“Close enough” is no longer good enough, and Internet distributed time for network time synchronization does not meet today’s modern enterprise requirements for time accuracy, reliability, security and manageability.
Accurate timekeeping lets you control your IT infrastructure in two ways
- The first is event synchronization, i.e., knowing that events will occur when they are scheduled to occur
- The second is server log file forensics, i.e., knowing when events did occur, and the ability to prove it
For timekeeping to enable both roles, it must be both accurate, consistent across the internet, and pervasive. The clock in a server is only accurate to the extent it agrees with UTC, Universal Coordinated Time. If all clocks are synced to UTC, it automatically means they all tell the right time (to some degree of accuracy) and that they all tell the same time (i.e., they are in sync).
A locally deployed time server eliminates the inaccuracy introduced by transporting time over the Internet. Internet distributed time typically uses an accurate clock as its initial reference source, but the unknown impact of delays and variations through the Internet (asymmetric paths, node queuing, number of hops, etc.) introduces inaccuracy, and also breaks the chain of traceability to the original source. The accuracy of server clocks synchronized using the Network Time Protocol (NTP) from a local time server are typically better than 1 millisecond (although it can be better or worse depending on local network configuration).
A locally deployed time server can use multiple time sources, peering and a high speed NTP processor (that is: hardware- based timestamping) to assure accurate delivery of time to all of the clients in a network. An integral, high quality oscillator can “holdover” the required accuracy during period when the primary reference is impaired or unavailable. A local time server can also assure reliability through the network by deployment using multiple ports and bonding of network ports.
Security and Verifiable Audit Trail
Taking control of your network timing is one aspect of securing your operations, and that control is completed with time server features that control access (such as RADIUS, keypad lockout, etc.) and features that support best practices for deployment (such as independent network ports, client authentication, etc.)
The point of timekeeping is to assure events happen on time and to verify when they happened. The audit trail is that assurance. This capability typically takes the form of a dedicated audit server — one that stands apart from whatever is being audited.
The audit server monitors the individual timeservers and clients; it verifies that time on machines is synchronized regularly with a known time source; it allows for easy access to audit information; it provides concise and complete audit records; and it generates immediate email alerts when preset thresholds are exceeded.
Manageability and Ease-of-Use
Taking control of your network timing does not take a lot of work. Network time servers are easy to install and have features that facilitate easy operation, including web-based interfaces and wizards, local interface with full numeric keypad and high-resolution display, informative LEDs on the unit, point and click firmware upgrades, and a USB port for local back-up. Time servers are also both IPv4 and IPv6 compatible.