NTP servers (Network Time Protocol) operate outside the firewall and are not reliant on the Internet which means they are highly secure and not vulnerable to malicious users who, in the case of Internet time sources can use the NTP client signals as a method of accessing the network or penetrating the firewall.
A dedicated NTP server will also receive it’s time code direct from an atomic clock, this makes it a stratum 1 time server as opposed to online time servers which are stratum 2 time servers, that is they get the time from a stratum 1 server and so are not as accurate.
In using a NTP time server there is only really one decision to make and that is how the time signal is to be received and for this there is only two choices:
The first is to make use of the time standard radio transmissions broadcast by national physics laboratories such as NIST in the USA or the UK’s NPL. These signals (WWVB in the US, MSF in the UK) are limited in range although the USA signal is available in most parts of Canada and Alaska. However, they are vulnerable to local interference and topography as other long wave radio signals are.
The alternative to the WWVB/MSF signal is to utilise the GPS satellite network (Global Positioning System). Atomic clocks are used by GPS satellites as the basis for navigational information used by satellite receivers. These atomic clocks can be used by using a NTP time server fitted with a GPS antenna.
Whilst the GPS time signal is strictly speaking not UTC- it is 17 seconds behind as leap seconds have never been added to GPS time (as the satellites are unreachable) but NTP can account for this (by simply adding 17 whole seconds). The advantage of GPS is that it is available anywhere on the planet just as long as the GPS antenna has a clear view of the sky.
Duel systems that can utilise both types of signal are also available.