• This topic has 1 reply, 2 voices, and was last updated October 6, 2022 by Konstantin S.

Multiple connection from ZVRA to external IP ntp

  • Alessia M
    August 29, 2022 10:46:32 AM

    Hello, we got security alerts about multiple connection from our ZVRA to an external IP service NTP Ukraine 91.236.251.180 (0.debian.pool.ntp.org.

    Is it normal? Is it your service or something malicious for our environment?

    Konstantin S
    October 6, 2022 02:32:48 PM

    Hello Alessia,

    This is Konstantin S. from Zerto support.

    VRAs are running Debian OS (the OS version and build depends on the ZVR version you’re currently utilizing). By default, they’re utilizing NTP servers provided by Debian.

    In case you’re concerned about the security of the IP address the VRA pulls the time data from, you can update the NTP server by following the KB article via the link below:
    https://help.zerto.com/kb/000004694

    In case you require more information regarding the security hardening kindly open a support case with us providing the network security scans along with the CVE codes you’re concerned about.

    Best regards.

The forum ‘Support Q & A’ is closed to new topics and replies.