Category: advanced NTP

The Hidden Cost of Free Time

  |   By

If you are reading this then you are probably aware of the importance time plays in IT systems and computer networks. Most computer administrators appreciate that precise time and accurate synchronisation are an important aspect of keeping a computer network error free and secure.

And yet, despite its importance many network administrators still rely on the Internet as a source of UTC time for their networks (UTC – Coordinated Universal Time), primarily because they see it as a quick and more importantly a free method of time synchronisation.

However, the drawbacks in using these free services may cost a lot more than the money saved on a dedicated NTP time server.

NTP (Network Time Protocol) is now present on nearly all computers and it is NTP that is used to synchronise computer systems. However, if an Internet time source is used then the source is outside the network firewall and this creates a serious vulnerability. Any external time source will require a port to be left open in the firewall to allow the time information packets through and this opening is too easy a way to exploit a network which can become victim to a DDOS attack (Distributed Denial of Service) or even allow malicious programmes through to take control of the machines themselves.

Another problem is the availability of stratum 1 time sources across the internet. Most online time sources come from stratum 2 time servers. These are devices that receive the time from a time server (stratum 1) that originally gets the information from an atomic clock (stratum 0).  While stratum 2 devices can be just as accurate as stratum 1 time servers, across the internet without NTP authentication the actual accuracy can not be guaranteed.

Furthermore, internet time sources have never been considered accurate or precise with surveys showing over half being inaccurate by over a second and the rest dependent on the distance from client as to whether they can provide any useful accuracy. Even organisations such as NIST publish  advisory notices on their time server pages about it unable to guarantee security or accuracy and yet millions of networks are still receiving time from across the internet.

With the decline in cost of dedicated radio referenced NTP time servers or GPS NTP server there has never been a better time to get one. And when you consider the cost of a computer breach or crashed network the NTP server will have paid for itself many times over.

Network Time Server Dual Signals

  |   By

A network time server (commonly referred to as the NTP time server after the protocol used in synchronisation – Network Time Protocol) is a device that receives a single time signal and distributes it to all devices on a network.

Network time servers are preferred as a synchronisation tool rather than the much simpler internet time servers because they are far more secure. Using the internet as a basis for time information would mean using a source outside the firewall which could allow malicious users to take advantage.

Network time servers on the other hand work inside the firewall by receiving source of UTC time (Coordinated Universal Time) from either the GPS network or specialist radio transmissions broadcast from national physics laboratories.

Both of these signals are incredibly accurate and secure with both methods providing millisecond accuracy to UTC. However, there are downsides to both systems. The radio signals broadcast by nation time and frequency laboratories are susceptible to interference and locality, while the GPS signal, although available literally everywhere on the globe can occasional be lost too (often due to bad weather interfering with the line-of-sight GPS signals.

For computer networks where high levels of accuracy are imperative, dual systems are often incorporated. These network time servers receive the time signal from both the GPS network and the radio transmissions and select an average for even more accuracy.  However, the real advantage of using a dual system is that if one signal fails, for what ever the reason, the network will not have to rely on the inaccurate system clocks as the other method of receiving UTC time should still be operational.

Step by Step Installing A Dedicated NTP Time Server

  |   By

A time server is a crucial piece of kit for any network. Time synchronisation is imperative in keeping a network secure and reliable. Time synchronisation, however, need not be the headache many administrators assume it is going to be.

Most of the difficulties of time synchronisation have been taken care of thanks to the protocol NTP (Network Time Protocol). Whilst NTP is not the only time synchronisation software available it is by far the most widely used (due mainly to the fact that it has been around since the 1980’s and is still being developed today).

NTP uses a single time source and distributes it from machine-to-machine checking each PC or device for drift then adjusting for it. NTP is normally installed on Windows and Linux systems (or at least a simplified version called SNTP) although it is freely downloadable from the NTP homepage. While NTP can quite easily receive any time source from the Internet this can cause major security issues no to mention a lack of accuracy that many online NTP servers suffer from.

