Industry Literature - August 23, 2018
A network time server is not something many business owners think of, and timekeeping is usually not a priority for network administrators. However, proper network time synchronization is an essential part of monitoring a network and resolving issues within it.
Why Do We Need A NTP Server?
While there's no question that a device on a network needs to show the correct time, it's also important that all network devices are synchronized to GPS for legally traceable timestamping.
Accurate timestamping is key to root-cause analysis, determining when problems occurred and finding correlations. If network devices are out of sync by a few milliseconds or—in extreme cases—a few seconds, it can be very difficult for network administrators to determine the sequence of events.
Intrusion analysis is another area where pinpoint accuracy is needed. Network security is a concern for any network, and logs can help analysts determine which areas of a network hackers accessed first. This can help uncover the vulnerabilities being exploited. If network logs are not accurate or there is a large variance in the times, this process can be difficult, if not impossible.
Is Time Synchronization Required by Law?
For some organizations, accurate timekeeping is required by law. The FDA, FINRA’s OATS Reporting Technical Specifications, and MiFID II mandate that financial institutions keep accurate time.
Per FDA 21 CFR Part 11, the “use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records” is mandated. If audited, failure to comply can lead to hefty fines.
Currently, FINRA Rule 7430 requires synchronization of all business clocks used to record the date and time of market events. All clocks, including computer system clocks and time-stamping devices must remain accurate within 1 second of the National Institute of Standards’ (NIST) atomic clock. Proposed changes to OATS will tighten this requirement to 50 milliseconds. MiFID II will require granularity of 1 microsecond.
Issues with Using Internal Clocks and Public NTP Servers
For some organizations, accurate timekeeping is required by law. The FDA, FINRA’s OATS Reporting Technical Specifications, and MiFID II mandate that financial institutions keep accurate time.
Per FDA 21 CFR Part 11, the “use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records” is mandated. If audited, failure to comply can lead to hefty fines.
Currently, FINRA Rule 7430 requires synchronization of all business clocks used to record the date and time of market events. All clocks, including computer system clocks and time-stamping devices must remain accurate within 1 second of the National Institute of Standards’ (NIST) atomic clock. Proposed changes to OATS will tighten this requirement to 50 milliseconds. MiFID II will require granularity of 1 microsecond.
The Solution: Running Your Own Network Time Server
The best way to ensure that network times are accurate, consistent, and secure is to run your own NTP server. This solution doesn't require you to reconfigure routers or firewalls to allow data from public time servers into your network. GPS-based Stratum 1 NTP servers are directly linked to an accurate source of UTC time and offer legally traceable timestamping. Contact us today to discuss your timing requirements.
Return to Knowledge Center to learn more.
Presentation by John Clark, CEO & Dr. Demetrios Matsakis, Chief ScientistTime Behind and Beyond the Clock
