nanog mailing list archives
Re: Need trusted NTP Sources
From: Chris Keladis <ckeladis () gmail com>
Date: Fri, 7 Feb 2014 06:21:35 +1100
On Thu, Feb 6, 2014 at 9:03 PM, Notify Me <notify.sina () gmail com> wrote: I'm trying to help a company I work for to pass an audit, and we've
been told we need trusted NTP sources (RedHat doesn't cut it). Being located in Nigeria, Africa, I'm not very knowledgeable about trusted sources therein.
Obviously "trusted" time sources are important, but at the end of the day you have to trust someone who ultimately has the least risk (there is never no risk) you are able to achieve. I appreciate "least level of risk" is subjective to your auditors opinion (in this case) :-) Just wanted to mention, having a good number of servers (not blindly trusting <= 3 unique sources) adds some additional protection against 'false-tickers'. Even "trusted" time-sources have their off-days due to a myriad of technical reasons. Configure multiple, relatively high stratum (taking into account how many stratum's you intend to serve downstream), low-jitter/rtt, good-quality, time-sources. Also, risk changes over time, so vigilant monitoring is important too! Regards, Chris.
Current thread:
- Re: Need trusted NTP Sources, (continued)
- Re: Need trusted NTP Sources Saku Ytti (Feb 09)
- Re: Need trusted NTP Sources Jay Ashworth (Feb 09)
- Re: Need trusted NTP Sources Saku Ytti (Feb 09)
- Re: Need trusted NTP Sources Lyle Giese (Feb 09)
- Re: Need trusted NTP Sources Jimmy Hess (Feb 09)
- Re: Need trusted NTP Sources Brett Frankenberger (Feb 09)
- Message not available
- Message not available
- Message not available
- Re: Need trusted NTP Sources Larry Sheldon (Feb 06)
- Message not available
- Message not available
- Re: Need trusted NTP Sources Larry Sheldon (Feb 06)
- Re: Need trusted NTP Sources Jay Ashworth (Feb 06)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Need trusted NTP Sources Larry Sheldon (Feb 06)
- Re: Need trusted NTP Sources Michael DeMan (Feb 06)
- Re: Need trusted NTP Sources Saku Ytti (Feb 06)
- RE: Need trusted NTP Sources Frank Bulk (Feb 06)
- Re: Need trusted NTP Sources Aled Morris (Feb 06)
- Re: Need trusted NTP Sources Notify Me (Feb 06)
- Re: Need trusted NTP Sources jamie rishaw (Feb 06)
- Re: Need trusted NTP Sources Jimmy Hess (Feb 06)
- RE: Need trusted NTP Sources Tony Hain (Feb 06)