The Internet has many NTP servers that can be used to synchronize the time of networks and computers. Most provide a service completely free of charge.
So why do organizations need to seriously consider buying a dedicated NTP appliance?
Dedicated hardware time references installed locally, within an organization, provide a number of advantages over Internet time sources. Here, we describe ten legitimate reasons to buy.
1. Enhanced Security
In order to synchronize time using NTP, a client computer needs to establish two-way communication with a server.
NTP uses the UDP protocol to enable client-server communication. Therefore, in order for clients to communicate with Internet servers, UDP port 123 must be left open in any network firewall.
Opening ports in a firewall is a potential security risk and can provide hackers with a route into an organizations computer systems.
A dedicated NTP server appliance uses satellite technology as a source of precise time. It does not require Internet access.
Therefore, it can be installed inside a firewall, with no requirement to leave any ports open, thus reducing security concerns.
2. Prevent Spoofing
NTP uses the UDP protocol for client-server communication. UDP is not particularly secure and is relatively easy for hackers to spoof.
In order to prevent spoofing, NTP utilizes authentication techniques. Shared passwords are stored on both clients and servers which are encrypted and added to communication packets.
Using shared passwords, a client can ensure that it is communicating with an authorized source.
Internet servers provide time to large numbers of clients, anyone can use them free of charge.
It is therefore completely impractical to use authentication techniques. This makes client computers vulnerable to spoofing and the possibility of receiving false time stamps from an unauthorized source.
A dedicated NTP appliance has a restricted clients base. Authentication can therefore be easily implemented to prevent any possibility of spoofing.
3. Optimized Accuracy
NTP employs complex algorithms to calculate network delays in order to maximize synchronization accuracy.
It assumes that network communication is symmetrical, i.e. the transmission time of a packet to a server is the same as the reception time of a packet back from the server.
Internet time servers may be a long distance away from a client. Symmetrical communication cannot therefore be guaranteed and is in fact unlikely.
ADSL communications can compound the problem, download speeds are often much faster than upload speeds. Such factors make it almost impossible to optimize client timing accuracy.
A Stratum 1 NTP server that uses GPS/GNSS satellite technology are among the most accurate servers in the NTP hierarchy. They can synchronize to within a few microseconds of UTC time.
When such appliances are installed on a LAN they have the additional benefit of being very close to client computers. It can provide optimal accuracy for local clients, potentially synchronizing with sub-millisecond accuracy.
4. Control and Configuration
A survey of the Internet NTP network by MIT highlighted the number of bad clocks on the network and also the unbalanced nature of the network load.
It revealed that as few as 28% of stratum 1 clocks appeared to be actually useful, often due to being misconfigured.
It also suggested that there was a large number of stratum 2 servers that depended on relatively few stratum 1 servers.
Servers that have a good reputation are often well known and can be very popular.
Clients have no control over the operation or configuration of Internet time servers.
A dedicated NTP server is very simply to install and configure. It has the added advantage that it allows the network administrator full control of configuration.
5. Enhanced Availability and Reliability
Internet time servers provide no guarantee of service. Servers can disappear just as quickly as they pop up. There is also no guarantee that the servers have been well installed and correctly configured.
Poorly installed systems can lead to intermittent timing.
The use of Internet time references requires a reliable Internet connection. Losing a connection, even temporarily, results in loss of synchronization of client computers.
Installing multiple redundant NTP servers local to clients provides a robust source of accurate time.
Redundant NTP servers provide protection against hardware failure and is not dependent on Internet access.
6. Monitoring and Traceability
Internet NTP servers cannot be easily monitored to ensure satisfactory operation.
A dedicated time server appliance, however, can be continuously monitored. Events such as loss of GPS signal, loss of synchronization and time divergence can be continuously monitored.
Swift action can be taken as problems arise.
Additionally, logs can be stored and analyzed to ensure the accuracy of the appliance and to provide traceability to a known source of precise time.
Many industries are required to maintain accurate time synchronization by Law.
For financial, pharmaceutical, medical and many other industries there can be a legal obligation to maintain synchronization of systems to a traceable source of time.
Often, dedicated hardware is the only way that an organization can meet stringent regulations.
8. No Internet Connection Required
Many applications may not have access to the Internet, due to location or for security reasons.
For such applications, a NTP server appliance may be the only option available to provide network time synchronization.
9. Organization-Wide Synchronization
A local NTP server can be used to synchronize many different types of equipment throughout an organization.
NTP or SNTP can be used to provide accurate time to servers, workstations, routers, switches, telephone systems, security cameras and many other network devices.
10. Correct Insertion Of Leap Seconds
Dedicated timing hardware is specially designed for timing applications. They use GPS or GNSS receivers that are optimized for timing. NTP servers that use the
Free to use NTP servers may use general purpose positioning GPS receivers that are not optimized for timing applications.
Such receivers may not handle leap seconds correctly, which can cause stepped time adjustments and potential timing issues.
TimeTools NTP Server Appliances
TimeTools has a range of GPS and Multi-GNSS referenced NTP server appliances that can be purchased directly from us or from one of our regional re-sellers.
Our products are competitively priced and offer many of the advantages described above.
Additionally, the cost of purchasing and installing a device may be much less than expected.
Network Time Protocol (NTP) Best Practices
|About Andrew Shinton|
Andrew Shinton is the joint founder and Managing Director of TimeTools Limited. He has a BSc (Hons) degree in Computer Science. Andrew has over 20 years experience of GPS systems and Network Time Protocol (NTP) in the Time and Frequency Industry.