Note: This is fixed in Maintenance Pack 1 for Symantec Security Information Manager (SSIM) v4.7

The time does not stay up to date on the SSIM 4.7 appliance, after setting up NTP Server Settings and applying them according the instructions in the manual. See page 285 of the Symantec™ Security Information Manager Administrator Guide Version 4.7 guide.

You have checked to make sure ntpd in running and can update the SSIM appliance by using the following commands:

# ps -ef | grep ntpd

Which returns and shows no ntp process running

# iptables -L |egrep 'ntp|123'

Which returns nothing so there is not an outbound rule in iptables for the ntpd port.

# chkconfig --list

Which returns:
ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off

The /opt/Symantec/simserver/logs/ntp.log files ends with the following lines that show iptables is blocking the ntp ports.:

Modifying the iptable rule set to allow the ntp ports through.
Continuing...
set-ntp.sh run at : Fri Feb 12 13:41:50 PST 2010
Shutting down ntpd: [ OK ]
Modifying the iptable rule set to block the ntp ports.
Port 123 exists in the /etc/sysconfig/iptables file. 

This issue has been reported and the current work around for this issue is:

1. Uncheck "NTP Disabled" checkbox on NTP status page.
2. Add NTP server on NTP Server Settings page.
3. Remove the default RedHat servers
4. Check "NTP Disabled" checkbox on NTP status page and apply the changes as you make them.

Note: Checking "NTP Disabled" checkbox as the last step at this time is very important as it will update your iptables and allow traffic on port 123 for the ntpd service to work.