Schedule Tab Page Audit List Tab Page Discovery Tab Page Alerts & Logs Tab Page Cache Tab Page Advanced Settings Tab Page


 Domain Time II Audit Server\Overview

    Domain Time II Audit Server Domain Time II Audit Server is a system service designed to work in conjunction with Domain Time II time sync components to provide a secure, verifiable audit trail of the time synchronization of your network.

    Domain Time II Audit Server automatically provides the clear, indisputable records you need to easily resolve any contested timestamp issue that may arise.

    Federal regulatory agencies such as the US FDA, as well as major securities organizations like NASDAQ with their OATS (Order Audit Trail System) already require this type of audit collection to prevent fraud and to establish the validity of transactions (see our regulatory compliance pages). Domain Time II Audit Server meets or exceeds such requirements and makes it painless to comply with these regulations.

    The audit records collected by Audit Server include complete information to allow auditors to determine precisely when a machine was last synchronized, with what time source, as well as its variance from the reference time source.

    Full time audit records can be collected and maintained from any machine running Domain Time II time sync components on Windows, Solaris, FreeBSD, and Linux (all flavors) platforms. In addition, Audit Server can collect limited information from NTP sources so that all time devices used in synchronization are tracked. As of version 4.1, Audit Server can also collect audit info and drift logs from Windows machines running the Domain Time II Windows Time Agent.

    How it Works

    The Domain Time II Audit Server consists of a Windows service that:

      One  Collects time sync audit information and (optionally) synchronization logs from Domain Time II Servers, Clients, and designated NTP sources on a schedule you specify.

      Two  Collects audit records and sync logs to local storage for easy archival. Generates automatic alerts if any audited machine exceeds your specified time sync or audit period tolerances.

      Domain Time II Audit Server Audit Flow
      Domain Time II Audit Server - Audit Information Flowchart

    See the Product Family page for information on system requirements and version histories.

    Audited Time

    In order to successfully provide Audited Time, the following issues must be addressed:

    1. Monitored machines must be able to be reliably and individually identified
    2. Time on individual machines must be synchronized regularly and accurately with a known time source
    3. Vital information such as when the local clock was last synched and with what time source must be retrievable from the time sync component
    4. Sync information must be collected regularly and compiled into concise and complete audit records
    5. Audit records need to be stored in a protected location and be easily and quickly retrieved when needed

    Here's how Domain Time II Audit Server (in conjunction with Domain Time II Server and Clients) accomplishes these tasks:

      Issue 1
      Monitored machines must be able to be reliably and individually identified

        Individualized Serial Numbers All Domain Time II Server and Client services are individually identified using a unique serial number that is assigned when the Domain Time software is installed. Even if the IP address or name of the machine changes, the audit records will clearly identify the machine running that particular instance of Domain Time II.

      Issue 2

      Time must be synchronized reliably and accurately with a known time source

        Domain Time II Distributes Time A Domain Time II Server connects securely to a trusted network time source such as a GPS receiver, atomic clock card, or an Internet public time server, and then distributes that time accurately and verifiably to every time-aware machine on the network using the Domain Time II time distribution system.

        In addition, Domain Time II components have a function called Clock Change Monitor that prevents users from manually changing the time on machines to falsify records. Domain Time II also has sophisticated security features to ensure that the entire system time is correct, including protection from rogue time servers, Denial-of-Service attacks, and more.

        For more information on how Domain Time II reliably obtains and distributes time, see the main Domain Time II product page.

      Issue 3

      Vital information must be retrievable from the time sync component

        Domain Time Servers and Client services keep detailed internal stats on their operation which can be queried as necessary by Audit Server (many of these stats are also viewable using the Domain Time II Manager tool, or from the actual Server or Client component themselves).

        The statistics include such information as the name/ip address and time of the last time source used for synchronization, the amount of correction to the clock that was made at sync time, the protocol used to set the time, etc. Stats are retrieved from clients and servers using the Domain Time II protocol, which allows for efficient transfer of the information to the Audit Server, with a very small amount of traffic. This means that the audit process is very low-overhead and has minimal impact on the network.

        Audit Server also has the capability of obtaining the current time from an NTP time source at the time an audit occurs. This allows the audit record to include at least basic information from any NTP machines (such as a GPS clock) that may also be involved in providing time to the network.

        Domain Time II Stats
        A time statistics display and drift graph from Domain Time II Server
        showing some of the information Domain Time components maintain

      Issue 4

      Sync info must be collected regularly and compiled into concise and complete audit records

        The Audit Server automatically contacts Domain Time II Servers, Clients, Windows Time Agents, and any specified NTP Servers to collect their audit data on a schedule you specify. This information is compiled into compact record files that include all relevant information about each monitored system.

        Each record is optimized to minimize the amount of disk space used to retain the records. The Audit Record Viewer allows you to view the data in an easy-to-read format, and to extract the data to text files in a summary or full-detail form.

        Domain Time II Audit Record
        A sample of the information contained in a Domain Time II audit record

        Audit Server also verifies that machines you have selected to be audited are actually having their time set and that they are responding to the audits. If any machine fails to be synchronized within your desired tolerance, or if a machine misses more audits than your specified maximum error limit, an email alert is automatically generated so that the problem can be addressed immediately.

      Issue 5

      Audit records must be stored in a protected location and be quickly retrieved when needed

      The Audit Server runs as a protected system service and writes the audit records to the local machine in a folder that can be secured so that no unauthorized access or deletions may occur.

      Audit Server also includes an integrated audit record viewer that can view any or all of the audit details from any saved audit.

        Domain Time II Audit File Viewer
        The Audit File Viewer, showing an audit record
        Note the yellow indicator, showing a system that was offline at the time of this audit


Copyright © 1995-2021 Greyware Automation Products, Inc.  All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.
Greyware Automation Products, Inc.
308 Oriole Ct, Murphy, TX 75094
972-867-2794 (voice) 972-208-1479 (fax)

Close Printer-Friendly Version