Using Windows 7 and Reasons Your Network Still Needs an NTP Server

  |   By

Time synchronisation becomes more and more relevant as we become more dependent on the internet. With so many time sensitive transactions conducted across the globe, from banking and commerce to sending emails, the correct and accurate time is vital in preventing errors and ensuring security.

Increasingly, more and more people are relying on sources of internet time especially with many of the modern flavours of Microsoft’s Windows such as Windows 7 having NTP and time synchronisation abilities already installed.

Windows 7 and Time Synchronisation

Windows 7 will, straight out of the box, attempt to find a source of internet time; however, for a networked machine this does not necessarily mean the computer will be synchronised accurately or securely.

Internet time sources can be wholly unreliable and unsecure for a modern computer network. Internet time has to come through the firewall and as a gap is left for these time codes to come through, malicious software can take advantage of this firewall hole too.

Not only can the accuracy of these devices vary depending on the distance away your network is but also an internet time source very rarely comes direct from an atomic clock.

In fact, most internet time sources are known as stratum 2 devices. This means they connect to another device – a stratum 1 device – namely a NTP time server which gets the time directly from the clock and transmits it to the stratum 2 device.

Stratum 1 NTP time servers

For true accuracy and security, there is no replacement for your network’s own stratum 1 NTP server. Not only are these devices secure, receiving a time source externally to the firewall (often using GPS) but also they receive these signals direct from atomic clocks (The GPS satellite that transmits this signal has an onboard atomic clock that generates the time.

Time Servers and the Internet

  |   By

Timing is becoming increasingly crucial for computer systems. It is now almost unheard of for a computer network to function without synchronisation to UTC (Coordinated Universal Time). And even single machines used in the home are now equipped with automatic synchronisation. The latest incarnation of Windows for instance, Windows 7, connects to a timing source automatically (although this application can be turned off manually by accessing the time and date preferences.)

The inclusion of these automatic synchronisation tools on the latest operating systems is an indication of how important timing information has become and when you consider the types of applications and transactions that are now conducted on the internet it is of no surprise.

Internet banking, online reservations, internet auctions and even email can be reliant on accurate time. Computers use timestamps as the only point of reference they have to identify when and if a transaction has occurred. Mistakes in timing information can cause untold errors and problems, particularly with debugging.

The internet is full of time servers with over a thousand time sources available for online synchronisation however; the accuracy and usefulness of these online sources of UTC time do vary and leaving a TCP/IP open in the firewall to allow the timing information through can leave a system vulnerable.

For network systems where timing is not only crucial but where security is also a paramount issue then the internet is not a preferred source for receiving UTC information and an external source is required.

Connecting a NTP network to an external source of UTC time is relatively straightforward if a network time server is used. These devices that are often referred to as NTP servers, use the atomic clocks onboard GPS (Global Positioning System) satellites or long wave transmissions broadcast by places such as NIST or NPL.

Time Synchronisation on a Windows 7 Network

  |   By

Windows 7 is the latest instalment in the Microsoft operating system family. Following on from the much maligned Windows Vista, Windows 7 has a much warmer reception from critics and consumers.

Time synchronisation on Windows 7 is extremely straight forward as the protocol NTP (Network Time Protocol) is built-in to Windows 7 and the operating system automatically synchronises the computer’s clock by connecting to the Microsoft time service time.windows.com.

This is useful for many home users but the synchronisation across the Internet is not secure enough for a computer network for the following reason:

To connect to any Internet time source such as time.windows.com a post is required to be left open in the firewall. As with any open port in a network firewall this can be used as a point of entry by a malicious user or some malicious software.

The time synchronisation facility in Windows 7 can be turned off and is quite simple to do by opening the time and date dialogue box and uncheck the synchronization box.

However, time synchronisation on a network is vital so if the Internet time service is turned off it needs to be replaced with a secure and accurate source of time.

By far the best way of doing this is to use a time source that’s external to the network (and the firewall).

The simplest, safest and most accurate way of synchronizing a Windows 7 network is to use a dedicated NTP server. These devices use a time reference from either a radio frequency (usually distributed by national physics laboratories such as Britain’s NPL and America’s NIST) or from the GPS satellite network.

Because both these reference sources come from atomic clock sources they are incredibly accurate too and a Windows 7 network that consists of hundreds of machines can be synchronised to within a few milliseconds of the global timescale UTC (Coordinated Universal Time) by utilising just one NTP time server.

Time Synchronization on Windows 7

  |   By

Windows 7, the latest operating system from Microsoft is also their first operating system that automatically synchronizes the PC clock to an internet source of UTC time (Coordinated Universal Time). From the moment a Windows 7 computer is switched on and is connected to the Internet it will request time signals from the Microsoft time service – time.windows.com.

While for many home users this will save them the hassle of setting and correcting their clock as it drifts, for business users it may be problematic as internet time sources are not secure and receiving a time source through the UDP port on the firewall could lead to security breaches and as Internet time sources can’t be authenticated by NTP (Network Time Protocol) the signals can be hijacked by malicious users.

This internet time source can be deactivated by opening the clock and date dialogue box, and opening the Internet Time tab, clicking the ’Change’ setting button and unchecking the ‘Synchronize with an Internet time server< option.’

Whilst this will unsure no unwanted traffic will be coming through your firewall it will also mean that the Windows 7 machine will not be synchronised to UTC and its timekeeping will be reliant on the motherboard clock, which will eventually drift.

To synchronize a network of Windows 7 machines to an accurate and secure source of UTC then the most practical and simplest solution is to plug in a dedicated NTP time server. These connect directly to a router or switch and enable the safe receiving of an atomic clock time source.

NTP time servers use the highly accurate and secure GPS signal (Global Positioning System) available everywhere on the planet or more localized long wave radio signals transmitted by several national physics laboratories such as NIST and NPL.