Mitigating an NTP Distributed Denial of Service (DDoS) Attack

By Pritam Kandel, Applications Engineer

Network time service is not something many businesses think about as a key component of their critical infrastructures. In fact, it is often overlooked entirely, and in error. As a result, the network architect or engineer often defaults to an easy alternative: using a server or network switch as the source of the network clock and synchronizing these sources to Internet time servers using Network Time Protocol (NTP). This white paper discusses the risks of, and alternative solutions to, “NTP Over the Internet.”


Download The White Paper

About Pritam Kandel

Pritam Kandel is an Applications Engineer with over a decade of experience working in design, assessment and implementation of TCP/IP routing and switching infrastructure for network cores/backbones, datacenters, Internet edge and WAN. He is experienced with maintaining IT infrastructure, including Internet peering and ISP services, MPLS and carrier networks, and VoIP global infrastructure. He holds certifications in CCNP, CCNA, JNCIA, MPLS Deployment, Alcatel Lucent and NIX platforms. Pritam is a graduate of the Rochester Institute of Technology with an MBA in Technology Management and holds a Bachelor of Engineering in IT from Pokhara University.

The REST API: A Powerful Interface for Remote Control of PNT Devices

By Ron Dries, Applications Engineer

Monitoring and managing PNT devices that can be spread across the globe can be challenging. It is also necessary to ensure the devices are configured and running properly. In certain applications, there could also be the need to schedule a task or automate some functionality of a PNT device.

The built-in web GUI (Graphical User Interface) in Orolia products, such as the SecureSync and VersaSync, is designed to quickly and easily show status and provide configuration settings for users to manage their devices. It does, however, require the user to manually log in to the device and navigate to the desired web pages. This is not always practical and can be time consuming if multiple devices need to be monitored and managed at the same time.

But, by utilizing the built-in REST (Representational State Transfer) API, any functionality that can be done manually through the web GUI can also be scripted, allowing for machine-to-machine communication and control. The REST API utilizes JSON (JavaScript Object Notation) formatted data for sending commands and receiving status information from the devices.

One example of a task that can be simplified and automated using the REST API is downloading log and configuration bundles. The log and configuration bundles are important files to retrieve from a PNT device for troubleshooting issues or to determine how a PNT device has been running over time. Configuration bundles are also necessary to control the configuration of a PNT device, as well as to quickly configure multiple devices with the same configuration.

The REST API can simplify this task by automatically creating a script to go out to specified Orolia PNT devices and then saving the log and configuration bundles to a PC. This removes the need to manually log in to each device and download both files. Also, this process can be scheduled to download the configuration bundle periodically, which can be useful for controlling the configuration.

Monitoring applications, like Nagios, can utilize python scripts using the REST API to create custom queries to pull the exact information from the device that they are interested in monitoring. After this status information is retrieved, a quick health report of the device can be shown in the tool. The REST API makes integration into existing monitoring tools easier.

The REST API is a powerful interface that can allow for more advanced remote control of PNT devices, and it can be utilized in a variety of different applications.

About Ron Dries

Ron Dries is an Applications Engineer at Orolia specializing in Resilient PNT for Commercial and Defense. He holds a Bachelor of Science degree in Computer Engineering from Rochester Institute of Technology.