×

TMCnet
ITEXPO begins in:   New Coverage :  Asterisk  |  Fax Software  |  SIP Phones  |  Small Cells
 

Product Reviews
September 2004


NTS-200 Network Time Server

 

SYMMETRICOM, INC.

TT&M DIVISION

3750 Westwind Blvd.

Santa Rosa, CA 95403

Tel: 707-528-1230; Fx: 707-527-6640

http://www.ntp-systems.com

Price: $3,595

 

Editor's Choice Award

RATINGS (0-5)

Installation: 5

Documentation: 4

Features: 4

GUI: 5

Overall: A


When it comes to keeping time be accurate at it. This is much more relevant today with a myriad of applications that we have deployed and will continue to deploy like VoIP, Digital IDs, digital certificate authentication systems, SAN, card readers, encryptors, etc.

 

The need for synchronized time is critical for today's network environment. Irrespective of whether you are a service provider for voice, wireless, Internet services , and the like, or a customer who uses these services you do not want your PBX, VPN servers, routers, voice/data networks (with alternate routing enabled) or any other telecommunication or network elements and systems you depend on, to lose synchronization even for a moment, as is some cases it could mean dropped calls, lost connections and or data errors or loss of productivity.

 

This can be best illustrated with real life scenarios and examples which show us that keeping accurate time is crucial and essential. We check various application servers, system log files/reports, system metrics, and performance metrics and use that data to assess activities, and then the timing has to be accurate for co-relation. This includes for example, building access control, time and attendance system, video surveillance systems, event logging servers, voice recorders, IDS or IPS security-related activity, bandwidth usage, as well as various logging, and AAA (authentication, authorization, and accounting) functions. These logs are a compilation of information from different network nodes (video surveillance systems, event logging servers, etc.), it is essential that the time stamps be correct. It would be chaotic if it is not, causing difficulty in ordering events and troubleshooting the problems. Statistical data and various system metrics with respect to time would be difficult to interpret and meaningless.

 

To understand this better let us consider your ubiquitous LAN network switch or your central network router. This device is a repository for centrally logged configuration changes/events, system error messages,  switch configuration changes, switch interface up/down status, security alerts, environmental conditions, and network overloads rely on network time synchronization for accurate time stamps for the data to have meaning.

 

If you move to the voice network domain, monitoring processes, such as the CDR (Call Detail Records) and billing for a service provider, time also plays an important and critical role. Costs are calculated using three parameters, rate per minute (calculated per second), minimum cost and connection cost. CDR is a database record unit used to create billing records. The cost statistics i.e., Costing information (costs are based on time of call, destination etc.) is very vital for billing. A CDR contains details such as the called and calling parties, originating switch, terminating switch, call length, and time of day. These records are passed to the billing platform.

 

CDR contains the time stamp when the call was initiated, the call duration and time the call was terminated. It is not just about plain billing but billing integrity which relies on time accuracy of the CDR records. If time synchronization of the network elements like the IP-PBX, VoIP gateway, IAD (Integrated Access Device), multiplexer, multi-media gateway etc. is not proper then the CDR accuracy will suffer and in turn the billing system will suffer which of course will have serious consequences as many service providers and carriers share network resources and facilities and subsequent CDR information. All this would lead to wasted time, resources and mediation. Imagine a consumer or customer getting inaccurate bills!

 

Looking forward we see that service providers are providing new services like video conferencing, unified messaging, multi-media service networks etc. and with globalization the networks are merging. With Competitive pressures service providers have to provide innovative and unique billings schemes and the underlying cog for all this in the wheel is synchronization/accurate timing.

 

The fact is �synchronization� is not tops in the �shopping check list� for IT when establishing their network. But when problems strike the proper value of the synchronization/accurate timing system come to the fore.  Every network and infrastructure operation right from managing, securing, planning, and debugging a network etc revolves around determining the timing of events that have occurred.  So just keeping time becomes irrelevant, if you keep time it better be accurate time.

 

For example our IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems) and other network elements like routers, file servers, application servers, SAN (Storage Area Networks) all rely on log file accuracy and integrity for their metrics. Precise and accurate time synchronization is an integral part of network forensics because it aids in the ability to investigate security breaches, system exploits, tracing network intruder activity, and all that forms a part of the evidence as much as log files and application time stamps do. Even the humble access card reader doing duty at your office gate if out of sync may fail to recognize your legitimate card. All because your card and the reader use the current time to generate an entry code. In accurate time means that the codes will no be accurate and the cards will not work.

 

QoS deployment, network diagnostic and monitoring systems deployment require all the concerned network elements to be synchronized. If the various systems time stamps are not accurate then how can we co-relate the logs and system events sequentially and batch processes that have to proceed in a time based sequence (if the network nodes do not keep time) how can they be completed? A stitch in time saves nine others; simply put it is prudent to incorporate time synchronization up front in system design � not when trouble occurs.

 

To provide this synchronization we require a useful time reference that can supply the Stratum 1 level frequency reference for the network elements and the accurate time stamps for the Network time servers should always be referenced to a reliable source of time. NTP uses Coordinated Universal Time (UTC) which is the same worldwide. The GPS satellite system is the most readily available source for UTC time in the world.

