Login
- Table of Contents
-
- 07-System
- 01-Track
- 02-BFD
- 03-NQA
- 04-Basic log settings
- 05-Email server
- 06-Session log settings
- 07-Sandbox log settings
- 08-Threat log settings
- 09-Application audit log settings
- 10-NetShare log settings
- 11-URL filtering log settings
- 12-Attack defense log settings
- 13-Reputation log settings
- 14-Bandwidth alarm logs
- 15-Configuration log settings
- 16-Security policy log
- 17-Terminal identification logging
- 18-Heartbeat log settings
- 19-WAF log settings
- 20-Bandwidth management logs
- 21-Report settings
- 22-Session settings
- 23-Signature upgrade
- 24-Software upgrade
- 25-License management
- 26-Administrators
- 27-Date and time
- 28-SNMP
- 29-Configuration management
- 30-Reboot
- 31-About
- 32-Ping
- 33-Tracert
- 34-Packet capture
- 35-Webpage Diagnosis
- 36-Diagnostic Info
- 37-Packet trace
- 38-Fast Internet Access
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 27-Date and time | 33.91 KB |
Date and time
This help contains the following topics:
¡ Date and time obtaining methods
¡ NTP/SNTP
¡ NTP and SNTP clock source authentication
Introduction
Date and time obtaining methods
Correct system time is essential to network management and communication. Configure the system time correctly before you run the device on the network.
The device can use one of the following methods to obtain the system time:
· Manual configuration—Uses the locally set system time, whether or not the time zone or daylight saving time has been configured. Then, the device uses the clock signals generated by its built-in crystal oscillator to maintain the system time.
· Automatic synchronization—Periodically obtains the UTC time by using a time protocol, and uses the UTC time, time zone, and daylight saving time to calculate the system time. The system time calculated by using the UTC time from a time source is more precise.
If you configure or change the time zone or daylight saving time after the device obtains the system time, the device recalculates the system time.
Make sure each network device uses the time zone of the place where the device resides.
Set the daylight saving time for devices that reside in a region that uses daylight saving time. Typically, the system time is one hour ahead of the standard time during the daylight saving time. If the system time page is open when the daylight saving time starts, refresh the page to display the adjusted time.
NTP/SNTP
NTP is used to synchronize system clocks among distributed time servers and clients on a network.
SNTP is a simplified, client-only version of NTP. It uses the same packet format and packet exchange procedure as NTP, but provides faster synchronization at the price of time accuracy.
NTP/SNTP clock source association modes
NTP supports the client/server mode and symmetric active/passive mode (peer mode). As shown in Table 1, the device can operate only as a client in client/server mode or a symmetric active peer in peer mode.
SNTP supports only the client/server mode. An SNTP-enabled device can receive time from NTP servers, but cannot provide time services to other devices.
|
Mode |
Working process |
Principle |
Application scenario |
|
Client/server |
On the client, specify the IP address of the NTP server. A client sends a clock synchronization message to the NTP servers. Upon receiving the message, the servers automatically operate in server mode and send a reply. If the client can be synchronized to multiple time servers, it selects an optimal clock and synchronizes its local clock to the optimal reference source after receiving the replies from the servers. |
A client can synchronize to a server, but a server cannot synchronize to a client. |
This mode is intended for configurations where devices of a higher stratum synchronize to devices with a lower stratum. |
|
Symmetric active/passive |
On the symmetric active peer, specify the IP address of the symmetric passive peer. A symmetric active peer periodically sends clock synchronization messages to a symmetric passive peer. The symmetric passive peer automatically operates in symmetric passive mode and sends a reply. If the symmetric active peer can be synchronized to multiple time servers, it selects an optimal clock and synchronizes its local clock to the optimal reference source after receiving the replies from the servers. |
A symmetric active peer and a symmetric passive peer can be synchronized to each other. If both of them are synchronized, the peer with a higher stratum is synchronized to the peer with a lower stratum. |
This mode is most often used between servers with the same stratum to operate as a backup for one another. If a server fails to communicate with all the servers of a lower stratum, the server can still synchronize to the servers of the same stratum. |
NTP and SNTP clock source authentication
Use this feature to authenticate NTP messages for security purposes. If an NTP message passes authentication, the device resolves the message to obtain time synchronization information. If not, the device discards the message. This function makes sure the device does not synchronize to an unauthorized time server.
Restrictions and guidelines
· To ensure a successful NTP authentication in client/server mode, enable NTP authentication and configure the same authentication key ID and key on the server and client.
· To ensure a successful NTP authentication in symmetric active/passive mode, enable NTP authentication and configure the same authentication key ID and key on the active peer and passive peer.
