Mitigating an NTP Distributed Denial of Service (DDoS) Attack

Introduction

Network time service is not something many businesses think about as a key component of their critical infrastructures. In fact, it is often overlooked entirely, and in error. As a result, the network architect or engineer often defaults to an easy alternative: using a server or network switch as the source of the network clock and synchronizing these sources to Internet time servers using Network Time Protocol (NTP).

However, is the "NTP over Internet" really a secure method to solve network timekeeping requirements? Is it okay for some industries, and not others? Let's explore the subject.

NTP Over Internet: How Safe is It?

NTP, one of the oldest internet protocols in use, is the standard for synchronizing clocks between computers over a packet-switched network – such as the Internet.

According to the Akamai global state of the Internet security report (Summer 2018), NTP over Internet is the second most common protocol being attacked by DDoS. And, in just a year, DDoS attacks have increased by 16%.

A Better Solution: Your Own Stratum 1 NTP Server

So how can you mitigate DDoS for time service?

Figure 2 shows how an enterprise can eliminate the "weakest link" – by building its own resilient and redundant network timekeeping infrastructure internally, using Orolia time servers, such as the SecureSync.

Each Orolia time server receives time signals through a GNSS (Global Navigation Satellite System) or GPS (Global Position System) antenna and regulates its internal high-quality oscillator clock with that information. The time, with accuracy under Nano seconds, is then distributed to the network. If NTP is used as the preferred protocol, then the server will operate at NTP Stratum level 1, and distribute safe, reliable time to the remainder of your network without the use of an internet connection.

Other Advantages of Internal Timekeeping

In addition to mitigating danger from DDoS attacks, time servers such as those from Orolia offer several other advantages, including:

1. Resiliency – Each Orolia time server unit can use multi-GNSS for its time reference. However, if a GNSS/GPS signal is not available, Orolia time servers also contain an internal holdover oscillator capable of maintaining accurate time for days, or even months, using atomic clock technology in the absence of a valid GNSS signal.
2. RF Signal Security – Anti-jamming, anti-spoofing and signal security are engrained in Orolia time servers. Customers in need of even higher levels of security also include our Broadshield™ and anti-jamming antenna solutions.
3. High Integrity UTC Traceable Time – Sophisticated threats can spoof GNSS. Though these threats are detectable by Broadshield, how is traceability to UTC maintained? STL is there for the rescue. As an alternate encrypted antenna signal, STL supplies powerful authentication to confirm that you have true UTC traceability.
4. Ease of Installation – Does your environment make it difficult to achieve roof access to capture a GNSS signal? Again, STL to the rescue. Much stronger than GPS or any GNSS signal, STL can be received indoors. At a recent demonstration, STL provided solid reception inside the NYSE building, located in one of the most severe urban canyons in the world, where a view of the sky for GNSS reception is very limited.
5. Multiple Options – In addition to full NTP compatibility, Orolia time servers support multiple protocols and options to distribute time, like Precision Time Protocol (PTP), Pulse Per Second (PPS) and other time signals as suited to customer requirements. Plus, industry-leading support is standard.

Conclusion