Synchronizing time across Security Center network components - Security Center 5.9 - 5.12

Time synchronization in Security Center
Applies to
Security Center 5.9 - 5.12
Last updated
2023-08-21
Content type
Best practices
Language
English
ContentOps
ContentSolution
Product
Security Center
Version
5.12
5.11
5.10
5.9

To synchronize the machines and devices of your system, you can use the embedded NTP synchronization in Windows, your domain controller, a third-party application, or perform a manual synchronization.

Before you begin

Make sure that UDP port 123 is open on all firewalls between you and the remote time servers you want to synchronize to.

What you should know

Embedded NTP synchronization in Windows is not always precise; there can be a difference of several seconds between machines in the network. Certain installations require a more precise synchronization. It is recommended that you install a full NTP client on your network from a third-party vendor and synchronize the rest of your systems to it with an SNTP client.

For information about setting up an external time server, see KB 816042 on the Microsoft Support website.

Procedure

To set up the Windows NTP:

  1. On the machine to be used as the Time Server, open a command prompt.
    1. Stop your time service by typing Net stop w32time [enter].
    2. Wait for the confirmation message that the service has stopped.
    3. Open the Windows Registry Editor.
    4. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters.
    5. Create or edit the following two registry keys:
      • NameLocalNTP (DWORD value): value=1.
      • ReliableTimeSource (DWORD value): value=1.
    6. Close the Windows Registry Editor.
    7. Start your time service by typing Net start w32time [enter].
    8. Close the command prompt.
  2. On the machine to be used as the SNTP clients:
    1. Open a command prompt and entire the following code: 
      Net stop w32time [enter].
w32tm /config /manualpeerlist:ntpserver /syncfromflags:MANUAL
Net start w32time [enter] 
w32tm /config /update 
w32tm /resync

      ntpserver is the IP address of the time server.

    2. Close the command prompt.
    By default, the time is synchronized once every 45 minutes until three good synchronizations occur, and then once every 8 hours (3 per day in total).

To use a third-party application like Net Time:

  1. Download the Net Time freeware.
  2. Unzip, install, and run the Net Time client application.
  3. On your Time Server, choose the Allow other computers to sync to this one option.
  4. On all the other machines, click Find to synchronize to the Time Server.
    NOTE: TCP protocol must be used.

To synchronize the time manually:

  1. Open the Windows clock on all machines.
  2. Manually synchronize the clocks at the same time.
    NOTE: We do not recommend synchronizing the time manually because it is a one-time sync. The times will eventually become out of sync.