Benefits of Accurate Network Time Synchronization

  |   By

Your computer probably does hundreds and thousands of tasks a day. If that is part of a network then the number of tasks could be millions. From sending emails to saving data, and everything else your computer is tasked to do, they are all logged by the computer or server.

Computers use timestamps to logo processes and indeed, timestamps are used as the only method a computer has to indicate when and if a task or application has been conducted. Timestamps are normally a 16 or 32 bit integer (one long number) that counts back the seconds from a prime epoch – normally 01 January 1970.

So for every task you computer does it will be stamped with the number of seconds from 1970 that the transaction was conducted. These timestamps are the only piece of information a computer system has to ascertain what tasks have been completed and what tasks have yet to be instigated.

The problem with computer networks of more than one machine is that the clocks on individual devices are not accurate enough for many modern time sensitive applications. Computer clocks are prone to drift they are typically based on inexpensive crystal oscillator circuits and can often drift by over a second a day.

This may not seem much but in today’s time sensitive world a second can be a long time indeed especially when you take into account the needs of industries like the stock exchange where a second can be the difference in price of several percent or online seat reservation, where a second can make the difference between an available seat and one that is sold.

This drift is also accumulative so within only a few months the computer systems could be over a minute out of sync and this can have dramatic effects on time sensitive transactions and can result in all sorts of unexpected problems from emails not arriving as a computer thinks they have arrived before they have been sent to data not being backed up or lost completely.

A NTP time server or network time server are increasingly becoming crucial pieces of equipment for the modern computer network. They receive an accurate source of time from an atomic clock and distribute it to all devices on the network. As atomic clocks are incredibly accurate (they won’t drift by a second even in a 100,000 years) and the protocol NTP (Network Time Protocol) continually checks the devices time against the master atomic clock time – it means the computer network will be able to run perfectly synchronised with each device within a few milliseconds of the atomic clock.

Closed Circuit Cameras are Useless Without a Network Time Server

  |   By

For those of us that live in Britain, the CCTV camera (closed circuit TV) will be a familiar site on the high streets. Over four million cameras are in operation throughout the British Isles with every major city being monitored by state funded cameras which has cost the British taxpayer over £200 million ($400 million).

The reasons for use of such widespread surveillance have always been declared as to prevent and detect crime. However, critics argue that there is little evidence that CCTV cameras have done anything to dent the rising street crime on the UK’s streets and that the money could be better well spent.

One of the problems of CCTV is that many cities have both cameras controlled by local councils and privately controlled cameras. When it comes to crime detection the police often have to obtain as much evidence as possible which often means combining the different local authority controlled CCTV cameras with the privately controlled systems.

Many local authorities synchronise their CCTV cameras together, however, if the police have to obtain images from a neighbouring borough or from a private camera these may not be synchronised at all, of if so, synchronised to a different time completely.

This is where CCTV falls down in the fight against crime. Just imagine a suspected criminal is spotted on one CCTV camera committing a criminal act. The time on the camera could say 11.05pm but what if the police follow the suspects movements across a city and use footage from a privately owned camera or from other boroughs and while the CCTV camera that caught the suspect in the act may say 11.05, the other camera could spot the suspect minutes later only for the time to be even earlier. You could imagine a good defence lawyer taking full advantage of this.

To ensure their worth in the fight against crime, it is imperative that CCTV cameras are time synchronized using a network time server. These times servers ensure every device (in this case camera) is running the exact same time. But how do we ensure all cameras are synchronised to the same time source. Well fortunately, a global time source known as UTC (coordinated Universal Time) has been developed for this exact purpose. UTC is what governs computer networks, air traffic control and other time sensitive technologies.

A CCTV camera using a NTP server that receives a UTC time source from an atomic clock will not only be accurate but the time told on the devices will be provable in court and accurate to a thousandth of a second (millisecond).

2038 The Next Computer Time Bug

  |   By

Remember the turn of the millennium. Whilst many of us were counting down the seconds until midnight, there were network administrators across the globe with their fingers crossed hoping their computer systems will still be working after the new millennium kicked in.

