Hello and welcome. My name is Tyler McMahon with Aruba, a Hewlett Packard enterprise company. And this is the network security basics course part two, Lab three, Task four. The final task in our third lab where we are hardening the ArubaOS on our mobility controller. The final step is to configure authenticated network time protocol in order to defend against those types of attacks. Quick lab, let's go ahead and jump in. [MUSIC] All right so as a final step in setting up the controller to be secure, what we're going to do is we're going to set the authenticated network time protocol, similarly to how we did this on the switches. We want to make sure that the time is properly to protect us from any kind of denial of service attacks that impact our clocks, and therefore would cause our certificates to fail. Right so, going to the mobility controller from a browser go down to configuration, we can go down to the actual controller itself, or do it at the folder level, under config Go to system and a system go to general. And if I scroll down, there's a clock option right here, and right now the clock is set to use NTP set to Pacific Standard time. So we're just going to change this over to Detroit, which is where the labs are currently being hosted for this example, and then we need to add in a network time clock here. So if I scroll up a little bit, here's our NTP servers at the plus Icon, we currently have no servers. So let's add in the server that we did exactly as we did on our switches earlier, we could do I burst just like we did on the switches, that's fine. And then put in a key number number one, for example, and hit the NTP authentication option here. When I do, it'll say okay, well, what keys do you want to use now? I indicated key one as my key ID, so I'm going to add a key one here as well, when I hit plus, it'll pop open a screen down below. So I had key number one, choose the algorithm that the server is requiring, and in our case the service set up for shot one, and a shared secret key of whatever the shared secret is, we'll make this trusted. At that point, we should be able to submit it, watch for any error messages here, NTP server updated. It is recommended to reboot the controller, and that is true. We don't need to reboot it right now, but you would want to make sure that you save your configuration and apply. There you go, and then if you want to kick a reboot, we can go and do that as well. And this is kind of the last step in this particular section of tasks or this lab. So to reboot, go to maintenance, and when I go to maintenance here, there's the reboot option. You just simply reboot, the default button here to save before you reboot is checked, which is fine. I've already deployed changes, but we hit okay, and you're good to go. Now this will bring down the AP, or the AP will fail over to a secondary controller in the meantime, but since we just have one controller one AP in this lab, everything kind of comes down, and then it's about 4 to 5 minutes before the controller will come back up, and everything is applied.
