This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Maarten_Sjouw
Champion
Champion
‎2019-09-09 04:29 AM

NTP and version

Gents and Galls,

We are having an issue with time. For on of our customers we are forwarding logs to a SOC SIEM solution. From the guys running that platform we are getting complaints that we do not keep all gateways on the same time.

All gateways are running NTP, however as we support customers globally on Internet connections from many different suppliers, there is no single NTP server that we can use.

In these case we mostly use pool.ntp.org the only problem there is that Check Point forces you to enter a version. Why is this a problem? When you set the primary with lets say version 3 and a secondary with version 4. The primary will get a server from the pool, will it run V3? who knows? 

What we found is that most of the times when we add 2 NTP servers like pool.ntp.org and uk.pool.ntp.org it still fails to work properly.

So one of the primary questions would be: Why is Check Point forcing us to add a version?

Yes we could setup our own NTP server, however before I have that properly setup and running it takes me about a month.

Regards, Maarten
0 Kudos
5 Replies
Nik_Bloemers
Advisor
Advisor
‎2019-09-09 05:09 AM

Honestly I always select version 4. It's backwards compatible with version 3 which is from 1992, so you'd be hard pressed finding a timeserver using an older version than that.

0 Kudos
Martin_Valenta
Advisor
‎2019-09-09 10:23 AM

You can use ntp.checkpoint.com 😉
0 Kudos
Maarten_Sjouw
Champion
Champion
‎2019-09-09 02:39 PM
In response to Martin_Valenta

Ok so always use 4 and use ntp.checkpoint.com, is there also a secondary, or a ie ntp.cisco.com?
Regards, Maarten
Nik_Bloemers
Advisor
Advisor
‎2019-09-09 11:02 PM
In response to Maarten_Sjouw

ntp.checkpoint.com and ntp2.checkpoint.com 🙂 Though you can also sync to an internal AD, those function as time servers as well. Never a bad idea to have everything synced to the same source.
0 Kudos
ebeng
Explorer
‎2022-12-18 07:18 AM
In response to Martin_Valenta

thanks, this solved it for me!

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events