Archive for July, 2010

Using Windows 7 and Reasons Your Network Still Needs an NTP Server

Thursday, July 29th, 2010

Time synchronisation becomes more and more relevant as we become more dependent on the internet. With so many time sensitive transactions conducted across the globe, from banking and commerce to sending emails, the correct and accurate time is vital in preventing errors and ensuring security.

Increasingly, more and more people are relying on sources of internet time especially with many of the modern flavours of Microsoft’s Windows such as Windows 7 having NTP and time synchronisation abilities already installed.

Windows 7 and Time Synchronisation

Windows 7 will, straight out of the box, attempt to find a source of internet time; however, for a networked machine this does not necessarily mean the computer will be synchronised accurately or securely.

Internet time sources can be wholly unreliable and unsecure for a modern computer network. Internet time has to come through the firewall and as a gap is left for these time codes to come through, malicious software can take advantage of this firewall hole too.

Not only can the accuracy of these devices vary depending on the distance away your network is but also an internet time source very rarely comes direct from an atomic clock.

In fact, most internet time sources are known as stratum 2 devices. This means they connect to another device – a stratum 1 device – namely a NTP time server which gets the time directly from the clock and transmits it to the stratum 2 device.

Stratum 1 NTP time servers

For true accuracy and security, there is no replacement for your network’s own stratum 1 NTP server. Not only are these devices secure, receiving a time source externally to the firewall (often using GPS) but also they receive these signals direct from atomic clocks (The GPS satellite that transmits this signal has an onboard atomic clock that generates the time.

Using Internet Time for Computer Synchronization

Tuesday, July 20th, 2010

Ensuring your network is synchronized is a vital part of modern computing. Failure to do so, and having different machines telling different times is a recipe for disaster and can cause untold problems, not to mention making it almost impossible to debug or log errors.

And it is not just your own network you need to synchronize to either. With so many networks talking to each other, it is important that all networks synchronize to the same time-scale.

UTC (Coordinated Universal Time) is just such a global timescale. It is controlled by an international constellation of atomic clocks and enables computers all over the world to talk to each other in perfect synchronicity.

But how do you sync to UTC?

The internet is awash with sources of internet time. Most modern operating systems, especially in the Windows flavour, are set up to do this automatically (just by clicking the time/date tab on the clock menu). The computer will then regularly check the time server (usually at Microsoft or NIST, although others can be used) and adjust the computer to ensure its time matches.

Most internet time servers are known as stratum 2 devices. This means they take the time from another device but where does that get the time from?

NTP time servers

The answer is that somewhere on the stratum tree there will be a stratum 1 device. This will be a time server that receives the time direct from an atomic clock source. Often this is by GPS but there are radio referenced alternatives in several countries. These stratum 1 NTP (Network Time Protocol) time servers then provide the stratum 2 devices with the correct time – and its these devices we get our internet time from.

Drawbacks to Internet time

There are several drawbacks to relying on the Internet for time synchronisation. Accuracy is one consideration. Normally, a stratum 2 device will provide ample enough precision for most networks; however, for some users who require high levels of accuracy or deal in a lot of time sensitive transactions a stratum 2 time server may not be accurate enough.

Another problem with internet time servers is that they require an open port in the firewall. Keeping the NTP access on UDP port 123 open all the time could lead to security issues, especially as internet time sources can’t be authenticated or guaranteed.

Using a Stratum 1 NTP Time server

Stratum 1 NTP time servers are easily installed on most networks. Not only will they provide a higher accurate source of time but as they receive the time externally (from GPS or radio) they are highly secure and can’t be hijacked by malicious users or viral software.

MSF Downtime No Signal 26th and 27th July

Wednesday, July 14th, 2010

The UK’s time and frequency signal MSF, provided by the National Physical Laboratory out of Cumbria, will be down for essential maintenance on 26 and 27 July.

The unplanned downtime is to allow essential maintenance to be carried out in safety. The MSF transmitter will stop broadcasting the MSF signal on 26 and 27 July between 08.00 and 20.00 (BST – 07:00 GMT/UTC) although it is possible the maintenance may be finished ahead of schedule in which case the signal will be turned on earlier.

