![]() The worst-case scenario for a single trusted time source is that the entire environment “fails together” but clients still have accurate time relative to each other, allowing your critical services to keep moving. Your clocks will slowly begin to drift until they eventually desynchronize, causing issues such as failed Kerberos authentication. Take an example where the external time source is no longer available. Figure 1 – Proper syncing from an external time source to a trusted internal source You may consider having all domain controllers (DCs) sync to an external time source independently rather than use a single trusted internal source, but this would cause additional overhead and problems such as clock drift that you may not realize until it becomes an issue. Following the trail of time syncing, we would expect time to sync from the trusted external source to the trusted local source to all other clients as seen in Figure 1. This internal time source in turn syncs against a trusted external time source. Generally, the best practice setup involves creating a trusted time source for internal clients to use as a reference to sync against. One-time password (OTP) two-factor authentication. ![]() Here are a few security-related items that rely on accurate time settings to work correctly: While making sure all your devices report the correct time is convenient in and of itself, ensuring proper time settings is paramount to security in ways you might not expect. NTP can be used to ensure that all synchronized computer clocks maintain the same time within a very small margin, usually measured in milliseconds. Network Time Protocol (NTP) is a long-standing standard for computers to synchronize time between systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |