Note: When you configure NTP Autokey, you must first disable the
NTP service in the NTP Services panel, then re- enable it after
Autokey configuration is completed.
Mark as Preferred: Check this box to prefer this NTP Peer over other NTP Peers
("NTP Peer Preference"). This will result in SecureSync synchronizing more fre
quently with this Peer. For additional information on NTP Preferences, see "Con
figuring "NTP Stratum 1" Operation" on page97.
Note: Please note that it is not advisable to mark more than one NTP
Peer as Preferred, even though SecureSync will not prevent you from
doing so.
5.
Click Submit, or press Enter.
2.15.9 NTP Authentication
Since NTP information is distributed across entire networks, NTP poses a security risk:Falsified
NTP time stamps or other NTP-related information can be exploited by an attacker. NTP authen
tication keys are used to authenticate time synchronization, thus detecting a fake time source
before it can do harm.
2.15.9.1 NTP Autokey
Note: Note that, as of spring 2016, NTP Autokey is currently not supported; for
more information, see http://bugs.ntp.org/show_bug.cgi?id=3005.
NTP Autokey: Support & Limitations
Currently, SecureSync supports only the IFF (Identify Friend or Foe) Autokey Identity Scheme.
The SecureSync product web interface automates the configuration of the IFF using the MD5
digests and RSA keys and certificates. At this time the configuration of other key types or other
digests is not supported.
Note: When you configure NTP Autokey, you must disable the NTP service first,
and then re-enable it after Autokey configuration is completed.
106
CHAPTER 2 • SecureSync User Reference Guide Rev. 23
2.15 Configuring NTP
To Next Page
Loading...
Need help?
General