The most accurate and secure method is to use an external network time server as these sit within the firewall. They also receive a UTC (Coordinated Universal Time) reference direct from an atomic clock which makes them stratum 1 devices. Most internet time servers are stratum 2 servers. NTP uses strata to define how far away a server is from the source so an atomic clock is a stratum 0 device while a computer that receives time direct from a NTP server becomes a stratum 2 device and so on.

The only decision that really needs to be made when installing a dedicated NTP time server is which time reference is best. There are two main methods of receiving a secure, accurate and authenticated UTC time reference; the GPS network (Global Positioning System) or national physics laboratories long wave radio transmissions.

The latter system is not available in every country although the USA, UK and Germany have strong signals known as WWVB, MSF and DCF respectively. These can often be picked up outside the borders of these countries although the signals are vulnerable to interference, outages and local topography.

A GPS NTP server system is less vulnerable to these things and as long as there is a clear view of the sky (such as a rooftop or open window) the GPS time signal can be picked up anywhere on the globe.

UTC and Global Synchronisation

  |   By

A global economy has many benefits allowing trade and commerce to be conducted relatively pain free from the other sides of the planet. But conducting business with other countries can have its problems most notably time differences.

We are used to the fact that when we go to bed in Europe, those in Australasia are jest getting up and for many businesses, knowing the time in the country that you trade in is essential. However many global transactions are now conducted online and quite often completely automated.

For this reason computers need to know the exact time too, particularly if they are selling products and services that have a limited quantity and any miscalculation in the time can cause untold errors. For instance, if people across the globe wish to buy an airline ticket from an American broker then the computer needs to know who ordered the seat first otherwise there could be a risk of double-booking.

For this reason a global timescale has been developed allowing the whole world to synchronise to one timescale. This global timescale is commonly known as UTC (Coordinated Universal Time) and is based onthe old timescale GMT (Greenwich Meantime) although it accounts for the slowing of the Earth due to tidal and lunar forces.

UTC is kept accurate by atomic clocks that boast an accuracy of a second every 100 million years, however, atomic clocks are highly expensive to own, operate and run and are therefore impractical for a business that just wants to keep accurate UTC.

For this reason the dedicated NTP time server has been developed that can receive a transmitted time signal from an atomic clock and synchronise an entire computer network to it.

The NTP time server can receive a time signal directly from a physic laboratory using a long wave receiver or more conveniently using the GPS signals that are transmitted by satellites 30,000 km above the Earth.

By using a NTP time server a business network can be kept to within a few milliseconds of UTC (thousandth of seconds) ensuring that they can trade and do business with complete and accurate synchronisation.

Selecting a Time Source for a Network Time Server

  |   By

UTC – Coordinated Universal Time (from the French: Universel Temps Coordonné) is a global timescale based on Greenwich Meantime (GMT – from the Greenwich Meridian line where the sun is above at 12 noon). But accounts for the natural slowing of the Earth’s rotation. It is used globally in commerce, computer networks via a NTP server, air-traffic control and the World’s stock exchanges to name but a few of its applications.

UTC is really the only solution for time synchronisation needs. While it is just as possible to synchronise a computer network with an NTP server to a time other than UTC it is pointless. As UTC is utilised by computer networks all across the globe by using a UTC time source that means your network can synchronise with every other network in the world that is synchronised to UTC.

UTC is most commonly received from across the Internet, however, this can only be recommended for small network users where either accuracy or security is an issue. An Internet based UTC source is external to the firewall so will leave a potential hole for malicious users to exploit.

Two secure methods of receiving UTC are commonly available. These are either the GPS network (Global Positioning System) or specialist radio transmission broadcast on long wave from several of the world’s national physics laboratories. The two methods have both advantages and disadvantages which need to be ascertained before a method is selected.

A radio transmission such as the UK’s MSF, the German DCF-77 or the USA’s WWVB signal are vulnerable to local topography although many of these signals can be picked up indoors. Whilst not every country transmits a UTC radio signal around the neighbouring countries that do it is possible to still receive it.

GPS on the other hand is available literally anywhere on the globe. The signal comes directly from above and as long as the antenna has a good clear view of the sky it can be received anywhere. However, as the antenna has to be on a roof looking up this can have logistical problems (particularly for very tall buildings).

