Accurate time readings and time stamps are essential for video footage captured by CCTV surveillance cameras and access control systems for secure areas within facilities. These “timestamps” must be accurate. Evidence with an inaccurate time reading becomes inadmissible in court and may even be dismissed where time readings from cameras and other digital devices drifted. Devices attached to the internet will benefit from established times standards provided by atomic clocks and accessed through various other connected technologies.

The Network Time Protocol is a networking protocol, or system of communication rules, that synchronizes clocks between computer systems using packet-switched, variable-latency data networks. Developed by David L. Mills at the University of Delaware, NTP has been in use since 1985 and is one of the oldest protocols used on the Internet.

Time is a unified frame of reference leveraged by all of the devices on the network. Accurately correlating log files through time sequencing is the only way administrators can track through the network events.

Regular Reviews of Network Time Synchronization

Most people incorrectly assume computer clocks in servers, workstations, and network devices are accurate. Most networking clocks set by hand are only accurate to within a minute or two of actual time, and once set, are rarely rechecked. Additionally, many receive power from battery-backed devices and can drift up to a second per day.

The NTP currently uses Marzullo’s algorithm to synchronize time over the public internet within ten milliseconds of Universal Time (UTC) and can perform even better over LANs. Developed by Keith Marzullo as part of his doctoral dissertation in 1984. Developers have refined the algorithm and renamed it the “intersection algorithm.”

Some Examples of End User Requirements for Accurate Time Readings

Today computer networks use time synchronization in every aspect of management, security planning, and even debugging. Critical to diagnosis is determining when events like hacks or human engineering take place. Also:

  • Besides security breaches, time allows stakeholders to track things like network usage or equipment failure problems and their effect on other components. Node mapping and the timing of events is a standard procedure security analysts follow.
  • The modification times need to be consistent to reduce confusion in shared file systems, mainly where access is limited to sensitive data.
  • Accounts payable and receivable, cost accounting, and other business-critical applications and systems rely on time-tracking to maintain accuracy.
  • Financial services institutions require highly accurate timekeeping by law, particularly in processes where time determines value like interest rates, stock purchases or day trading.
  • Sarbanes-Oxley and HIPAA Security Rules, which are strictly monitored for security reasons, require accurate timestamping.

How NTP Works

NTP Network Time Protocol

NTP is a hierarchical system of layers or stratum starting with zero, which refers to the clock at the top of the pyramid. Each layer addresses a particular aspect of the algorithmic process.

Stratum 0

Stratum 0 refers to the precision timekeeping devices or reference clocks. Examples of reference devices include atomic clocks, GPS, radio clocks, and more. These technologies generate pulse-per-second signals. This process serves to trigger an interrupt or software response in stratum-1 devices.

  • Atomic clocks. National Institute of Standards and Technology (NIST) is one example.
  • Global Positioning System (GPS). GPS is a satellite-based radio navigation service owned by the U.S. government and operated by the United States Space Force. Galileo is the European version of GPS.
  • Radio Clocks. LF Radio WWVB, out of Fort Collins, CO, is one of the time signal stations. NIST runs this operation.

Stratum 1

Stratum 1 primarily consists of servers synchronized within milliseconds to Stratum 0 devices. The system time is a programmed aspect of a computer that tracks the passage of time in seconds, minutes, hours of a clock, and days and months of a calendar.

Stratum 2

Stratum 2 consists of computers synchronized over a network to servers on stratum 1, often a group of servers while also peering with other stratum-2 servers. All of this networking ensures greater time accuracy.

Stratum 3

Computers on stratum 3 synchronize to stratum-2 computers and deploy the same peering algorithms as stratum 2.

This process repeats itself through stratum 15, which is the upper limit of synchronized computers within an NTP network. Stratum 16 indicates unsynchronized devices.

All of the Network Time Protocol algorithms on the computers in the network form a Bellman-Ford algorithm that finds the shortest path spanning tree while remaining versatile to network changes. These added algorithms minimize accumulated delays caused by round-trips to Stratum 1 for all clients.


Implementations send and receive timestamps using the User Datagram Protocol (UDP). In this protocol, the client (computer) talks to the (server).


UDP is a communications protocol facilitating the exchange of messages between network devices. The alternative is a transmission control protocol (TCP).

UDP divides messages into”datagram” packets, which can be forwarded by switches, routers, security gateways to applications/servers.

TCP establishes a connection before sending data.

UDP does not.

They can also use broadcasting or multicasting, where clients passively listen to time updates after an initial round-trip calibrating exchange. Network Time Protocol supplies a warning of any impending leap second adjustment, but no information about local time zones or daylight saving time is transmitted.

Locating Your NTP Server

To determine your NTP server’s IP address, you can perform a few simple steps.

Step one: Click Start and Run.

  • Enter cmd into the field. Click OK.

Step two: Type “Net Time /querysntp” into the command prompt. Click Enter.

  • This query displays your NTP server settings.
  • The server’s name displays on the screen, but you can now use the “ping” command to retrieve the IP address.

Step three: Enter “ping” into the command prompt. Click Enter.

  • Replace “with the NTP server name displayed from step 2.
  • Result shown is the IP address of the NTP server.

The only devices that would need periodic checks for accuracy would be CCTV cameras and any other technologies on high-security networks not directly connected to the internet through a network. For operations requiring something less manual, Veracity Global offers an integrated GPS processor and Network Time Protocol server in mini-format.

The less your team handles manually, the fewer the errors that can creep into your process.

If you enjoyed this blog, follow PLANET on Twitter and Instagram.

The Network Time Foundation: NTP