NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION
SC-45 — System Time Synchronization
Synchronize system clocks within and between systems and system components.
Supplemental Guidance
Time synchronization of system clocks is essential for the correct execution of many system services, including identification and authentication processes that involve certificates and time-of-day restrictions as part of access control. Denial of service or failure to deny expired credentials may result without properly synchronized clocks within and between systems and system components. Time is commonly expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. The granularity of time measurements refers to the degree of synchronization between system clocks and reference clocks, such as clocks synchronizing within hundreds of milliseconds or tens of milliseconds. Organizations may define different time granularities for system components. Time service can be critical to other security capabilities—such as access control and identification and authentication—depending on the nature of the mechanisms used to support the capabilities.
Practitioner Notes
System clocks must be synchronized across all your devices so that log entries from different systems can be correlated during incident investigation. If clocks are off, piecing together an attack timeline becomes impossible.
Example 1: Configure all domain-joined machines to sync their clocks with the PDC Emulator domain controller via the Windows Time service. The PDC Emulator syncs to a reliable NTP source like time.nist.gov. Use a GPO to enforce NTP settings.
Example 2: For network devices (firewalls, switches, routers), configure NTP to point to your internal time server. On a Palo Alto firewall, set the NTP server under Device > Setup > Services. Verify synchronization is working and alert if a device drifts more than 1 second.