Infrastructure Protection

Cyemptive Time Fortress (CTF)

Download
PDF

CTF is an Infrastructure Protection, on-premises solution or Cyemptive remote service providing the first truly secure time service for all servers and endpoints in a computing environment. We implement Network Time Protocol (NTP) in our trusted Defense-in-Depth (D-i-D) blueprint using our patented CyberSlice© and sensors to enable a completely secure mechanism keeping compute systems secured with extremely accurate time synchronization. Time synchronization is vitally important to keep certificate timing, authentication tokens, Active Directory (AD) / Lightweight Active Directory Protocol (LDAP), log, and Cyemptive sensor files in sync for normal operations, analysis, heuristics, and recording / playback of bad actor Tactics, Techniques, Procedures (TTP’s). It also provides administrators the ability to coordinate user and bad actor events against log entries and system events. This capability is required and in use by all computing environments, and keeping secure, accurate time is a must for any basic troubleshooting allowing Cyemptive’s unique ability to record our sensor data for tracing bad actors and malicious bots.

The Problems Solved

NTP is one of the oldest, core protocols providing time synchronization over packet-switched, variable-latency data networks. It has a light overhead and is at the heart of organizations’ server and endpoint timekeeping / synchronization. Network Time Security (NTS) and other standards have been introduced to secure the communication from dedicated stratum time servers to an organizations internal time server. Man-In-The-Middle (MITM) attacks and Gateway Hijacking has become prevalent in many core networks. This allows attacks to change the delay / time when requested by an organization’s time server. It also opens up some attack surfaces with potential Zero-Day attacks against the standard time synchronization ports and protocols. Administrators and specialized software rely on accurate time to correlate system events and data. When an organization is targeted for data of value, NTP becomes a service of opportunity for bad actors.