Network Time Protocol For When Time Matters

  |   By

There is a certain irony that the computer that sits on your desktop and may have cost as much as month’s salary will have a clock onboard that is less accurate than a cheap wristwatch bought at a petrol or gas station.

The problem is not that computers are in particularly made with cheap timing components but that any serious timekeeping on a PC can be achieved without expensive or advanced oscillators.

The onboard timing oscillators on most PCs are in fact just a back up to keep the computer clock synchronised when the PC is off or when network timing information is unavailable.

Despite these inadequate onboard clocks, timing on a network of PC’s can be achieved to within millisecond accuracy and a network that is synchronised to the global timescale UTC (Coordinated Universal Time) shouldn’t drift at all.

The reason this high level of accuracy and synchronicity can be achieved without expensive oscillators is that computers can use Network Timing Protocol (NTP) to find and maintain the exact time.

NTP is an algorithm that distributes a single source of time; this can be generated by the onboard clock of a PC – although this would see every machine on the network drift as the clock itself drifts – A far better solution is to use NTP to distribute a stable, accurate source of time, and most preferably for networks that conduct business across the internet, a source of UTC.

The simplest method of receiving UTC – which is kept true by a constellation of atomic clocks around the globe – is to use a dedicated NTP time server. NTP servers use either GPS satellite signals (Global Positioning System) or long wave radio broadcasts (usually transmitted by national physics laboratories like NPL or NIST).

Once received the NTP server distributes the timing source across the network and constantly checks each machine for drift (In essence the networked machine contacts the server as a client and the information is exchanged via TCP/IP.

This makes the onboard clocks of the computers themselves obsolete, although when the machines are initially booted up, or if there has been a delay in contacting the NTP server (if it is down or there is a temporary fault), the onboard clock is used to maintain time until full synchronisation is again achievable.

Time Servers and the Internet

  |   By

Timing is becoming increasingly crucial for computer systems. It is now almost unheard of for a computer network to function without synchronisation to UTC (Coordinated Universal Time). And even single machines used in the home are now equipped with automatic synchronisation. The latest incarnation of Windows for instance, Windows 7, connects to a timing source automatically (although this application can be turned off manually by accessing the time and date preferences.)

The inclusion of these automatic synchronisation tools on the latest operating systems is an indication of how important timing information has become and when you consider the types of applications and transactions that are now conducted on the internet it is of no surprise.

Internet banking, online reservations, internet auctions and even email can be reliant on accurate time. Computers use timestamps as the only point of reference they have to identify when and if a transaction has occurred. Mistakes in timing information can cause untold errors and problems, particularly with debugging.

The internet is full of time servers with over a thousand time sources available for online synchronisation however; the accuracy and usefulness of these online sources of UTC time do vary and leaving a TCP/IP open in the firewall to allow the timing information through can leave a system vulnerable.

For network systems where timing is not only crucial but where security is also a paramount issue then the internet is not a preferred source for receiving UTC information and an external source is required.

Connecting a NTP network to an external source of UTC time is relatively straightforward if a network time server is used. These devices that are often referred to as NTP servers, use the atomic clocks onboard GPS (Global Positioning System) satellites or long wave transmissions broadcast by places such as NIST or NPL.

NTP Servers and the Different Time Sources

  |   By

NTP servers are essential devices for computer network time synchronisation. Ensuring a network coincides with UTC (Coordinated Universal Time) is vital in modern communications such as the Internet and is the primary function of the network time server (NTP server).

As their name suggests, these time servers use the protocol NTP (Network Time Protocol) to handle the synchronisation requests. NTP is already installed in many operating systems and synchronisation is possible without an NTP server by utilising an Internet time source, this can be unsecure and inaccurate for many network needs.

Network time servers receive a far more accurate and secure time signal. There are two methods of receiving the time using a time server: utilising the GPS network or receiving long wave radio transmissions.

Both these methods of receiving a time source are secure as they are external to any network firewall. They are also accurate as both sources of time are generated directly by atomic clocks rather than an Internet time service that are normally NTP devices connected to a third party atomic clock.

The GPS network provides an ideal source of time for NTP servers as the signals are available anywhere. The only downside of using the GPS network is that a view of the sky is required to lock-on to a satellite.

Radio referenced time sources are more flexible in that the long wave signal can be received indoors. They are limited in strength and not every country has a time signal although some signals such as the German DCF and the USA WVBB are available in neighbouring states.

A Brief History of Computer Time

  |   By

Telling the time is something may of us learn when we are very small children. Knowing what time it is is an essential part of our society and we couldn’t function without it. Just imagine if we didn’t tell the time – when would you go to work? When would you leave and how would it be possible to meet other people or arrange any kind of function.

While telling the time is crucial to us, it is even more vital for computers who use time as the only point of reference and amongst computer networks time synchronisation is vital. Without recording the passing of time, computers couldn’t function as there would be no reference to order programs and functions.
But the way computers tell the time and date is far different to the way we record it. Rather than record a separate time, date and year – computer systems use a single number. This number is based on the number of seconds from a set point in time – known as the prime epoch.

