The syslog feature in PTP 650 and PTP 700 creates an accurate record of configuration and status changes and important events. The syslog record can be really useful in tracking down faults, configuration errors or malicious attacks on the infrastructure. For further infomration, see Enable local syslog collection
It important to have accurate timestamps on the syslog entries so that you can correlate the syslog record with other evidence. However, PTP 650 and PTP 700 do not have a non-volatile real-time clock and the system clock has to be set on every reboot. Also, it would be a relatively easy step for an attacker with access to the ODU to reset a manually controlled system clock to distract attention away from the time that the intrusion took place.
A good solution is to set up an external Simple Network Time Protocol (SNTP) server so that the clock in the PTP 650/700 is synchronised automatically. Before you start, you will need the IP address of a suitable SNTP server in your management network.
The SNTP client in PTP 650/700 is enabled in the Time Configuration page like this:
Set SNTP State from Disabled to Enabled. The page expands. Enter the IP address of the SNTP server as the SNTP Server Internet Address attribute under SNTP Server 1. Click on the Submit Updated Configuration button. The page should look like this:
After a few seconds, refresh the web page. If the ODU has synchronised with the SNTP server, the SNTP Sync alarm should be green, as it is here:
See the PTP 650 Series User Guide for further details of configuring SNTP, including configuring a back-up server and configuring for time messages authenticated with an MD5 code.