Customers frequently seek information and recommendations from Orolia about hardening security, including general guidelines about available network security features, jamming and spoofing deterrence, bug fixes, and networking-related issues.
Sometimes they’re in search of specific practices for time servers and clients. Sometimes, because SecureSync® is part of critical infrastructure, they may not fully understand all the issues related to timing, such as GNSS jamming/spoofing, NTP vulnerability or the various types of network attacks.
Generally speaking, the correct answers are specific to each networking infrastructure and each customer’s policies. However, there are some general guidelines to follow to harden security on your SecureSync®, and this document should help. It covers the following areas and explains how to use each to prevent cyberattacks:
- Authentication and authorization
- HTTPS and SSL
- SSH
- SCP
- SFTP with public/private support
This document also consolidates the recommendations from various product manuals into one handy location. They identify each security feature, shows default settings and offers recommendations about whether you should choose to enable it.
To make it easier, we’ve also provided links to the online manuals for each protocol — so configuration help is just a click away.
Don’t hesitate to call upon us for help with your timing applications, and be sure to ask us about other ways to harden your timing chain with Resilient PNT (positioning, navigation and timing) solutions that provide signal protection in the event of an outage, interference/detection/mitigation, and GNSS simulation to identify issues before they affect your critical infrastructure.