When this epoch is, depends on the operating system or programming language in question. For instance, Unix systems have a prime epoch which starts at 1 January 1970 and the number of seconds from the epoch are counted in a 32 bit integer. Other operating systems, such as Windows, use a similar system but the epoch is different (Windows starts on 1 January 1601).

There are, however, disadvantages to this integer system. For instance as the Unix system is a 32-bit integer which started in 01 Jan 1970, by 19 January 2038 the integer will have exhausted every possible number and will have to return to zero’s. This could cause problems with systems reliant on Unix in a problem reminiscent of the Millennium bug.
There are other issues involving computer time also. Because of the global requirements of the Internet all computer time is now based on UTC (Coordinated Universal Time). However, UTC is altered on occasion by adding Leap Seconds to ensure the time matches the rotation of the Earth (the Earth’s rotation is never exact due to gravitational forces) so leap second handling has to be encompassed into a computer time systems.

Computer time is often associated with NTP (Network Time Protocol) which is used to synchronise computers often using a network time server.

Time Synchronisation on a Windows 7 Network

  |   By

Windows 7 is the latest instalment in the Microsoft operating system family. Following on from the much maligned Windows Vista, Windows 7 has a much warmer reception from critics and consumers.

Time synchronisation on Windows 7 is extremely straight forward as the protocol NTP (Network Time Protocol) is built-in to Windows 7 and the operating system automatically synchronises the computer’s clock by connecting to the Microsoft time service time.windows.com.

This is useful for many home users but the synchronisation across the Internet is not secure enough for a computer network for the following reason:

To connect to any Internet time source such as time.windows.com a post is required to be left open in the firewall. As with any open port in a network firewall this can be used as a point of entry by a malicious user or some malicious software.

The time synchronisation facility in Windows 7 can be turned off and is quite simple to do by opening the time and date dialogue box and uncheck the synchronization box.

However, time synchronisation on a network is vital so if the Internet time service is turned off it needs to be replaced with a secure and accurate source of time.

By far the best way of doing this is to use a time source that’s external to the network (and the firewall).

The simplest, safest and most accurate way of synchronizing a Windows 7 network is to use a dedicated NTP server. These devices use a time reference from either a radio frequency (usually distributed by national physics laboratories such as Britain’s NPL and America’s NIST) or from the GPS satellite network.

Because both these reference sources come from atomic clock sources they are incredibly accurate too and a Windows 7 network that consists of hundreds of machines can be synchronised to within a few milliseconds of the global timescale UTC (Coordinated Universal Time) by utilising just one NTP time server.

Time Synchronization on Windows 7

  |   By

Windows 7, the latest operating system from Microsoft is also their first operating system that automatically synchronizes the PC clock to an internet source of UTC time (Coordinated Universal Time). From the moment a Windows 7 computer is switched on and is connected to the Internet it will request time signals from the Microsoft time service – time.windows.com.

While for many home users this will save them the hassle of setting and correcting their clock as it drifts, for business users it may be problematic as internet time sources are not secure and receiving a time source through the UDP port on the firewall could lead to security breaches and as Internet time sources can’t be authenticated by NTP (Network Time Protocol) the signals can be hijacked by malicious users.

This internet time source can be deactivated by opening the clock and date dialogue box, and opening the Internet Time tab, clicking the ’Change’ setting button and unchecking the ‘Synchronize with an Internet time server< option.’

Whilst this will unsure no unwanted traffic will be coming through your firewall it will also mean that the Windows 7 machine will not be synchronised to UTC and its timekeeping will be reliant on the motherboard clock, which will eventually drift.

To synchronize a network of Windows 7 machines to an accurate and secure source of UTC then the most practical and simplest solution is to plug in a dedicated NTP time server. These connect directly to a router or switch and enable the safe receiving of an atomic clock time source.

NTP time servers use the highly accurate and secure GPS signal (Global Positioning System) available everywhere on the planet or more localized long wave radio signals transmitted by several national physics laboratories such as NIST and NPL.

Configuring a Dedicated NTP Time Server on Windows 7

  |   By

Windows 7 is the very latest operating system from Microsoft. Replacing the rather disappointing Windows Vista, Windows 7 promises to correct the flaws that made its predecessor so unpopular.

One of the changes Windows 7 makes is that it automatically synchronizes the time using the Windows Time service located at windows.time.com. Whilst this is an accurate stratum 2 time server, managed by Microsoft, it can be changed for another source of Internet time. However, even Microsoft recommend that Internet time sources should not used for computer networks as they can’t be authenticated by the time protocol NTP (Network Time protocol). Furthermore, an internet time source needs a port left open in the firewall for the time signals to make it through. Any open port in a firewall can be used by a malicious user to gain access to the network.

For a secure, authenticated and accurate method of synchronizing a Windows 7 network, then it is wise to use a dedicated network time server. Most of these time servers use the protocol NTP (Network Time Protocol) which can easily distribute a single time server throughout a network of hundreds and even thousands of machines.

