NTP

Accurate time matters more than most people realize until something breaks. Kerberos authentication (used by Active Directory) fails if clocks are more than 5 minutes apart. Log correlation becomes impossible when events on different systems have inconsistent timestamps. TLS certificates have validity windows that depend on accurate time.

NTP synchronizes device clocks against a hierarchy of reference sources. Stratum 0 sources are GPS receivers and atomic clocks. Stratum 1 servers connect directly to stratum 0. Stratum 2 servers synchronize from stratum 1 — this is the tier most organizations use via public NTP pools (pool.ntp.org, time.google.com, etc.).

For most organizations: configure all servers, switches, and workstations to sync from two or three public NTP servers or your internal Active Directory PDC emulator, which itself syncs from a reliable external source. That's it — NTP doesn't need to be complicated.

UDP port 123. NTP provides millisecond-level accuracy over the internet, which is sufficient for essentially all IT applications. For sub-microsecond accuracy requirements (financial trading, industrial control), see PTP.