 

With globalization our traffic would be traversing many networks and when troubleshooting or investigating problems we need to refer to log files of various systems and networks. By synchronizing our network to UTC we remove one more source of interoperability problems between our network and others. E-mail or Web access could perhaps endure downtime for some time but when you add business related voice traffic to your network you cannot afford downtime. A VoIP service problem has to be avoided, or prevented so that business mission critical voice systems continue to function. In this case VoIP traffic which may transit many networks consequently it would require the correlation of log files from various networks to solve a problem.

 

NTP (Network Time protocol) a time tested and proven time protocol is very useful in the determination of accurate time, all we need to do is to complement NTP with a simple and reliable UTC time source.

 

As we discuss NTP we should also make a mention of the many public timeservers available for you to connect to on the internet, and they provide NTP services free. But let us also be aware of some of the limitations around its usage i.e., problems due to the reliability of the Internet connection, traffic and load on the NTP server. But the most worrying aspect is the security issue when the time source is located beyond your firewall. Now you would have to open a port in the firewall so that NTP packets containing the time information can come in i.e., someone could exploit this by sending a spurious NTP packet affecting the timing services or even bring down your network or even send a packet that uses the NTP program itself to take over the host. Thus a dedicated time server like the Symmetricom NTS-200 will protect you from the security risks inherent in obtaining Internet time. Also installing a time server behind your firewall, risks from the outside are minimized and on the plus side the timing accuracy on your network is maximized.

 

If we analyze the world of finance revolving around Digital certificate authentication systems here too we find that accurate timing is very important. Digital certificate authentication systems are used by us to check certificates used to authorize payments, to identity transactions. The certificates all have a time bound validity period and need to be renewed. Inaccurate time keeping introduces the risk of an expired certificate being accepted.

 

We need an appliance that is rack mountable, easy to install, provide us with atomic clock accuracy using its embedded GPS receiver, and synchronize our entire network clients providing time that is accurate, reliable, and secure to the network nodes. To keep accurate time in our network we need a network time server preferably an appliance that will provide a highly convenient, reliable and relatively inexpensive mode of synchronizing time on our network. Also it should be doing it in a fast, accurate, reliable, and secure manner. 

 

We have selected Symmetricom�s NTS-200 network time server to fulfill our earlier mentioned aspirations (to keep all our network nodes timing accurate and in sync). NTS-200 offers various management and user interface options namely alphanumeric backlit LCD front panel display/keypad, the Web interface for time, GPS, satellite, network status, control pages etc can be accessed, Telnet access also allows full status and control of the NTS-200.Additionally NTS-200 also supports FTP,SNMP, RS-232 access.

 

OPERATIONAL TESTING

First we identify the location so that we can mount the GPS antenna the objective is to can get a clear view of the sky (that will enable the NTS200 to track a number of satellites at any given time). Next, we mounted the antenna and connect the antenna cable to the NTS-200. The NTS-200 can be rack mounted in your 19� Data communication cabinet. An important caveat to be noted at this stage is that if your system is to be deployed at more than 45 meters away from the antenna you have to include a GPS antenna in-line amplifier in the shopping list.

 

If you need to go further say up to 457m then you would need a GPS antenna down/up converter.  Long runs also necessitate that you use good quality low-loss cables. Let us now connect the NTS-200 via the 10/100 UTP Ethernet port to the LAN. Using the front panel we programmed the network parameters like DHCP status, IP address, subnet mask, default gateway, and remote control. After a few minutes we find the NTS-200 is up and ready for use. It is noteworthy that the for maximum security HTTP access, keypad control, Telnet access, FTP access can be disabled to enhance the security of the unit.

 

We then pointed all the NTP clients to the NTS-200.The NTS-200 now starts serving as an NTP server reporting time on our network using the GPS as a synchronization source.  The NTS-200 now fulfills the role of an accurate network time server, providing IP network time synchronization over the Ethernet via NTP. The front panel display is very handy just like your car dashboard it shows us the status e.g., booting, software loading, satellite searching, satellite acquisition etc., all that is happening with your NTS-200.

 

We found that the Web-based access option is a very useful feature for remote operation and control. All in all we were impressed by the simplicity and ease of installation/programming.

 

ROOM FOR IMPROVEMENT

The NTS-200 does keep accurate time nevertheless we reckon that the unit should provide standard support for SSH access; SSH secure copy, SFTP and HTTPS in addition to the other network and security protocols already supported.

 

CONCLUSION

For those of us who need to keep accurate time and keep the network elements synchronized the NT-200 Network Time Server would serve our requirement very well. The NTS-200 can be categorized as an appliance i.e., �program it once and forget it� that is what we did. You just have to program it with a few parameters plug it in to your network and the unit does the rest.

 

by Biju Oommen
[ Return To The September 2004 Table Of Contents ]



Today @ TMC
Upcoming Events
ITEXPO West 2012
October 2- 5, 2012
The Austin Convention Center
Austin, Texas
MSPWorld
The World's Premier Managed Services and Cloud Computing Event
Click for Dates and Locations
Mobility Tech Conference & Expo
October 3- 5, 2012
The Austin Convention Center
Austin, Texas
Cloud Communications Summit
October 3- 5, 2012
The Austin Convention Center
Austin, Texas