Posted by Richard N Williams on April 26th, 2012
Because accurate and secure time is essential for any computer network finding a time source that is both precise and secure, is an important part of keeping a network healthy. With network time sources, there are plenty of choices, but not all of them can provide the security and precision needed by the modern network.
The problem with the modern network is that precision is key for security. In a world full of threats such as Trojans, worms and hackers, millisecond accuracy is required to ensure a network is not vulnerable to threats. However, attaining this sort of accuracy is not always easy.
Network time Protocol
To handle synchronisation, most networks rely on Network Time Protocol (NTP), which is highly effective at maintaining accuracy. NTP is uses a single time source, which it then distributes around a network. Furthermore, NTP continually checks the time on individual systems against this master time source and then adjusts for any drift caused by the system clocks.
NTP is highly accurate. However, its accuracy is dependent on the master time source, and this is when most network administrators run into problems.
Online Time Servers
For most network administrators, online time servers are the first place they go to for a time source. And why not? Time sources on the internet are free, hooked up to atomic clocks, and reputable organisations such as NIST or Microsoft often control them. However, the internet is not a place to obtain secure and accurate time, for several reasons:
Firstly, even these reputable organisations can’t guarantee the accuracy of an online time server. Often, such things as the distance and connection speed between host and client affect the precision of the time when it gets to the network. Secondly, no time source accessed on the internet can be wholly secure.
Anything coming from an internet source requires an opening in the network firewall. For time codes, this is UDP port 123. Any opening in a firewall results in an vulnerability for a network, and malicious users can target this as a means of gaining access to a system.
GPS NTP Servers
Perhaps the safest and most accurate means of obtaining a time source is by utilising the time codes transmitted by the GPS (Global Positioning System) network. Because the satellites’ onboard atomic clocks generate these time codes, they are highly accurate. Furthermore, because the GPS system is available anywhere on the planet with a view of the sky, they can be accessed by anyone.
All that is required for picking up these GPS signals is a GPS NTP server, which will not only receive the time code, but also distribute it around the network, check for drift and maintain stable and precise time on all machines.
Another big advantage of using a GPS NTP server is that it is wholly secure. Because the time server receives the GPS signals externally to the network, it poses no security issues, and the signal can’t be tampered with, or utilised by any malicious users or software. When it comes to accurate and secure time on a network, few systems can offer a better solution than a GPS time server.