Time synchronization can be a headache for many network administrators attempting to synchronize a network for the first time. There are many pitfalls that an unaware network administrator can fall into when attempting to get every machine on a network to synchronize to the same time.

The first problem many network administrators make is the selection of the time source. UTC (Coordinated Universal Time) is a global timescale and is used throughout the world as a basis for time synchronization as it doesn’t rely on time zones enabling the global community to base itself on one timescale.

UTC is also controlled by a constellation of atomic clocks which ensures its accuracy; however, it is regularly adjusted to ensure that it matches mean solar time by the addition of leap seconds which are added to counter the natural slowing of the Earth’s rotation.

UTC is readily available as a time reference from a number of sources. The Internet is a popular location to receive a UTC time source. However, an Internet time source is located through the network firewall and security issues can arise from having to leave the UDP port open to receive the time requests.

Internet time sources can also be inaccurate and as NTP’s own security system known as NTP authentication cannot work across the Internet further security issues can arise.

A far better solution for getting a source of UTC is to use either the Global Positioning System (GPS) or the long wave radio transmissions broadcast by several national physics laboratories such as NIST in the USA and the UK’s NPL.

Dedicated NTP time servers can receive these secure and authenticated signals and then distribute them amongst all devices on a network.

A network time server or NTP server (Network Time Protocol), is a central computer or server on a network that controls the time and synchronises all machines on that network to it.

Windows XP can be set up to operate as an NTP server to synchronise the rest of the computers and devices on a network. Setting up a Windows XP machine to act as a NTP server involves editing the registry, however, editing an operating system registry can lead to potential problems and should only be conducted by somebody with experience of registry editing.

To configure Windows XP as an NTP server the first thing to do is to open the registry editor in Windows. This is done by clicking the Start button and selecting “Run” from the menu. Enter “regedit” in the run menu and press return. This should open the Windows registry editor.

Select the: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\ folder in the left hand pane. This folder holds the values for the NTP server.

Right-click the “Enabled” key in the right window pane and select “Properties”. This should open a dialog box where you can alter the value of the registry key. Enter “1″ in the window, setting the value to “True” which turns the XP computer into a time server.

Close the registry and open the DOS command prompt by clicking the Windows Start button, selecting “Run”. Then type “cmd” in the text box and press return.

Type “Net stop w32time” into the command prompt and press “Enter.” Now type “net start w32time” this will restart the time server for Windows XP.

However, the XP machine, which is now set as a NTP server, will merely distribute the time it currently holds. If this time is inaccurate then it will inaccurate time that is distributed amongst the network.

To ensure an accurate and secure source of time is used then a dedicated NTP time server that receives the time from an atomic clock source should be used.

Time synchronization is crucial for many modern applications. Whilst computer networks all have to be running in perfect time to prevent errors and ensure security other systems require time synchronization for legal reasons.

Average speed cameras, traffic light cameras, CCTV, parking meters and alarm systems to name but a few, all require accurate time synchronization not just to ensure the correct operation of the systems but also to provide an auditable and legal trail for use in prosecutions.

Failure to do so can lead to the system being completely useless as any legal case based around the technology would need to be provable.

For instance, a CCTV network that is not synchronized would not be admissible in court, a defendant could easily claim that an image of them on a camera could not be them as they were not in the vicinity at the time and unless the camera system can be audited and proved to be accurate then reasonable doubt would see any case against the suspect dropped.

For this reason, systems like those mentioned above require complete auditable time synchronisation that can be proven beyond reasonable doubt in a court system.

An auditable system of time synchronization is only possible by using a dedicated NTP time server (Network Time Protocol). NTP servers not only provide an accurate method of synchronization being accurate to a few milliseconds they also provide a full audit trail that can’t be disputed.

NTP server systems use the GPS network or specialist radio transmissions to receive the atomic clock time which is so accurate the chance of it being even a second out from UTC time (Universal Coordinated Time) is over 3 billion to one which is even greater than the accuracy of other legal evidences such as DNA.

Keeping computers synchronized on a network is vitally important, especially if the network in question deals with time sensitive transactions. And failing to keep a network synchronized can cause havoc leading to errors, vulnerabilities and endless problems with debugging.

However with the amount of online time servers available from reputable places such as NIST or Microsoft it is often queried as to why computer networks need to be synchronised to an external NTP time server.

These dedicated NTP devices are often seen as an unnecessary expense and many network administrators simply forgo them and connect to an online time server, after-all, it does the same job doesn’t it?

Actually there are two major reasons why NTP time servers are not only important but essential for most computer networks and to overlook them could be costly in many ways.