Specialist dedicated network time servers are available that can actually receive both methods of UTC but whether using GPS or a radio transmissions synchronisation of a network to within a few milliseconds is possible.

Time Server Synchronisation The basics

  |   By

NTP (Network Time Protocol) is an internet based protocol designed to synchronise the clocks on a computer network. It is the main time synchronisation software used in computer networks and is also packaged with most operating systems.

An NTP server is a dedicated device that receives a single time source then distributes it amongst all devices on a network. The protocol NTP monitors the drift of the internal clocks on a network and corrects for them.

An NTP server can receive a time source from either a national physical laboratory such as the UK’s National Physical Laboratory (NPL), however, these time signals are broadcast via long wave radio and have finite range.

GPS NTP servers are designed to receive the time source generated by the atomic clocks onboard GPS satellites (Global Positioning System). GPS is available anywhere on the planet as a time source as long as there is a clear view of the sky.

Without correct synchronisation all sorts of potential problems can occur such as leaving a computer system vulnerable to fraud, malicious users and hackers. An unsynchronised computer network may also lose data and be difficult to audit.

A global timescale called UTC (Coordinated Universal Time) has been developed to ensure the entire world uses the same timescale. The NTP server utilise UTC ensuring the computer network is telling the same time as every other computer network.

(UTC) Coordinated Universal Time is The only time you will ever need to know

  |   By

We may think of their being only one time and therefore one timescale. Sure, we’re all aware of time zones where the clock has to be pushed back an hour but we all obey the same time surely?

Well actually we don’t. There are numerous different timescales all developed for different reasons are too numerous to mention them all but it wasn’t until the nineteenth century that the idea of a single timescale, used y everybody came into effect.

It was the advent of the railway that provoked the first national timescale in the UK (Railway time) before then people would use noon as a basis for time and set their clocks to it. It rarely mattered if your watch was five minutes faster than your neighbours but the invention of the trains and the railway timetable soon changed all that.

The railway timetable was only useful if people all used the same time scale. A train leaving at 10.am would be missed if a watch was five minutes slow so synchronisation of time became a new obsession.

Following railway time a more global timescale was developed GMT (Greenwich Meantime) which was based on the Sun’s position at noon which fell over the Greenwich Meridian line (0 degrees longitude). It was decided during a world conference in 1884 that a single world meridian should replace the numerous one’s already in existence. London was perhaps the most successful city in the world so it was decided the best place for it.

GMT allowed the entire world to synchronise to the same time and while nations altered their clocks to adjust for time-zones their time was always based on GMT.

GMT proved a successful development and remained the world’s global timescale until the 1970’s. By then that atomic clock had been developed and it was discovered in the use of these devices that Earth’s rotation wasn’t a reliable measure to base our time on as it actually alters day by day (albeit by fractions of a second).

Because of this a new timescale was developed called UTC (Coordinated Universal Time). UTC is based on GMT but allows for the slowing of the Earth’s rotation by adding additional ‘Leap Seconds’ to ensure that Noon remains on the Greenwich Meridian.

UTC is now used all over the World and is essential for applications such as air traffic control, satellite navigation and the Internet. In fact computer networks across the globe are synchronised to UTC using NTP time servers (Network Time Protocol). UTC is governed by a constellation of atomic clocks controlled by national physics laboratories such as NIST (National Institute of Standards and Time) and the UK’s NPL.

Five Reasons Why Your Business Needs an NTP Server (Part 2)

  |   By

3. Security Breaches:

When networks are not synchronised log files are not recorded properly or in the right order which means that hackers and malicious users can breach security unnoticed. Many security software programs are also reliant on timestamps with anti-virus updates failing to happen or scheduled tasks falling behind. If your network controls time-sensitive transactions then this can even result in fraud if there is a lack of synchronisation.

4. Legal Vulnerability:

Time is not just used by computers to order events it is used in the legal world too. Contracts, receipts, proof-of-purchase are all reliant on time. If a network is not synchronised then it becomes difficult to prove when transactions actually took place and it will prove difficult to audit them. Furthermore, when it comes to serious matters such as fraud or other criminality a dedicated NTP server or other network time server device synchronised to UTC is legally auditable, its time can not be argued with!

