Time Synchronisation

Time synchronisation is vital for the modern computer network particularly when computer networks across the globe need to communicate with each other.

A lack of synchronisation would make impossible many online activities such as Internet auctions, seat reservation and trading in stocks and shares. It can also leave a system open to security threats and even fraud.

The NTP server (Network Time Protocol) can provide the most secure and accurate method of synchronising a network.  Many NTP servers are rack-mountable devices that can connect to a network and distributes time information between all devices on that system.

They work by using a single time reference, most commonly a source of UTC (Coordinated Universal Time), which NTP then checks all the system clocks to ensure all devices are keeping the same time. When it finds a computer or device that is drifting it advances or retreats the system clock until it matches UTC.

A NTP server will receive a timing source from either across the Internet (although not very secure or accurate), a specialist long-wave radio transmission or from the GPS network (global positioning system).

By utilising dedicated NTP server, not only can all devices on a network be synchronised together but also by using UTC the network will be synchronised with millions of computer networks all over the world.

The NTP server is now an essential part of the modern computer network. Without a dedicated NTP server administrators are forced to rely on unsecure and inaccurate Internet sources to synchronise their network clocks too.

The potential risks involved in this, namely leaving a hole open in the network firewall and the lack of the NTP security measure: authentication, means that networks that use an Internet based timing source are risking their system to attacks from malicious user and hackers.

It should also be noted that a survey of Internet based timing sources found less than a third were accurate to UTC time and those that were could still be too far away from client to make any useful synchronisation.

There are two types of dedicated NTP server, the GPS NTP server and the radio referenced NTP server. The difference between the two is based solely on the method they receive their UTC time source from. A GPS NTP server will use the signals broadcast from the GPS satellites above the Earth’s atmosphere. These signals are very reliable and can be picked up anywhere in the Worlds as long as the GPS antenna has a clear view of the sky.

The alternative is to use a dedicated NTP server that can receive a signal from the national time and frequency transmissions broadcast by several national physics laboratories. While not available in every country and quite vulnerable to interference these long-wave time signals are still an accurate and secure method of receiving UTC time. They are also ideally suited for network administrators who, for reasons of logistics can’t place a GPS antenna on the roof.

All computers are prone to drift and as accurate timing is essential for many time critical applications, Network Time Protocol has been developed to keep computers synchronized

NTP is installed on most versions of Windows (although a stripped down version called SNTP is in older versions) and Linux but regardless is open source an free to download from ntp.org.

To synchronise a network it is preferable to use a dedicated NTP server that receives a timing source from an atomic clock either from specialist national radio transmissions or the US GPS system, although Internet time references are available but some are more reliable than others (and none can be authenticated leaving a system open to attack).

NTP is hierarchical, it is arranged into stratum. Stratum 0 is a timing source (such as an atomic clock) while stratum 1 is a server connected to a stratum 0 server and a stratum 2 is a computer (or device) attached to a stratum 1 server.

There is an understanding that if using a public Internet based time server, stratum 0 servers are not used by most applications as too many requests would disable them. Instead NTP should be configured to receive a timing reference from several stratum 1 and stratum 2 servers (it is good housekeeping to use more than one as it is possible one server could go down).

The most accurate and secure way of synchronising a network is to use a dedicated NTP server. These can receive a timing reference from either the GPS network (as each GPS satellite contains an atomic clock and broadcasts the signal) or a specialist national radio transmission. Both of these signals come from a stratum 0 source and both provide accuracy to within a few milliseconds.

3. Security Breaches:

When networks are not synchronised log files are not recorded properly or in the right order which means that hackers and malicious users can breach security unnoticed. Many security software programs are also reliant on timestamps with anti-virus updates failing to happen or scheduled tasks falling behind. If your network controls time-sensitive transactions then this can even result in fraud if there is a lack of synchronisation.

4. Legal Vulnerability:

Time is not just used by computers to order events it is used in the legal world too. Contracts, receipts, proof-of-purchase are all reliant on time. If a network is not synchronised then it becomes difficult to prove when transactions actually took place and it will prove difficult to audit them. Furthermore, when it comes to serious matters such as fraud or other criminality a dedicated NTP server or other network time server device synchronised to UTC is legally auditable, its time can not be argued with!

5. Company Credibility:

Succumbing to any of these potential hazards can not just have devastating effects on your own business but also that of your clients and suppliers too. And the business grapevine being what it is any potential failing on your part will soon become common knowledge amongst your competitors, customers and suppliers and be seen as bad business practices.

