Product Reviews

Time Machine

TrueTime Server keeps your computers on the clock.

Computer systems simply must know the correct time when performing time-sensitive operations such as logging security audits or processing financial transactions. This month, I look at a time-synchronization product from Symmetricom that’s designed to keep your computer’s clocks ticking in unison with a time source from the edge of space itself.

The NTS-200 is a rack-mountable appliance that receives its time signal from the network of Global Positioning Satellites (GPS) in orbit around the Earth. Setup and configuration are simple: Plug in the power cord, attach the provided RG59 coaxial cable that extends to a GPS antenna, then lick the suction cup on the antenna and stick it to a south-facing window. Next, plug in a network cable between the NTS-200’s built-in 100MB Ethernet card and your network. Configure the appropriate IP addressing on the front panel and, voilà, you have a GPS-fed Network Time Protocol (NTP) time source. Although you can synchronize time at no cost via the Internet with public NTP servers, the NTS-200 provides fault-tolerant time synchronization even if you lose Internet connectivity.

The NTS-200 with firmware version 8 can synchronize the correct time even when it can find only a single GPS satellite (vs. the three needed in previous versions), acquiring each satellite as it comes in the field of view. The built-in Web server allows configuration of the NTS-200 over the network. The unit displays, through its Web interface, how many satellites it has currently acquired (see figure below). In addition to the Web interface, the NTS-200 can be configured over the network through a telnet connection or through a terminal session using a null modem cable connected to the built-in RS232 port.

The NTS-200 is an easy set up
The NTS-200, which receives its time signal from Global Positioning Satellites, is simple to set up and configure. (Click image to view larger version.)

If you support an Active Directory domain, you may already know that the forest-root domain controller that holds the PDC emulator role can be synchronized with an external time source. This is accomplished by running the NET TIME /SETSNTP:“timeserver IP address or hostname” command with the NTS-200 as the designated time source. Other DCs in the root domain or child domains are configured to automatically synchronize their time with the PDC emulator. Although the built-in W32TIME service—in conjunction with the NETLOGON service—handles time synchronization for domain-based computers, computers in a workgroup have to be configured manually. The W32TIME service uses the Simple Network Time Protocol (SNTP), a watered-down version of the Network Time Protocol (NTP) for time synchronization.

Unfortunately, the W32Time Service has no graphical-administration or alerting features, so you typically won’t know if there’s a time-synchronization problem until the operating system reports an error.

Another drawback to the W32TIME service is that it only synchronizes with its time source once every eight hours, and the only way to manually force a time sync is by restarting the service or by using the W32TM command-line utility. To help administrators manage network time using a GUI, the NTS-200 comes with the DomainTime II suite of applications that allow remote management of time synchronization across the network. You can make a DC a DomainTime II Master Time Server and configure it to receive its time from the NTS-200, while designating other DCs to be slave servers, which can take over the role of the master time server if it fails. DomainTime also includes a client application for Windows, Linux, Solaris and FreeBSD computers that will synchronize with the DomainTime Servers and allow remote management.

The NTS-200's Web interface

You can check satellite acquisition via the NTS-200's Web interface.

Although Windows 2000 includes basic time synchronization through the W32TIME service, the service was designed for the “loose synchronization” demands of the Kerberos authentication protocol. When you need absolute control over time synchronization on your network, Symmetricom’s TrueTime NTS-200 server and DomainTime II software is a tough combination to beat. It’s simple to configure; fault tolerant; and, with its extensive GUI-based remote administration functionality, you can do things more efficiently by not worrying about time.

About the Author

James Carrion, MCM R2 Directory, MCITP, MCSE, MCT, CCNA, CISSP has worked as a computer consultant and technical instructor for the past 16 years. He’s the owner of and principal instructor for MountainView Systems, LLC, which specializes in accelerated Microsoft Certification training.

Featured

comments powered by Disqus

Subscribe on YouTube