What Is Trusted Time for Zero Trust Networks?

What Is Trusted Time for Zero Trust Networks?

Why Does A Zero Trust Network Matter To You?

If you’re an IT professional in a company rolling out a Zero Trust network architecture, you probably have a pretty good idea of what zero trust means in your world. From a wider perspective, here are the two primary concepts to consider:

  • Zero trust: a cyber security paradigm that trust is never granted implicitly
  • Zero trust architecture: an end-to-end approach to enterprise resource and data security
  • The motto of zero trust is “never trust, always verify”. That pretty much sums it up.

Chances are that if your organization is rolling out zero trust, it started with Identity and Access Management (IAM) for users. From there, it moved on to devices connected to the network, then to the network itself by implementing strategies such as micro-segmentation, and then on to automation and analytics. These are called the “pillars” of the zero trust model.

The zero trust architecture is a migration from a perimeter-based security model to one where every person and device on the network is authenticated and authorized end to end. If your company is already on this path, this is not news. What may be news though, is the critical role that Trusted Time™ plays in the zero trust network. Let’s first start with why time matters.

Why Zero Trust in Time Matters

Network-wide time synchronization accuracy and the essential role it plays in network management and security are often taken for granted in managing a network. If you’re not convinced, imagine what would happen if every network device had a different time. Chaos would break out across the network. Log files and network telemetry would be useless. Logs and telemetry time stamps would not correlate. For example, syslogs that would be received in real time but backdated to the previous week would not be helpful. Dashboards would fault, or at least present incorrect data, and would most likely trigger alarms. Critical processes would either start too soon or too late. Network forensics would be nearly impossible, audits would be meaningless, and video time stamps would be incorrect. Enough said. As you can see, time accuracy across your company’s network is important and it does matter.

Because time is so important, you need to consider the “what, who, where, and when” of the source of time for network time synchronization. Time servers providing the Network Time Protocol (NTP) time stamps are the “what.” If the “who” and “where” are merely an IP address of a time server from the Internet or Internet NTP server pool, then you need to consider the validity and vulnerability of the “when” of the NTP time stamps that are received. This, though, is the topic of a different blog post, since free time from the Internet violates just about every principle of zero trust and cannot be considered trusted time.

What Is Trusted Time™?

Assuming you have an NTP network time server in your network, zero trust raises two key questions. Is the time implicitly or explicitly trusted? And is the time server itself, as a device connected to your network, compatible with zero trust networking technologies?

Trusted Time means the time server is trusted with respect to the accuracy and legitimacy of the time. It also means that it is trusted as a device connected to the network and it is compliant with the company’s security requirements.

A network security team is more interested in a time server’s security features than they are in verifying and validating the time stamp’s accuracy or bandwidth. Since our SyncServer® S600/S650 network time servers offer unsurpassed timing performance, let’s discuss their security attributes.

As the most secure Trusted Time network devices currently available, SyncServer time servers comply with the fundamental pillars of the zero trust model, which include users, devices, network, applications and analytics.

zero trust graphic showing the pillars of security needed

About Syncworks

Syncworks is a the national leader in GPS security. Critical infrastructure in the US is a top priority at the highest level of government. Our mission is to enable, educate, and support efforts to become complaint with celestial and terrestrial GPS systems working together.
  
Our flagship product, the TimeProvider® 4100, is a gateway clock that accepts multiple inputs from Global Navigation Satellite Systems (GNSS), Synchronous Ethernet (SynE), and IEEE 1588 PTP Grandmaster Clock and E1/T1 digital transmission links.  

As of January 1, 2024, we have expanded our Field Services to include Antenna Installation and Entrance Facility Cabling, Legacy Equipment Decom and Traffic Migration, Disposal (hazmat) Services, Radio Commissioning (MW, P-LTE, CBRS), Enterprise Wi-Fi.

For more information, contact sales@syncworks.com or call (904) 280-1234