The millennium bug was the result of early computer pioneers designing systems with only two digits to represent the time as computer memory was very scarce at the time. The problem didn’t arise because of the turn of the millennium, it arose because it was the end of the century and two digit year flicked around to 00 (which the machines assume was 1900)

Fortunately by the turn of the millennium most computers were updated and enough precautions were taken that meant that the Y2K bug, as it became known, didn’t cause the widespread havoc it was first feared.

However, the Y2K bug is not the only time related problem that computer systems can be expected to face, another problem with the way computers tell the time has been realised and many more machines will be affected in 2038.

The Unix Millennium Bug (or Y2K38) is similar to the original bug in that it is a problem connected with the way computers tell the time. The 2038 problem will occur because most machines use a 32 bit integer to calculate the time. This 32 bit number is set from the number of seconds from 1 January 1970, but because the number is limited to 32 digits by 2038 there will be no more digits left to deal with the advance of time.

To solve this problem, many systems and languages have switched to a 64-bit version, or supplied alternatives which are 64-bit and as the problem will not occur for nearly three decades there is plenty of time to ensure all computer systems can be protected.

However, these problems with timestamps are not the only time related errors that can occur on a computer network. One of the most common causes of computer network errors is lack of time synchronization. Failing to ensure each machine is running at an identical time using a NTP time server can result in data being lost, the network being vulnerable to attack from malicious users and can cause all sorts of errors such as emails arriving before they have been sent.

To ensure your computer network is adequately synchronized an external NTP time server is recommended.

Perfect Time Synchronization for Windows

  |   By

Most Windows operating systems have an integrated time synchronisation service, installed by default that can synchronise the machine or indeed a network. However, for security reasons, it is highly recommended by Microsoft, amongst others, that an external time source is used.

NTP time servers
securely and accurately receive the UTC time signal from the GPS network or the WWVB radio transmissions (or European alternatives).  NTP time servers can synchronize a single Windows machine or an entire network to within fractions of a second of the correct UTC time (Coordinated Universal Time).

A NTP time server provides precise timing information 24 hours-a-day, 365 days-a-year anywhere on the entire globe. A dedicated NTP time server is the only secure, safe and reliable method of synchronizing a computer network to UTC (Coordinated Universal Time). External to the firewall, an NTP time server does not leave a computer system vulnerable to malicious attacks unlike Internet timing sources via the TCP-IP port.

A NTP time server is not only secure, it receives a UTC time signal direct from atomic clocks unlike Internet timing sources which are really time servers themselves. NTP servers and other time synchronization tools can synchronize entire networks, single PCs, routers and a whole host of other devices. Using either GPS or the North American WWVB signal, a dedicated NTP time server from will ensure all your devices are running to within a fraction of UTC time.

A NTP time server will:

•    Increase network security
•    Prevent data loss
•    Enable logging and tracking of errors or security breaches
•    Reduce confusion in shared files
•    Prevent errors in billing systems and time sensitive transactions
•    Can be used to provide incontestable evidence in legal and financial disputes

Dealing With Time computers synchronisation and timestamps

  |   By

Time is important for the smooth running of our day to day lives. Everything we do is either governed by or restrained because of time. Yet time is even more essential for computer systems as it is the only point of reference a computer has to distinguish between events and processes.

Everything a computer does is logged by the processor with what process was done and exactly when it was carried out. As computers can process hundreds if not thousands of transactions a second so the time stamp is vital for establishing the order of events.

Computers do not read and use the time in the same format that we do. A computer timestamp takes the form of a single digit that counts the number of seconds from a set point in time. In most systems this is known as the ‘prime epoch’ and is set from 00:00:00 UTC on January 1, 1970. So a timestamp for the date 23 June 2009 the timestamp would read: 1246277483 as this is the number of seconds from the prime epoch.