5. Company Credibility:

Succumbing to any of these potential hazards can not just have devastating effects on your own business but also that of your clients and suppliers too. And the business grapevine being what it is any potential failing on your part will soon become common knowledge amongst your competitors, customers and suppliers and be seen as bad business practices.

Running a synchronised network adhering to UTC is not difficult. Many network administrators think that synchronisation just means an occasional time request to an online NTP time source; however, doing so will leave a system just as vulnerable to fraud and malicious users as having no synchronisation. This is because to use an Internet time source would require leaving a permanent port open in the firewall.

The solution is to use a dedicated NTP time server that receives a UTC time source from either a radio transmission (broadcast by national physics laboratories) or the GPS network (Global Positioning System). These are secure and can keep a network running to within a few milliseconds of UTC.

Five Reasons Why Your Business Needs an NTP Server (Part 1)

  |   By

Most businesses these days rely on a computer network. Computers in most organisations conduct thousands of tasks a second, from controlling production lines; ordering stock; preparing financial records and communicating with computers on other networks – often from the other side of the world.

Computers use just one thing to keep track of all these tasks: time. Timestamps are the computers only reference for when an event or task occurs in relation to other events. They receive time in the form of timestamps and they measure time in periods of milliseconds (thousandth of a second) as they may conduct hundreds of processes each second.

A global timescale known as UTC (Coordinated Universal Time) has been developed to ensure computers from different organisations all over the world can synchronise together. So what happens if the clocks on computers don’t coincide with each other or with UTC?

The consequences of running a network with computers that are not synchronised can be disastrous. Here are five reasons why all businesses need adequate network synchronisation using a NTP server (Network Time Protocol) or other network time server device.

1. Tasks fail to happen:

When computers are running at different times, events on different machines can fail to happen as often a PC may assume an event on another machines has already happened if the time for that event has passed according to its own clock. And what is worse, when one task fails it has a knock-on effect with other tasks failing to happen and in turn causing further tasks to fail.

2. Loss of Data:

When tasks fail to happen it soon gets noticed but when networks are not synchronised data that is meant to be kept can quite easily be lost and it can go unnoticed for quite a while. Data can be lost because storage as and retrieval is also reliant on time stamps.

NTP Server 5 Steps to Network Synchronisation

  |   By

Synchronising a network is often considered a headache by network administrators who fear that getting it wrong can lead to disastrous results and while there is no deny that a lack of synchronisation can cause unforeseen problems particularly with time sensitive transactions and security, perfect synchronisation is simple if these steps are followed:

1. Use a dedicated NTP server. The NTP server is a device that receives a single time source then distributes it amongst a network of computers using the protocol NTP (Network Time Protocol) one of the oldest Internet based protocols and by far the most widely used time synchronisation software. NTP is often packaged with modern operating systems such as Windows or Linux although there is no substitute for a dedicated NTP device.

2. Always use a UTC time source (Coordinated Universal Time). UTC is based on GMT (Greenwich Meantime) and International Atomic Time (TAI) and is highly accurate. UTC is used by computer networks all over the world ensuring that commerce and trade are all using the same timescale.

3. Use a secure an accurate time signal. Whilst time signals are available all over the Internet they are unpredictable in their accuracy and while some may offer decent enough precision an Internet time server is outside a networks firewall which if left open to receive a timecode will cause vulnerabilities in the security of the network. Either GPS (global positioning system) or a dedicated radio signal such as those transmitted by national physics laboratories (such as MSF – UK, WWVB – USA, DCF –Germany) offer secure and reliable methods of receiving a secure and accurate time signal.

4. Organise a network into stratum, levels. Strata ensure that the NTP server is not inundated with time requests and that the network bandwidth doesn’t become congested. A stratum tree is organised by a few select machines being stratum 2 devices in that they receive a time signal from the NTP server (stratum 1 device) these in turn distribute the time to other devices (stratum 3) and so on.

5. Ensure all machines are utilising UTC and the NTP server tree. A common error in time synchronisation is to not ensure all machines are properly synchronised, just one machine running inaccurate time can have unforeseen consequences.