API Guide
Table Of Contents
- Dell EMC SmartFabric OS10 Security Best Practices Guide May 2021
- Contents
- OS10 security best practices
○ reverse —Display entries starting with the most recent events.
○ number—Display the specified number of audit log entries users, from 1 to 65535.
View what logging rules are enabed
OS10# show running-configuration logging
!
logging audit enable
NTP rules
Network Time Protocol (NTP) synchronizes timekeeping among a set of distributed time servers and clients and coordinates
time distribution in a large, diverse network. NTP clients synchronize with NTP servers that provide accurate time
measurement.
Configure trusted NTP server
Rationale: Configure the system to synchronize time from a trusted NTP server.
Configuration:
OS10(config)# ntp server ntp1-server-ip-address
OS10(config)# exit
OS10# write memory
ntp1-server-ip-address—Enter the IPv4 address in A.B.C.D format or IPv6 address in A::B format of the NTP server.
Configure trusted secondary NTP server
Rationale: Configure the system to synchronize time from a trusted secondary NTP server.
Configuration:
OS10(config)# ntp server ntp2-server-ip-address
OS10(config)# exit
OS10# write memory
ntp1-server-ip-address—Enter the IPv4 address in A.B.C.D format or IPv6 address in A::B format of the NTP server.
Configure NTP authentication
Rationale: NTP authentication and the corresponding trusted key provide a reliable exchange of NTP packets with trusted time
sources. NTP authentication uses the message digest 5 (MD5) algorithm. The key is embedded in the synchronization packet
that is sent to an NTP time source.
Configuration:
OS10(config)# ntp authentication-key number {sha1 | sha2-256} key
OS10(config)# ntp master {2–10}
OS10(config)# exit
OS10# write memory
● number—Enter the authentication key number, from 1 to 4294967295.
● sha1—Set to SHA1 encryption.
● sha2-256—Set to sha2-256 encryption.
View what NTP authentication is used
Use the following to view what NTP authentication is configured on the system:
OS10# show running-configuration ntp
!
ntp authenticate
ntp authentication-key 345 md5 0 5A60910FED211F02
ntp server 1.1.1.1 key 345
ntp trusted-key 345
ntp master 7
...
20
OS10 security best practices