Let me explain. The first reason why an external NTP server is important is accuracy. It’s not that internet time sources are generally inaccurate (although many are) but there is the question of distance the time reference has to travel. Furthermore, in times when the connection is lost -whether it’s because of a local connection fault or the time server itself goes down – the network will start to drift until the connection is restored.

Secondly and perhaps most important is the security issues involved in using an Internet time source. The main problem is that if your connection to a time server through the then a open port (UDP 123 fro NTP requests) has to be left open, And as with any open port that can used as a gateway for malicious software and users.

The reason dedicated NTP time servers are essential for computer networks is that they work completely independently and external to the network’s firewall. Instead of accessing a time source across the Internet they use either GPS or radio transmissions to get the time. And in doing so they can provide accurate time all the time without fear of losing a connection or allowing a nasty Trojan through the firewall.

Ensuring a computer network is time synchronized is vital in modern computer networks. Synchronization, not just between different machines on a network, but also each computer network that communicates with other networks needs to be synchronized with them too.

UTC (Coordinated Universal Time) is a global timescale that allows networks on other sides of the globe to be synchronized together. Synchronizing a network to UTC is relatively straightforward thanks to NTP (Network Time Protocol) the software protocol designed for this very purpose.

Most operating systems, including the latest Microsoft incarnation Windows 7, have a version of NTP (often in a simplified form known as SNTP), that allows a single time source to be used to synchronize every computer and device on a network.

Selecting a source for this time reference is the only real difficulty in synchronizing a network. There are three main locations where UTC time can accurately be received from:

Internet Time

There are many sources of internet time and the latest version of Windows (Windows 7) automatically synchronizes to Microsoft’s time server time.windows.com, so if Internet time is adequate Windows 7 users need not alter their settings. However, for computer networks where security is an issue then internet time sources can leave a system vulnerable as the time has to be received through the firewall forcing a UDP port to be left open. This can be utilised by malicious users. Furthermore, there is no authentication with an internet time source so the timecode could be hijacked before it arrives at your network.

GPS Time

Available literally everywhere on the globe, GPS provides a 24-hour, 365 days-a-year source of UTC time. Delivered externally to the firewall via the GPS satellite signal, time synchronization with GPS is accurate and secure.

Radio Transmissions

Usually broadcast by national physics laboratories such as NIST in the US and the UK’s NPL, the time signals are received via longwave and are also external to the firewall so are secure and accurate.

A dedicated NTP time server can receive both radio and GPS time signal guaranteeing accuracy and security.

Windows 7 is the very latest operating system from Microsoft. Replacing the rather disappointing Windows Vista, Windows 7 promises to correct the flaws that made its predecessor so unpopular.

One of the changes Windows 7 makes is that it automatically synchronizes the time using the Windows Time service located at windows.time.com. Whilst this is an accurate stratum 2 time server, managed by Microsoft, it can be changed for another source of Internet time. However, even Microsoft recommend that Internet time sources should not used for computer networks as they can’t be authenticated by the time protocol NTP (Network Time protocol). Furthermore, an internet time source needs a port left open in the firewall for the time signals to make it through. Any open port in a firewall can be used by a malicious user to gain access to the network.

For a secure, authenticated and accurate method of synchronizing a Windows 7 network, then it is wise to use a dedicated network time server. Most of these time servers use the protocol NTP (Network Time Protocol) which can easily distribute a single time server throughout a network of hundreds and even thousands of machines.

Time servers plug directly into the router/switch for the network or can be installed on a single machine. Rather than rely on the Internet for a source of time and risk leaving the firewalls UDP port open, dedicated NTP time servers use either the GPS signals or long wave radio broadcasts transmitted from national physics laboratories such as the MSF signal broadcast by the UK’s NPL and the USA WWVB signal broadcast by NIST.

As these signals are external to the firewall and are able to be authenticated by NTP to establish the authority of the signals and are a more accurate and secure method of synchronizing a Windows 7 network.

Keeping your network synchronized with the correct time is crucial for modern networking. Because of the value of timestamps in communciating globally and across multi-networks, it is imperative that every machine is running a source of UTC (Coordinated Universal Time).

UTC was developed to allow the entire global community to use the same time no matter where they are on the globe as UTC doesn’t use time-zones so it allows accurate communication regardless of location.

However, finding a source of UTC is often where some network administrators fall down when they are attempting to synchronize a network. There are many areas that a source of UTC can be received from but very few that will provide both accurate and secure reference to the time.

The internet is full of purported sources of UTC, however, many of them offer no where near their acclaimed accuracy. Furthermore, resorting to the internet can lead to security vulnerabilities.

Internet time sources are external to the firewall and therefore a hole has to be left open which can be taken advantage of by malicious users. Furthermore, NTP, the protocol used to distribute and receive time sources, cannot instigate its authentication security measure across the internet so it is not possible to ensure the time is coming from where it is supposed to.