Computer timestamps are sent across networks and the internet, for instance every time an email is sent it is accompanied by a timestamp. When the email is replied to this too comes with a timestamp. Yet, when neither computer is synchronized the replied email could arrive back with an earlier code and this can cause untold confusion for a computer as according to its logs the email will have arrived back before the original was sent.

For this reason computer networks are synchronized to the global timescale UTC (Coordinated Universal Time). UTC is kept true by a constellation of atomic clocks which means that and computer network synchronised to a UTC source will be highly accurate.

Time synchronization on computers is dealt with by the protocol NTP (Network Time Protocol). Special dedicated NTP servers are available the receive a secure time code from either the GPS network or from specialist radio transmissions broadcast by national physical laboratories and then synchronize entire networks to the single time source.

Dangers of Free Time

  |   By

We are all looking for freebies, particularly in the present financial climate and the internet is not short of them. Free software, free films, free music, almost everything these days has a free version. Even critical applications for our computers and networks such as anti-virus can come free. So it is understandable that when network administrators want to synchronize the time on computer networks they turn to free sources of UTC time (UTC – Coordinated Universal Time) to synchronize their networks using the operating systems’ own inbuilt NTP server.

However, just as there is no such thing as a free lunch, free time sources come with a cost too. To start with all time servers on the internet that are available for the public to use are stratum 2 servers. This means they are devices that receive the time from another device (a stratum 1 time server) that gets it from an atomic clock. While this second hand time source shouldn’t lose too much time compared to the original, for high levels of accuracy there will be a noticeable drift.

Furthermore, internet time sources are based outside the network firewall. For access to the time server a UDP port needs to be left open. This will mean the network firewall will intrinsically have a hole in it which could be manipulated y a malicious user or aggressive malware.

Another consideration is the inbuilt security that the time transfer protocol NTP (Network Time Protocol) uses to assess the time signal it receives is genuine. This is referred to as authentication but is unavailable across the internet. Meaning the time source may not be what it claims to be and with a hole in the firewall it could result in a malicious attack.

Internet time sources can also be unreliable. Many are too far from clients to provide any real accuracy some time sources available on the internet are wildly out (some by hours not just minutes). There are however, more reputable stratum 2 servers available and the NTP pool has details of those.

For real accuracy with none of the security threats the best solution is to use an external time source. The best method for doing this is to utilise a dedicated NTP server. These devices work exterior to the firewall and receive the time either direct from GPS satellites or via broadcasts by national physics labs such as NIST or NPL.

Do I Really Need an NTP Time Server?

  |   By

The NTP time server is a much misunderstood piece of equipment. They are quite simple devices in the sense that they are used for the purposes of time synchronisation, receiving an external source of the time which is then distributed throughout a computer network using NTP (Network Time Protocol).

However, with a myriad of ‘free’ time servers available on the internet many network administrators take the decision that NTP time servers are not necessary pieces of equipment and that their network can do without it. However, there are a huge number of pitfalls in relying on the internet as a time reference; Microsoft and the USA physics laboratory NIST (National Institute of Standards and Time) highly recommend external NTP time servers rather than internet providers.

Here is what Microsoft says:
“We highly recommend that you configure the authoritative Time Server to gather the time from a hardware source. When you configure the authoritative Time Server to sync with an Internet time source, there is no authentication.”

Authentication is a security measure implemented by NTP to ensure that the time signal that is sent comes from where it claims to come from. In other words authentication is the first line of defence in protecting against malicious users. There are other security issues too with using the internet as a time source as any communication with an internet time source is going to require the TCP/IP port to be left open in the firewall this could also be manipulated by malicious users.

NIST too recognise the importance of NTP time server systems for prevention and detection of security threats in their Guide to Computer Security Log Management they suggest:
“Organizations should use time synchronization technologies such as Network Time Protocol (NTP) servers whenever possible to keep log sources’ clocks consistent with each other.”

Choosing a Time Source what to do and what not to do

  |   By

Time synchronization is crucial for many of the applications that we do across the internet these days; internet banking, online reservation and even online auctions all require network time synchronization.

