The NSX Manager must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-265339 | NMGR-4X-000068 | SV-265339r994240_rule | CCI-001890 | medium |
| Description | ||||
| If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. | ||||
| STIG | Date | |||
| VMware NSX 4.x Manager NDM Security Technical Implementation Guide | 2024-12-13 | |||
Details
Check Text (C-265339r994240_chk)
From the NSX Manager web interface, go to System >> Configuration >> Fabric >> Profiles >> Node Profiles.
Note: This check must be run from each NSX Manager as they are configured individually if done from the command line.
Click "All NSX Nodes" and verify the time zone.
or
From an NSX Manager shell, run the following command:
> get clock
If system clock is not configured with the UTC time zone, this is a finding.
Fix Text (F-69164r994239_fix)
To configure a profile to apply a time zone to all NSX Manager nodes, do the following:
From the NSX Manager web interface, go to System >> Configuration >> Fabric >> Profiles >> Node Profiles.
Click "All NSX Nodes", and then click "Edit".
In the time zone drop-down list, select "UTC", and then click "Save".
or
From an NSX Manager shell, run the following command:
> set timezone UTC
Note: This fix must be run from each NSX Manager as they are configured individually if done from the command line.