Re: NTP Question

[Mel Beckman <mel () beckman org>]

Harlan and Mehmet,

I can expand on one important reason that James only alluded to with his “Kepping the Auditors happy” comment.

Passing NTP through a firewall and then using that as a critical time reference source represents a huge security risk. 
Here’s one detailed explanation of that risk:

https://insights.sei.cmu.edu/sei_blog/2017/04/best-practices-for-ntp-services.html

 -mel

On May 1, 2019, at 3:48 PM, James R Cutler <james.cutler () consultant com<mailto:james.cutler () consultant com>> 
wrote:

On Wed, May 01, 2019 at 02:35:58PM -0700, Harlan Stenn wrote:
- Why do folks want to have one or more NTP server masters that have at
least 1 refclock on them in a data center, instead of having their data
center NTP server masters that only get time over the internet?

Answers to that include:

  *   Keeping the Auditors happy
  *   Knowing that “everyone does it” - the vendor told them so
  *   Bragging rights (expensive hardware)
  *   Being unbothered by fighting with facilities for building penetrations and antenna mounts
  *   Misunderstanding the beauty and economy Dave Mills marvelous algorithms for consistent time based on multiple 
sources, even those connected via internet
  *   Unwillingness or inability to leverage other local resources capacity to run ntpd with minimal impact in order to 
have a good constellation of local NTP servers
  *   Willingness to farm out time service without doing a deep dive into why and how, just leaving the design to the 
appliance vendors

This covers most of what I have encountered in providing enterprise time services for $dayjob+clients. I probably left 
out some significant points, but it has been a few years...