External sources of UTC time are far more secure. There are two methods used by most administrators. Long wave radio signals as broadcast by national physics laboratories and the GPS signal which is available everywhere on the globe.

The external sources of UTC ensure your NTP network is receiving not just an accurate source of UTC but also a secure one.

What is a time server?

A time server is a device that receives and distributes a single time source across a computer network for the purposes of time synchronization. These devices are often referred to as a NTP server, NTP time server, network time server or dedicated time server.

And NTP?

NTP – Network Time Protocol is a set of software instructions designed to transfer and synchronize time across LANs (Local Area Network) or WANS (Wider Area Network). NTP is one of the oldest known protocols in use today and is by far the most commonly used time synchronization application.

What timescale should I use?

Coordinated Universal Time (UTC) is a global timescale based on the time told by atomic clocks. UTC doesn’t take into account time zones and is therefore ideal for network applications as in principle by synchronizing a network to UTC you are in effect synchronizing it to every other network that utilises UTC.

Where does a time server receive the time from?

A time server can utilise the time from anywhere such as a wrist watch or wall clock. However, any sensible network administrator would opt to use a source of UTC time to ensure the network is as accurate as possible. UTC is available from several ready sources. The most used is perhaps the internet. There are many ‘time servers’ on the internet that distribute UTC time. Unfortunately, many are not at all accurate an in using an internet time source you could be leaving the network vulnerable as malicious users can take advantage of the open port in the firewall where the timing information flows.

It is far better to use a dedicated NTP time server that receives the UTC time signal external to the network and firewall. The best methods for doing this is to either use the GPS signals transmitted from space or the national time and frequency transmissions broadcast by several countries in long wave.

Network Time Protocol is by far the most widely used application for synchronizing computer time across local area networks and wider areas networks (LANs and WANs). The principles behind NTP are fairly simple. It checks the time on a system clock and compares it with an authoritative, single source of time, making corrections to the devices to ensure they are all synchronized to the time source.

Selecting the time source to use is perhaps the fundamentally most important thing in setting up a NTP network. Most network administrators opt, quite rightly to use a source of UTC time (Coordinated Universal Time). This is a global timescale and means that a computer network synchronized to UTC is not only using the same timescale as every other UTC synchronized network but also there is no need to worry about different time zones around the globe.

NTP uses different layers, known as strata, to determine the closeness and therefore accuracy, to a time source. As UTC is governed by atomic clocks, any atomic clock giving out a time signal is referred to as stratum 0 and any device that receives the time directly from an atomic clock is stratum 1. Stratum 2 devices are devices that receive the time from stratum 1 and so on. NTP supports over 16 different stratum levels although accuracy and reliable decrease with each stratum layer further away you get.

Man network administrators opt to use an internet source of UTC time. Apart from the security risks of using a time source from the internet and allowing it access through your firewall. Internet time servers are also stratum 2 devices in that they are normally servers that receive the time from single stratum 1 device.

A dedicated NTP time server on the other had are stratum 1 devices in themselves. They receive the time directly from atomic clocks, either via GPS or long wave radio transmissions. This makes them far more secure than internet providers as the time source is external to the network (and firewall) but also it makes them more accurate.

With a stratum 1 time server a network can be synchronized to within a few milliseconds of UTC without risk of compromising your security.

Most Windows operating systems have an integrated time synchronisation service, installed by default that can synchronise the machine or indeed a network. However, for security reasons, it is highly recommended by Microsoft, amongst others, that an external time source is used.

NTP time servers securely and accurately receive the UTC time signal from the GPS network or the WWVB radio transmissions (or European alternatives).  NTP time servers can synchronize a single Windows machine or an entire network to within fractions of a second of the correct UTC time (Coordinated Universal Time).

A NTP time server provides precise timing information 24 hours-a-day, 365 days-a-year anywhere on the entire globe. A dedicated NTP time server is the only secure, safe and reliable method of synchronizing a computer network to UTC (Coordinated Universal Time). External to the firewall, an NTP time server does not leave a computer system vulnerable to malicious attacks unlike Internet timing sources via the TCP-IP port.

A NTP time server is not only secure, it receives a UTC time signal direct from atomic clocks unlike Internet timing sources which are really time servers themselves. NTP servers and other time synchronization tools can synchronize entire networks, single PCs, routers and a whole host of other devices. Using either GPS or the North American WWVB signal, a dedicated NTP time server from will ensure all your devices are running to within a fraction of UTC time.

A NTP time server will:

•    Increase network security
•    Prevent data loss
•    Enable logging and tracking of errors or security breaches
•    Reduce confusion in shared files
•    Prevent errors in billing systems and time sensitive transactions
•    Can be used to provide incontestable evidence in legal and financial disputes