Network Time Synchronization
Most people assume that computer clocks in servers, workstations and network devices are inherently
accurate. This is incorrect. Most of these clocks are set by hand to within a minute or
two of actual time and are rarely checked after that. Many of these clocks are maintained by a
battery-backed, clock-calendar device that may drift as much as a second per day. Having any
sort of meaningful time synchronization is impossible if such clocks are allowed to run on
The Importance of Time Synchronization for Your Network
In modern computer networks time synchronization is critical because every aspect of managing,
securing, planning, and debugging a network involves determining when events happen.
Time also provides the only frame of reference between all devices on the network. Without
synchronized time, accurately correlating log files between these devices is difficult, even impossible.
Following are just a few specific reasons:
One Way to Synchronize Time on Your Network
- Tracking security breaches, network usage, or problems affecting a large number of components can be nearly impossible if timestamps in logs are inaccurate. Time is often the critical factor that allows an event on one network node to be mapped to a corresponding event on another.
- To reduce confusion in shared filesystems, it is important for the modification times to be
consistent, regardless of what machine the filesystems are on.
- Billing services and similar applications must know the time accurately.
- Some financial services require highly accurate timekeeping by law.
- Sarbanes-Oxley and HIPAA Security Rules both require accurate timestamping.
The Network Time Protocol (NTP) has long been the king of
Some companies solve the problem of synchronizing their networks by using NTP to go out on the Internet
to get time from a public Internet Time Server.
But, this approach is prone to problems because:
A Better Way to Synchronize Time on Your Network
- The source of time is beyond your firewall. This means there must be a "hole"
left open in the firewall (UDP port 123) to allow packets containing the time
- Time accuracy degrades when using an Internet Time Server because of asymmetrical latency
(delays between when the time packets leave the time source and when they arrive at your network).
- External agencies (e.g. universities) who provide Public Domain Time Servers are not obliged to
continue service or guarantee availability and accuracy.
A dedicated network time server protects you from the security risks inherent in obtaining Internet time.
By installing a time server within your firewall, risks from the outside are minimized and the timing
accuracy on your network is maximized:
At EndRun Technologies we specialize in the manufacturing of very high-quality
Network Time Servers.
If you are an IT Administrator interested in time synchronization and in maintaining a high level of
security on your network then click here for more information.
- Installing a network time server behind your firewall and insulating it from the Internet
provides the best security.
- You avoid the extra work of reconfiguring firewalls and routers that may be required to allow
the devices on your LAN access to a Public Time Server.
- Because of minimal latency, a network time server on your LAN can reliably keep all the servers,
workstations and network devices synchronized to within 1/2 to 2 milliseconds of each other.