Top Panel
Top Panel
Top Panel


IOS: NTP secure configuration article

NTP is abbreviation for Network Time Protocol which is used for clock synchronization of various devices on the net. There are three typical implementations of NTP in network infrastructure: a) no implementation b) useful implementation c) vital implementation.

The first option is an indicator that network is in poor condition. It has no real owner or owner isn't a network professional, etc.

The second option is the most common case for serious corporate network. The owner cares about event logging (at least) and event correlation in different parts of network. Complex debugging, security incident investigation requires the "right time" to be set. But still network functioning in general or service availability isn't tied with NTP.

And we have the third option. Vital dependency is when your network can't function without reliable NTP infrastructure. If your devices have wrong time that means no service for end-user. That's bad, isn't it? :)

I can name at least four technologies which comes to mind when we talk about NTP vital dependency:



Just a brief news. Due to not-so-great Cisco business in my country I was made redundant along with some other colleagues. Geopolitics, you know.
But no hard feelings. Got some extra cash on a way to the exit and got back to my previous 'configuring' job. Currently have a rather interesting project with solar panels, batteries etc to build a couple of hundreds fully autonomous telco sites. And a lot of Splunk!, quite exciting.
Finally! :)

That's how most of my friends and co-workers reacted to the news that I have joined Cisco Systems as a Technical Solutions Architect. Working in Cisco seemed so logical - I suit Cisco, Cisco suits me - so why not then? And for the past several years I've been approached by Cisco's recruiting and I've approached them, but actually we've never clicked for different reasons. So it happened. Finally! :)

P.S. Still two months of probation period left. Keep fingers crossed. :)
P.P.S. I have a bunch of configs to add to the repository, so stay tuned.

About CCIEvault PDF Print E-mail
Written by Alexei Spirin   
Saturday, 05 January 2008 11:34

My name is Alexei Spirin aka asp13. I'm a network engineer, used to work in Cisco as a TSA and in cisco gold partner as a team lead of network security group. I have been working with cisco devices since 1999 and.. you know... I like it :) My "major" is a security technologies and products, but I have a good background in a backbone networks. I earned a CCIE Security in March 2006 with first attempt (yes, sometimes it happens :). I'm available at This e-mail address is being protected from spambots. You need JavaScript enabled to view it

Hey! I supposed to talk about what CCIEvault is and what it is for, so I just tell you the basic principles:

1) First of all, this site was made as a place where I can keep professional information. I just forget everything all the time, so let it be here

2) Keep things easy, the goal is quick learning/recalling (quick and I hope not so dirty :)

3) Third rule is to provide my personal experience along with basic information (so called best-practices)

4) And fourth, last but not least, provide the next step(s), for those who need more detailed info, links to guides, sources or manuals.

Last Updated on Wednesday, 11 November 2015 12:11