Synchronize Time on Classic Devices with an NTP Server

Synchronizing the system time on your management center and all its managed devices is essential to successful operations. If your deployment includes the threat defense devices, see Configure NTP Time Synchronization for Threat Defense.

The device supports NTPv4.

Caution
Unintended consequences can occur when time is not synchronized between the management center and managed devices.

After you deploy, it may take a few minutes for managed devices to synchronize with the configured NTP servers.

Before you begin

Make sure the device can communicate with the NTP server or servers you plan to use. You can either:

  • (Recommended.) Use the same NTP servers as the management center: Synchronize Time on the Management Center with an NTP Server.

    Note that even if you configure secure communications between the management center and an NTP server (Use the authenticated NTP server only), device connections to that server do not use authentication.

    If you choose this option, the device gets its time directly from the configured NTP server. If the device's configured NTP servers are not reachable for any reason, it synchronizes its time with the management center.

  • If your device cannot reach an NTP server or your organization does not have one, you must use the Via NTP from Management Center option discussed in the following proecedure.

Procedure

Step 1

Choose Devices > Platform Settings and create or edit a Firepower policy.

Step 2

Click Time Synchronization.

Step 3

Specify how time is synchronized:

  • Via NTP from: If your Firepower Management Center is using NTP servers on the network, select this option and enter the fully-qualified DNS name (such as ntp.example.com), or IPv4 or IPv6 address, of the same NTP servers you specified in System > Configuration > Time Synchronization. If the NTP servers are not reachable, the Firepower Management Center acts as an NTP server.

  • Via NTP from Management Center: (Default). The managed device gets time from the NTP servers you configured for the Firepower Management Center (except for authenticated NTP servers) and synchronizes time with those servers directly. However, if any of the following are true, the managed device synchronizes time from the Firepower Management Center:

    • The Firepower Management Center’s NTP servers are not reachable by the device.

    • The Firepower Management Center has no unauthenticated servers.

Step 4

Click Save.

What to do next

Deploy configuration changes; see Deploy Configuration Changes.