IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
NTP
Network Time Protocol or NTP is a protocol that allows synchronizing local computer clocks with a reference time, via the information network.
From the very beginning, this protocol was designed to offer synchronization precision of less than a second. Compared to the Time Protocol service, which offers a time service without any infrastructure, the NTP project offers a global and universal synchronization solution that can be used worldwide.
“IPS” tab
| Version 3 |
By selecting this option, you will be enabling the intrusion prevention analysis for NTP version 3. |
| Version 4 | By selecting this option, you will be enabling the intrusion prevention analysis for NTP version 4. |
Maximum size of packets (bytes)
| Maximum size for NTP v3 | Enter the maximum size allowed for NTP v3 packets |
| Maximum size for NTP v4 | Enter the maximum size allowed for NTP v4 packets |
Support
| Disable intrusion prevention |
When this option is selected, the scan of the NTP protocol will be disabled and traffic will be authorized if the filter policy allows it |
Advanced properties
This list sets out the known NTP modes and operations (Asymmetric active/passive, Broadcast, Client / Server, etc.) for both versions of the protocol (v3 and v4).
The action (Analyze / Block) applied to each mode or action can be changed by double-clicking in the column corresponding to the version of the protocol.
NTP version 4 blacklist - Kiss of death packets
This list makes it possible to block additional NTP commands (DENY, RSTR, RATE, etc.) by specifying their names. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.