| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1129 - Time Stamps | Synchronization With Authoritative Time Source | ||
| Id | 71bb965d-4047-4623-afd4-b8189a58df5d | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Audit and Accountability control | ||
| Additional metadata |
Name/Id: ACF1129 / Microsoft Managed Control 1129 Category: Audit and Accountability Title: Time Stamps | Synchronization With Authoritative Time Source - Checking Ownership: Customer, Microsoft Description: The information system: Compares the internal information system clocks Hourly with Every five minutes with authoritative time sourced from GPS; and Requirements: For Bare Metal servers, all assets are joined to an Active Directory domain and configured to receive authenticated time updates from the local domain controller via NTP and synchronize at least hourly. For Azure-based servers and network devices, all assets are configured to use the Coordinated Universal Time (UTC) setting when generating event logs. Once servers are joined to an Active Directory domain, they are configured by policy to receive authenticated time updates from the local domain controller via NTP and synchronize at least hourly and update the time if it is off by 1 millisecond or more. Local domain controllers obtain their time updates from Azure time servers. All Azure servers are configured to synchronize every five (5) minutes through Azure-managed domain controllers; network devices synchronize every five (5) minutes with the same time servers used by the Azure domain controllers. The Azure time servers are NTP stratum 1 time servers. Azure manages two different NTP time servers in separate geographic locations. The time servers are geographically dispersed and located in multiple separate Azure-managed datacenters. Azure chooses to use the GPS satellites as the authoritative time source as an alternative to the NIST time hosts. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|