Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1058
Views
0
Helpful
2
Replies

NTP Server question

christopher_hall
Level 1
Level 1

‎06-16-2006 08:00 AM

Greetings,

I am currently trying to sync all our routers/devices and servers to use a single source for time. I've set all routers to pull time from an single router that points to an outside source. One problem, though. We have an IDS 4200 that has to get it's time from an authenticated connection. The document goes on about configuring a router as an NTP server and using it's internal clock as the time source. Does this clock use a BIOS battery like servers to provide a power source? I understand about needing a secure source for time for our IDS, but this doesn't seem to be a good way to handle providing correct time. As already mentioned abouve, I'm hoping to sync all devices with an external atomic clock. Any insights/suggestions?

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-16-2006 08:15 AM

If you want the best of both worlds - secure and accurate - then use a time server appliance. Something like a Symmetricom S200: http://www.symmttm.com/products_nt_SyncServerS200.asp

It gets its time from GPS satellites via an antenna and feeds it to your network via an Ethernet port. Stratum One timing source and it's all in house and secure.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Marvin Rhoads

‎06-16-2006 10:19 AM

There are several interesting aspects to the question that Chris asks. First the objective question: do Cisco routers have a battery and clock/calendar chip so that they maintain time over a boot? Some do and some do not. In general the higher part of the product line does and the lower end of the product line does not. It is pretty easy to determine on a router by router basis: just boot and then show clock.

Beyond that there are some interesting aspects which do not have clear answers. If you are already planning to have a router learn time from an external (reliable) source then what are the implications of having the IDS learn that time? If Security is insistent that the IDS not be compromised by being dependent on an outside resource, then it would be fairly simple to set up one (or two - depending on whether redundancy is important) routers to supply time to the IDS. Making a router function as NTP master is quite easy.

I would also ask the question that if Chris is going to need to set up an internal router to function as NTP master then why not just have the network devices learn time from that one (instead of having two different times masters in the network - one internal and one external)? I would suggest that for most networks it is most important that time accross network devices be consistent but not neccesarily as important that the time be precisely accurate.

I think it is also good practice to configure two devices as master and to have network devices configured with two time sources, so that there is not a potential single point of failure. And if you really take NTP seriously then 3 sources are better than 2.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents