519CAT IIIUbuntu 22.04 LTS must, for networked systems, compare internal information system clocks at least every 24 hours with a server synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DOD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-255568CAT IIThe DBN-6300 must compare internal information system clocks at least every 24 hours with an authoritative time server.DBN-6300 NDM Security Technical Implementation Guide V-255650CAT IICounterACT must compare internal information systems clocks at least every 24 hours with an authoritative time server.ForeScout CounterACT NDM Security Technical Implementation Guide V-230176CAT IIThe HP FlexFabric Switch must compare internal information system clocks at least every 24 hours with an authoritative time server.HP FlexFabric Switch NDM Security Technical Implementation Guide V-237823CAT IIIThe storage system must, for networked systems, compare internal information system clocks at least every 24 hours with a server which is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide V-215208CAT IIAIX must provide time synchronization applications that can synchronize the system clock to external time sources at least every 24 hours.IBM AIX 7.x Security Technical Implementation Guide V-65149CAT IIIThe DataPower Gateway must compare internal information system clocks at least every 24 hours with an authoritative time server.IBM DataPower Network Device Management Security Technical Implementation Guide V-255779CAT IIIThe MQ Appliance messaging server must compare internal MQ Appliance messaging server clocks at least every 24 hours with an authoritative time source.IBM MQ Appliance V9.0 AS Security Technical Implementation Guide V-255759CAT IIThe MQ Appliance network device must compare internal information system clocks at least every 24 hours with an authoritative time server.IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide V-253296CAT IIIThe Windows 11 time service must synchronize with an appropriate DOD time source.Microsoft Windows 11 Security Technical Implementation Guide V-224862CAT IIIThe time service must synchronize with an appropriate DoD time source.Microsoft Windows Server 2016 Security Technical Implementation Guide V-205800CAT IIIThe Windows Server 2019 time service must synchronize with an appropriate DOD time source.Microsoft Windows Server 2019 Security Technical Implementation Guide V-254281CAT IIIThe Windows Server 2022 time service must synchronize with an appropriate DOD time source.Microsoft Windows Server 2022 Security Technical Implementation Guide V-254106CAT IIINutanix AOS must be configured to synchronize internal information system clocks using redundant authoritative time sources.Nutanix AOS 5.20.x Application Security Technical Implementation Guide V-254182CAT IIINutanix AOS must compare internal information system clocks at least every 24 hours with a server synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Nutanix AOS 5.20.x OS Security Technical Implementation Guide V-221866CAT IIThe Oracle Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Oracle Linux 7 Security Technical Implementation Guide V-248820CAT IIOL 8 must compare internal information system clocks at least every 24 hours with a server synchronized to an authoritative time source, such as the United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DOD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Oracle Linux 8 Security Technical Implementation Guide V-228663CAT IIIThe Palo Alto Networks security platform must compare internal information system clocks at least every 24 hours with an authoritative time server.Palo Alto Networks NDM Security Technical Implementation Guide V-256909CAT IIAutomation Controller must compare internal application server clocks at least every 24 hours with an authoritative time source.Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide V-204603CAT IIThe Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Red Hat Enterprise Linux 7 Security Technical Implementation Guide V-230484CAT IIRHEL 8 must securely compare internal information system clocks at least every 24 hours with a server synchronized to an authoritative time source, such as the United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Red Hat Enterprise Linux 8 Security Technical Implementation Guide V-257943CAT IIRHEL 9 must have the chrony package installed.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257944CAT IIRHEL 9 chronyd service must be enabled.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257945CAT IIRHEL 9 must securely compare internal information system clocks at least every 24 hours.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-92297CAT IIThe SEL-2740S must be configured to compare internal information system clocks at least every 24 hours with an authoritative time server.SEL-2740S NDM Security Technical Implementation Guide V-261311CAT IISLEM 5 clock must, for networked systems, be synchronized to an authoritative DOD time source at least every 24 hours.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-217281CAT IIThe SUSE operating system clock must, for networked systems, be synchronized to an authoritative DoD time source at least every 24 hours.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-94671CAT IISymantec ProxySG must compare internal information system clocks at least every 24 hours with an authoritative time server.Symantec ProxySG NDM Security Technical Implementation Guide V-254865CAT IIThe Tanium operating system (TanOS) must, for networked systems, compare internal information system clocks at least every 24 hours with a server synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DOD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Tanium 7.x Operating System on TanOS Security Technical Implementation Guide V-252928CAT IITOSS must, for networked systems, compare internal information system clocks at least every 24 hours with a server which is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DOD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide V-69203CAT IIIThe NSX Manager must compare internal information system clocks at least every 24 hours with an authoritative time server.VMware NSX Manager Security Technical Implementation Guide V-240506CAT IIThe SLES for vRealize must, for networked systems, compare internal information system clocks at least every 24 hours with a server which is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-240507CAT IIThe time synchronization configuration file (such as /etc/ntp.conf) must be owned by root.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-240508CAT IIThe time synchronization configuration file (such as /etc/ntp.conf) must be group-owned by root, bin, sys, or system.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-240509CAT IIThe time synchronization configuration file (such as /etc/ntp.conf) must have mode 0640 or less permissive.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-239600CAT IIThe SLES for vRealize must, for networked systems, compare internal information system clocks at least every 24 hours with a server which is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-239601CAT IIThe time synchronization configuration file (such as /etc/ntp.conf) must be owned by root.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-239602CAT IIThe time synchronization configuration file (such as /etc/ntp.conf) must be group-owned by root, bin, sys, or system.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-239603CAT IIThe time synchronization configuration file (such as /etc/ntp.conf) must have mode 0640 or less permissive.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-256409CAT IIThe ESXi host must configure NTP time synchronization.VMware vSphere 7.0 ESXi Security Technical Implementation Guide V-256341CAT IIThe vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.VMware vSphere 7.0 vCenter Security Technical Implementation Guide V-258745CAT IIThe ESXi host must synchronize internal information system clocks to an authoritative time source.VMware vSphere 8.0 ESXi Security Technical Implementation Guide V-258927CAT IIThe vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.VMware vSphere 8.0 vCenter Security Technical Implementation Guide V-73307CAT IIIThe time service must synchronize with an appropriate DoD time source.Windows Server 2016 Security Technical Implementation Guide V-73307CAT IIIThe time service must synchronize with an appropriate DoD time source.Windows Server 2016 Security Technical Implementation Guide V-93187CAT IIIThe Windows Server 2019 time service must synchronize with an appropriate DoD time source.Windows Server 2019 Security Technical Implementation Guide