Running a synchronised network adhering to UTC is not difficult. Many network administrators think that synchronisation just means an occasional time request to an online NTP time source; however, doing so will leave a system just as vulnerable to fraud and malicious users as having no synchronisation. This is because to use an Internet time source would require leaving a permanent port open in the firewall.

The solution is to use a dedicated NTP time server that receives a UTC time source from either a radio transmission (broadcast by national physics laboratories) or the GPS network (Global Positioning System). These are secure and can keep a network running to within a few milliseconds of UTC.

Accurate time using Atomic Clocks is available across the entire globe using the GPS Atomic Clock time signal transmitted from a constellation of satellites above the Earth and a NTP GPS server which provides the ability to synchronize the time on computers and other electrical equipment.

The GPS signal is operated by the US Airforce (51st Space Wing) and was originally intended solely for military use but after an airliner was accidentally shot down during the cold war it was released for civilian use too.

GPS is currently the world’s only Global and Navigational Satellite System although the Europe Galileo project is expected to be completed by 2012.

GPS is based on a constellation of between 24 and 32 Medium Earth Orbit satellites. These satellite all house an onboard atomic clock. Atomic clocks are the most accurate timekeeping devices keeping time to within a few hundred nanoseconds.

A GPS receiver calculates its position on Earth by timing the signals sent by the GPS satellites. Each satellite continually transmits the time as told by its atomic clock along with information about the location of the satellite that sent it. The receiver uses the arrival time of each message to measure the distance to each satellite. By using the distance from four or more satellites the GPS receiver can work out via triangulation exactly where it is in the world.

Dedicated NTP GPS server (Network Time Protocol) are tuned to receive the GPS time signals are available. These devices connect o a computer network like any other server only these receive the timing signal and distribute it to other machines on the network using NTP (Network Time Protocol).

NTP servers are used by computer networks as a timing reference for synchronisation. An NTP server is really a communication device that receives the time from an atomic clock and distributes it. NTP servers that receive a direct atomic clock time are known as stratum 1 NTP servers.

A stratum 0 device is an atomic clock itself. These are highly expensive and delicate pieces of machinery and are only to be found in large scale physics laboratories. Unfortunately there are many rules governing who can access a stratum 1 server because of bandwidth considerations. Most stratum 1 NTP servers are set-up by universities or other non-profit organisations and so have to restrict who accesses them.

Fortunately stratum 2 time servers can offer decent enough accuracy as a timing source and any device receiving a time signal can itself be used as a time reference (a device receiving time from a stratum 2 device is a stratum 3 server. Devices that receive time from a stratum 3 server are stratum 4 devices, and so-on).

NTP.org, is the official home of the NTP pool project and by far the best place to go to find a public NTP server. There are two lists of public servers available in the pool; primary servers, which displays the stratum 1 servers (most of which are closed access) and secondary which are all stratum 2 servers.

When using a public NTP server is important to abide by the access rules as failure to do so can cause the server to become clogged with traffic and if the problems persist possibly discontinued as most public NTP servers are set-up as acts of generosity.

There are some important points to remember when using a timing source from over the Internet. First, Internet timing sources can’t be authenticated. Authentication is an in-built security measure utilised by NTP but unavailable over the net. Secondly, to use an Internet timing source requires an open port in your firewall. A hole in a firewall can be used by malicious users and can leave a system vulnerable to attack.

For those requiring a secure timing source or when accuracy is highly important, a dedicated NTP server that receives a timing signal from either long wave radio transmissions or the GPS network.

The NTP server is now an essential part of the modern computer network. Without a dedicated NTP server administrators are forced to rely on unsecure and inaccurate Internet sources to synchronise their network clocks too.

The potential risks involved in this, namely leaving a hole open in the network firewall and the lack of the NTP security measure: authentication, means that networks that use an Internet based timing source are risking their system to attacks from malicious user and hackers.

It should also be noted that a survey of Internet based timing sources found less than a third were accurate to UTC time and those that were could still be too far away from client to make any useful synchronisation.

There are two types of dedicated NTP server, the GPS NTP server and the radio referenced NTP server. The difference between the two is based solely on the method they receive their UTC time source from. A GPS NTP server will use the signals broadcast from the GPS satellites above the Earth’s atmosphere. These signals are very reliable and can be picked up anywhere in the Worlds as long as the GPS antenna has a clear view of the sky.

The alternative is to use a dedicated NTP server that can receive a signal from the national time and frequency transmissions broadcast by several national physics laboratories. While not available in every country and quite vulnerable to interference these long-wave time signals are still an accurate and secure method of receiving UTC time. They are also ideally suited for network administrators who, for reasons of logistics can’t place a GPS antenna on the roof.