Having accurate, reliable and secure Timing throughout your network improves several different network security application areas:
- Intrusion detection and forensic analysis
- Log file accuracy, auditing and monitoring
- Network fault diagnosis and recovery
- Access security and authentication
- Scheduled and automated operations
Many take time from one or more publicly available time servers, via the internet. These public time servers act as sources for Universal Coordinated Time (UTC), an internationally recognized time standard. This may seem like a good idea, and an easy way to get accurate time.
However, taking Timing from the internet usually means opening up port 123 for NTP traffic through your firewall(s). Essentially, this means leaving a door open through the firewall. From a security perspective, that is a big problem.
Fixing Timing Security
Fortunately, this is one of the easiest things you can fix in your network.
Just put an NTP Server inside your network, behind your firewall.
Once installed, you may just forget about it for many years to come.
This Microsemi Whitepaper explains why “it’s time to stop taking time for granted”, and discusses the issue in-depth.
Take a look! A Hidden Security Danger: Network Timing
Plus, there’s a whole host of valid reasons to do it: Government regulations, fault diagnosis, forensics, security, are all valid reasons to have a Time Server behind your firewall. We discuss those in our other posts on Timing and Synchronization.
Want to know more?
For more details on Microsemi’s S600 and S650 Time Servers, visit https://empowerednetworks.com/timing/ntp-servers.