Future maintenance is scheduled for the following times when the signal will also be turned off:

• 9 September 2010 from 10:00 BST to 14:00 BST
• 9 December 2010 from 10:00 UTC to 14:00 UTC
• 10 March 2011 from 10:00 UTC to 14:00 UTC

Problems for Time Synchronisation

Generally, most NTP time servers should be able to maintain a stable time during these brief outages and users of MSF time synchronisation devices should not experience any difficulties with the lack of MSF signal.

However, those users who require high levels of accuracy and reliability and find the MSF outages affect them should perhaps look to a GPS NTP server.

GPS time servers receive their time signals from the GPS network which is available 24 hours a day, 365 days a year and never experiences any outages.

MSF Downtime – No Signal 26/27 July

NTP Servers versus Internet Time What is the best method for Accurate Time?

Saturday, July 10th, 2010

Accurate and reliable time is highly important and as networks and the internet gets faster and faster – accuracy becomes even more essential.

Computers internal clock systems are nowhere near accurate enough for many networked tasks. As simple quartz chronometers they will drift, by as a much as a second which perhaps wouldn’t be a problem if it wasn’t for the fact that all the clocks on the network may drift at different rates.

And as the world becomes more global, ensuring computer networks can talk to each other is also important meaning that synchronisation to the global timescale UTC (Coordinated Universal Time) is now a prerequisite for most networks.

Methods of Synchronisation

There are currently, only two methods for getting truly accurate and reliable time:

  • Use of an internet based time server from places like NIST (National Institute of Standards and Time) or Microsoft.
  • Use of a dedicated NTP time server – that receives external time sources such as from GPS

There are advantages and disadvantages to both types of sources – but which method is best?

Internet Time

Internet time has one great advantage – it is often free. However there are disadvantages to using an internet tie source. The first is distance. Distance across the internet can have a dramatic effect and as the internet gets quicker the distance has an even bigger effect meaning that accuracy become more tenuous.

Another disadvantage of internet time is the lack of authentication and the security risk it poses. Authentication is what the time protocol NTP (Network Time Protocol) uses to establish the true identity of a time source.

Furthermore, an internet time source can only be accessed through a network firewall so a UDP port has to be kept open providing a possible entrance for software nasties or malicious users.

NTP Time Server

NTP time servers on the other hand are dedicated devices. They retrieve a source of UTC externally to the firewall from either GPS or a long wave radio transmission. These come direct from atomic clocks (in the cased of GPS the atomic clock is onboard the satellite) and so can’t be hijacked by malicious users or viruses.

NTP servers are also far more accurate and are not impinged by distance meaning that a network can have millisecond accuracy all the time.

Time to get accurate Atomic clock time servers for computer networks

Tuesday, July 6th, 2010

Accurate and precise time is increasingly becoming a necessity for computer systems. From corporate networks to public service technologies such as ATMs, traffic lights or CCTV cameras – precise time is what keeps them ticking.

Inaccurate or unsynchronised time is the root cause for many technology breakdowns and failures.  For instance, failing to synchronize a traffic lights system can lead to all sorts of confusion of the lights change at the wrong time – and the consequences for systems belonging to industries such as air traffic control could be even worse.

And even a standard computer network such as those used in most offices requires accurate synchronisation to prevent errors, enable debugging and to ensure the system is secure.

Most system administrators are now aware of the importance of accurate and precise time synchronisation but getting a source of accurate time is often where many people make mistakes.

Many network administrators are aware of the time protocol NTP (Network Time Protocol) which is used to ensure accurate synchronisation between computers.

However, many administrators make the mistake of using a source of time from across the internet to distribute with NTP – a common pitfall that can have disastrous consequences.

The internet is not the best source of tine. While it is true, many online NTP servers are available as a source of atomic time or UTC (Coordinated Universal Time) but are they accurate. The truth is it is almost impossible to know. Internet time sources can be affected by the distance of the client (the network) from the time source – it also can’t be authenticated by NTP.

Even more important, internet time sources operate through the firewall which can allow the time signal to be hijacked by malicious programs.

The only secure and accurate method of synchronising a computer network or other technology system is to use an NTP server. These devices receive an external atomic clock time signal often by GPS or even by radio transmissions.

These signals are come direct from atomic clocks so are highly accurate they also can’t be hijacked as they are not connected to the internet.