Failing to ensure their servers are adequately synchronized would mean many of these applications would be impossible to achieve; seat reservations could be sold more than once, lower bids could win internet auctions and it would be possible to withdraw you life savings from the bank twice if they didn’t have adequate synchronization (good for you not for the bank).

Even computer networks that on the face of it do not rely on time sensitive transactions also need to be adequately synchronized as it could be near impossible to track down errors or protect the system from malicious attacks if the timestamps on differ on various machines on the network.

Many organisations opt to use internet time servers as a source of UTC (Coordinated Universal Time) – the atomic clock controlled global timescale. Although there are many security issues in doing so such as leaving a hole in the firewall to communicate with the time server and not having any authentication for the time synchronization protocol NTP (Network Time Protocol).

However, in saying that many network administrators still opt to use online time servers as a UTC source regardless of the security implications although there are other issues that administrators should be aware of. On the internet there are two types of time server – stratum 1 and stratum 2. Stratum 1 servers receive a time signal direct from an atomic clock while stratum 2 servers receive a time signal from a stratum 1 server. Most internet stratum 1 servers are closed – unavailable to most administrators and there can be some shortfall in accuracy in using a stratum 2 server.

For the most accurate, secure and precise timing information external NTP time servers are the best option as these are stratum 1 devices that can synchronize hundreds of machines on a network to the exact same UTC time.

Germans Enter Race to Build the Worlds Most Accurate Clock

  |   By

Following the success of Danish researchers working in conjunction with NIST (National Institute for Standards and Time), who unveiled the world’s most accurate atomic clock earlier this year; German scientist have entered the race to build the world’s most precise timepiece.

Researchers at the Physikalisch-Technische Bundesanstalt (PTB) in Germany are using use new methods of spectroscopy to investigate atomic and molecular systems and hope to develop a clock based around a single aluminium atom.

Most atomic clocks used for satellite navigation (GPS), as references for computer network NTP servers and air traffic control have traditionally been based on the atom caesium. However, the next generation of atomic clocks, such as the one unveiled by NIST which is claimed to be accurate to within a second every 300 million years, uses the atoms from other materials such as strontium which scientists claim can be potentially more accurate than caesium.

Researchers at PTB have opted to use single aluminium atoms and believe they are on the way to developing the most accurate clock ever and believe there is huge potential for such a device to help us understand some of the more complicated aspects of physics.

The current crop of atomic clocks allow technologies such as satellite navigation, air traffic control and network time synchronisation using NTP servers but it is believed the increases accuracy of the next generation of atomic clocks could be used to reveal some of the more enigmatic qualities of quantum science such as string theory.

Researchers claim the new clocks will provide such accuracy they will even be able to measure the minute differences in gravity to within each centimetre above sea-level.

The NTP Time Server Essential Network Protection

  |   By

There are a myriad of hardware and software methods of protecting computers. Anti-virus software, firewalls, spyware and routers to name but a few yet perhaps the most important tools for keeping a network safe is often the most overlooked.

One of the reasons for this is that the network time server’s often referred to as the NTP time server (after the protocol Network Time Protocol) primary task is time synchronisation and not security.

The NTP server’s primary task is to retrieve a time signal from a UTC source (Coordinated Universal Time) which it then distributes it amongst the network, checking the clock on each system device and ensuring its running in synchronisation with UTC.

Here is where many network administrators fall down. They know that time synchronisation is vital for computer security. Without it, errors can not be logged (or even spotted) network attacks can’t be countered, data can be lost and if a malicious user does get into the system it is near impossible to discover what they were up to without all machines on a network corresponding to the same time.

However, the NTP server is where many network administrators think they can save a little money. ‘Why bother?’ ‘They say, ‘when you can log on to an Internet NTP server for free.’

Well, as the old saying goes there is no such thing as a free lunch or as it goes a free source of UTC time. Using internet time providers may be free but this is where many computer networks leave themselves open to abuse.

To utilise an internet source of time such as Microsoft’s, NIST or one of those on the NTP pool project may be free but they are also outside a networks firewall and these is where many network administrators come unstuck.