A network time server is not something many business owners think of, and timekeeping is usually not a priority for network administrators. However, proper network time synchronization is an essential part of monitoring a network and resolving issues within it.
Numerous organizations have network devices that use an internal clock or make use of a Public Internet Time Server. The problem is that both of these timekeeping methods are less than optimal solutions. Most companies would be best served by implementing a Stratum 1 NTP server to ensure that devices on the network are properly synchronized, maintain accurate time behind a firewall, and comply with timekeeping regulations.
The Need For Network Time Synchronization
While there's no question that a device on a network needs to show the correct time, it's also important that all network devices are synchronized for precise timestamping.
Accurate timestamping is key to root-cause analysis, determining when problems occurred and finding correlations. If network devices are out of sync by a few milliseconds or, in extreme cases a few seconds, it can be very difficult for network administrators to determine the sequence of events.
Intrusion analysis is another area where pinpoint accuracy is needed. Network security is a concern for any network, and logs can help analysts determine which areas of a network hackers accessed first. This can help uncover the vulnerabilities being exploited. If network logs are not accurate or there is a large variance in the times, this process can be difficult if not impossible.
Time Synchronization Required by Law
For some organizations, accurate timekeeping is required by law. The FDA, FINRA’s OATS Reporting Technical Specifications and MiFID II mandate that financial institutions keep accurate time.
Per FDA 21 CFR Part 11, the “use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records” is mandated. If audited, failure to comply can lead to hefty fines.
Currently, FINRA Rule 7430 requires synchronization all business clocks used to record the date and time of market events. All clocks, including computer system clocks, and time-stamping devices must remain accurate within 1 second of the National Institute of Standards’ (NIST) atomic clock. Proposed changes to OATS will tighten this requirement to 50 milliseconds. MiFID II will require granularity of 1 microsecond.
Issues With Using Internal Clocks and Public NTP Servers
The internal clocks in many devices are fairly accurate. However, greater levels of accuracy are needed for most business purposes. Further, many devices run clocks with times that were put in manually, so they are often ahead or behind a few seconds even before they drift. When each device is running off its own internal clock, the differences on a network can be significant.
Public Internet Time Servers provide much more consistent timekeeping across a network, but there are security issues that arise from using these systems. Data has to go through a firewall, which opens access to the network and creates a vulnerability that hackers can use to infiltrate your entire system.
Outside of the security issues, using a public NTP server can greatly improve consistency across a network, but it will still not provide the most accurate timekeeping due to potential transmission latencies. As a result of asymmetrical latency, delays between when data leaves a server and arrives at a network, timekeeping will still not be as precise as it could or should be.
The Solution: Running Your Own Network Time Server
The best way to ensure that network times are accurate, consistent, and secure is to run your own NTP server. This solution doesn't require you to reconfigure routers or firewalls to allow data from public time servers into your network. GPS-based Stratum 1 NTP servers are directly linked to an accurate source of UTC time and offer legally traceable timestamping.