HostedDB - Dedicated UNIX Servers
index_112
Router Security Configuration Guide UNCLASSIFIED 112 UNCLASSIFIED Version 1.0g It is possible to perform manual network time synchronization, adjusting the time on each router and host on a network manually on a regular basis.  Manual time synchronization is tedious, error prone, and unreliable.  Cisco routers fully support automated network time synchronization based on the standard Network Time Protocol (NTP). The sub-sections below give some background information on NTP, and explain how to configure it on Cisco routers. Setting the Time Manually To set the time, follow these three steps: first, check the clock, second, set the timezone if necessary, and last set the time.  Examine the clock using the show clock detail command.  If the timezone is not correct, then set the time zone using the clock timezone configuration command.  If the detail output reports a time source of NTP, then do not set the clock manually, see the descriptions of NTP below.  Otherwise, set the time in privileged EXEC mode by using the clock set command, and turn off NTP on each interface using ntp disable. Central# Central# show clock detail 22:26:21.747 UTC Tue Mar 28 2000 Time source is user configuration Central# config t Enter configuration commands, one per line.  End with CNTL/Z. Central(config)# clock timezone EST -5 Central(config)# interface eth 0/0 Central(config-if)# ntp disable Central(config-if)# end Central# clock set 17:27:30 28 March 2000 Central# show clock 17:27:34.495 EST Tue Mar 28 2000 Review of NTP  Concepts NTP is the standard Internet protocol for time synchronization, and it is used on most large operational networks.  Typical NTP deployment is hierarchical, as shown at right: one or more ‘stratum 1’ servers get their time from an authoritative source, like an atomic clock.  Stratum 2 hosts get their time from stratum 1 servers, and so on.  NTP is designed to make time synchronization automatic and efficient.  Because having accurate time can be important for  security, especially for intrusion and forensic analysis, NTP should be used whenever it is available. Atomic Clock Stratum 1 Stratum 2 Stratum 3 Stratum 4