Time servers plug directly into the router/switch for the network or can be installed on a single machine. Rather than rely on the Internet for a source of time and risk leaving the firewalls UDP port open, dedicated NTP time servers use either the GPS signals or long wave radio broadcasts transmitted from national physics laboratories such as the MSF signal broadcast by the UK’s NPL and the USA WWVB signal broadcast by NIST.

As these signals are external to the firewall and are able to be authenticated by NTP to establish the authority of the signals and are a more accurate and secure method of synchronizing a Windows 7 network.

Perfect Time Synchronization for Windows

  |   By

Most Windows operating systems have an integrated time synchronisation service, installed by default that can synchronise the machine or indeed a network. However, for security reasons, it is highly recommended by Microsoft, amongst others, that an external time source is used.

NTP time servers securely and accurately receive the UTC time signal from the GPS network or the WWVB radio transmissions (or European alternatives).  NTP time servers can synchronize a single Windows machine or an entire network to within fractions of a second of the correct UTC time (Coordinated Universal Time).

A NTP time server provides precise timing information 24 hours-a-day, 365 days-a-year anywhere on the entire globe. A dedicated NTP time server is the only secure, safe and reliable method of synchronizing a computer network to UTC (Coordinated Universal Time). External to the firewall, an NTP time server does not leave a computer system vulnerable to malicious attacks unlike Internet timing sources via the TCP-IP port.

A NTP time server is not only secure, it receives a UTC time signal direct from atomic clocks unlike Internet timing sources which are really time servers themselves. NTP servers and other time synchronization tools can synchronize entire networks, single PCs, routers and a whole host of other devices. Using either GPS or the North American WWVB signal, a dedicated NTP time server from will ensure all your devices are running to within a fraction of UTC time.

A NTP time server will:

•    Increase network security
•    Prevent data loss
•    Enable logging and tracking of errors or security breaches
•    Reduce confusion in shared files
•    Prevent errors in billing systems and time sensitive transactions
•    Can be used to provide incontestable evidence in legal and financial disputes

Dangers of Free Time

  |   By

We are all looking for freebies, particularly in the present financial climate and the internet is not short of them. Free software, free films, free music, almost everything these days has a free version. Even critical applications for our computers and networks such as anti-virus can come free. So it is understandable that when network administrators want to synchronize the time on computer networks they turn to free sources of UTC time (UTC – Coordinated Universal Time) to synchronize their networks using the operating systems’ own inbuilt NTP server.

However, just as there is no such thing as a free lunch, free time sources come with a cost too. To start with all time servers on the internet that are available for the public to use are stratum 2 servers. This means they are devices that receive the time from another device (a stratum 1 time server) that gets it from an atomic clock. While this second hand time source shouldn’t lose too much time compared to the original, for high levels of accuracy there will be a noticeable drift.

Furthermore, internet time sources are based outside the network firewall. For access to the time server a UDP port needs to be left open. This will mean the network firewall will intrinsically have a hole in it which could be manipulated y a malicious user or aggressive malware.

Another consideration is the inbuilt security that the time transfer protocol NTP (Network Time Protocol) uses to assess the time signal it receives is genuine. This is referred to as authentication but is unavailable across the internet. Meaning the time source may not be what it claims to be and with a hole in the firewall it could result in a malicious attack.

Internet time sources can also be unreliable. Many are too far from clients to provide any real accuracy some time sources available on the internet are wildly out (some by hours not just minutes). There are however, more reputable stratum 2 servers available and the NTP pool has details of those.

For real accuracy with none of the security threats the best solution is to use an external time source. The best method for doing this is to utilise a dedicated NTP server. These devices work exterior to the firewall and receive the time either direct from GPS satellites or via broadcasts by national physics labs such as NIST or NPL.

The NTP Time Server Essential Network Protection

  |   By

There are a myriad of hardware and software methods of protecting computers. Anti-virus software, firewalls, spyware and routers to name but a few yet perhaps the most important tools for keeping a network safe is often the most overlooked.

One of the reasons for this is that the network time server’s often referred to as the NTP time server (after the protocol Network Time Protocol) primary task is time synchronisation and not security.

The NTP server’s primary task is to retrieve a time signal from a UTC source (Coordinated Universal Time) which it then distributes it amongst the network, checking the clock on each system device and ensuring its running in synchronisation with UTC.

Here is where many network administrators fall down. They know that time synchronisation is vital for computer security. Without it, errors can not be logged (or even spotted) network attacks can’t be countered, data can be lost and if a malicious user does get into the system it is near impossible to discover what they were up to without all machines on a network corresponding to the same time.

However, the NTP server is where many network administrators think they can save a little money. ‘Why bother?’ ‘They say, ‘when you can log on to an Internet NTP server for free.’

Well, as the old saying goes there is no such thing as a free lunch or as it goes a free source of UTC time. Using internet time providers may be free but this is where many computer networks leave themselves open to abuse.

To utilise an internet source of time such as Microsoft’s, NIST or one of those on the NTP pool project may be free but they are also outside a networks firewall and these is where many network administrators come unstuck.