Integrating time servers into a Zero Trust Network

On the contrary, Zero Trust Networks (ZTN) assume that there is no network impossible to compromise but simply networks that have not been compromised yet. Consequently, accessing one of the elements of a network no guarantees access to the others. Zero Trust Networks do not particularly trust users within a network.

As a result, if a user of one resource wishes to use another one within the same network, it must authenticate once again. This allows for greater security and limitation of the impact of network intrusions.

ZTN best practices

Zero Trust Networks are based on a set of best practices. First of all, it is paramount to partition one’s network. This prevents hackers from making “lateral movements” that is to say, compromising another service as the one that enabled the hacker to enter the network. This partitioning can be carried out using VLANs that enable to isolate the different services present on the network.

ZTN are also based on strong identification of users and hardware connected. To do so, the two-factor authentication (2FA) as well as the 802.1X protocol will be used. ZTN operate with very specific user profiles which define who has access to what, where and when. This enables to make sure that damage will be minimal in the event of a breach.

In order to maintain a Zero Trust Network, it is paramount to constantly monitor everything that happens on the network to detect intrusions as quickly as possible and minimise their impact. The main advantage of monitoring the network is to be able to retrace the hacker’s route if the intrusion has been discovered afterwards.

ZTN: the need for time synchronisation

All these best practices require accurate and robust time synchronisation. Indeed, many mechanisms used to secure a ZTN rely on efficient time synchronisation. Using multi-factor authentication involves generating and verifying temporary tokens for access. Accurate synchronisation also enables to avoid replay attacks (of authentication messages for example). Besides, an accurate and synchronised time enables to have authentic logs, which is important for network audit or the analysis of actions carried out by hackers when intrusions have been discovered afterwards.

A Zero Trust Network must have a time synchronisation to operate correctly. Given the large number of security-related actions carried out on this type of network, it is important not to create discrepancies between users as a result of malfunctioning clocks on the network.

Since a Zero Trust Network does not trust its own users, it is impossible to use a public time server that would be an obvious attack vector. It is then paramount to create a time synchronisation network with one’s own time servers.

A standalone network with the reference clock at the top and end clients at the bottom enables to totally control the distribution chain and guarantees efficient and accurate time synchronisation on IT systems. In a network as strongly and logically segmented as a ZTN, it is important to synchronise the different services correctly across the VLANs to ensure that operations run smoothly.

Nowadays, accurate and robust time synchronisation is paramount for any network, in order to guarantee its optimum operation. For all Zero Trust networks which add many security layers to guarantee the integrity of services and data within the network, it is impossible to operate without internal time synchronisation.