How to ensure time security across a global network - an industry Q&A
1. You recently added NTS support to the AXIS OS? Can you explain what kind of devices use the AXIS OS?
The AXIS OS is used on the security devices we provide to our customers. These devices include network cameras, audio devices, video recorders and door stations with access control. Currently there are many millions of devices globally using the AXIS OS.
2. Why did you add NTS support to the AXIS OS? What are the benefits of using NTS?
Security is a key element in all Axis products and, wherever security is concerned, the correct time is essential. With NTS, certificate validation proves that you get time from a trusted source. This means you can be sure that the time packets have not been manipulated or tampered with by another party. The encrypted authentication means you can rely on NTS time packets even if they are coming over networks you don’t control.
3. Why is accurate and secure time so important for your business?
In our business, accurate time synchronisation is essential. Our customers have significant issues if the time is not accurately synchronised between, for example, multiple cameras and a Video Management System (VMS). If the time stamps used to establish the chronology of events are not reliable, this can cause all manner of problems. Investigations are compromised, events cannot be adequately sequenced, and legal evidence becomes discredited. Time stamps are only meaningful if devices are properly synchronised with time from a trusted source. Otherwise, when you have inconsistencies, the question becomes: which timestamp can you trust?
4. How easy is it to move from taking time from NTP servers to taking time from NTS servers?
We decided to upgrade to NTS after a thorough analysis of other ways to secure NTP. NTS was clearly the best solution and that’s why we chose it. implementing NTS in the AXIS OS was very straightforward. This was in part because we already had certification management in place in each product that could be reused from other certificate based product features.
Today, Axis customers need to configure their devices to take time from an NTS server. This is quite simple (especially if using the excellent NTS HowTo provided by Netnod). Hopefully, in the future, we will be able to configure devices to use NTS automatically.
5. What customer communications have you had regarding NTS?
We documented the upgrade to NTS in the release notes for AXIS OS in October 2022 and we also added NTS to the protocol list in our product data sheets which makes it very visible. We have also ensured our salesforce understands the importance of the upgrade. On the other side, we received a security assessment from a large customer which included NTS and asked how up to date we were with the latest implementations and RFCs.
6. How do you see NTS today and what do you hope to see in the future?
NTS has been an essential development in time security and we find the NTS service provided by Netnod to be excellent. Hopefully, cooperation in other regions will lead to the deployment of more NTS servers globally. Currently, you can’t autoconfigure NTS in the same way as NTP. This would be a very welcome development!
Christian Storm and Axel Keskikangas testing the AXIS OS embedded NTS client.
More information about Netnod’s NTP/NTS service
Netnod provides an NTP service that is fully-NTS enabled throughout Sweden at multiple, autonomous sites. The time is traceable to the official Swedish time UTC(SP) and is available over IPv4 or IPv6. Each site has full redundancy with multiple servers, atomic clocks, and field-programmable gate array (FPGA) boards providing an extremely fast hardware implementation of NTP and NTS.
For networks requiring the highest level of accuracy, Netnod also provides time-as-a-service solutions using PTP to deliver ultra-precise time guaranteed with an SLA. More information is available here.
About Axis Communications
Axis enables a smarter and safer world by creating solutions for improving security and business performance. As a network technology company and industry leader, Axis offers solutions in video surveillance, access control, intercom, and audio systems. They are enhanced by intelligent analytics applications and supported by high-quality training. Axis has around 4,000 dedicated employees in over 50 countries and collaborates with technology and system integration partners worldwide to deliver customer solutions. Axis was founded in 1984, and the headquarters are in Lund, Sweden. For more information about Axis, please visit our website www.axis.com.