Frequency and Timing

SyncServer S600
High-Performance, Enhanced Security Network Time Server

Features Best in Class Security is an inherent part of the SyncServer

• Ultra-high bandwidth NTP time server Modern networks require accurate, secure, S600 architecture. In addition to standard
• Stratum 1 operation through GNSS and reliable time services, as provided by the security features related to web interface
satellites Microchip SyncServer S600. The security hardening, NTP operations, and server
• Four standard GbE ports, all with hardened S600 network time server is pur- access, remaining services can be selectively
patented NTP hardware time stamping pose-built to deliver exact hardware-based disabled. Advanced authentication services
• Two additional 10 GbE ports optional Network Time Protocol (NTP) time stamps. such as TACACS+, RADIUS, LDAP, and
• Built-in DoS detection and protection The unparalleled accuracy and security is x.509 certificates are optionally available.
• Security-hardened NTP Reflector with rounded out with outstanding ease-of-use Timing and Design Reliability
firewall protection features for reliable network time services
The 72-channel GNSS receiver, coupled
• Web-based management with high- ready to meet user network and business
with Microchip's patented Active Thermal
security cipher suite operation needs today and in the future.
Compensation Technology, provides best-in
• NTP monitoring, charting and MRU
logging
High Security and Capacity class timing accuracy of <15 ns RMS to UTC.
The four standard GbE ports, and optional Backstop this with a durable hardware design
• Exceptional time accuracy to UTC
10 GbE ports, all combined easily handle subjected to severe shock and vibration
• TACACS+, RADIUS, LDAP, x.509 and more
10,000 NTP requests per second using testing, and high-reliability components that
• Rubidium atomic clock or OCXO oscillator
hardware time stamping and compensation. extend the operating temperature range to
upgrades
All traffic to the S600 CPU is bandwidth lim- –20 °C to 65 °C. Further, choose the PTP
• Dual power supply option
ited for protection against denial-of-service output option to enable multi-port/profile
• Galileo/GLONASS/BeiDou/SBAS/QZSS
grandmaster operations leveraging the built-in
option (DoS) attacks. NTP monitoring, charting and
MRU logging assist in managing the NTP hardware time stamping in all S600 Sync-
• PTP multi-port/profile output option
Servers. As with all Microchip time servers,
• PTP input option client activity.
upgrading to a high-performance oscillator,
For significantly more robust and secure NTP
Applications such as a Rubidium atomic clock, keeps
operations, enable the security-hardened
• Synchronizes hundreds of thousands of the S600 accurate in the event of a GNSS
NTP Reflector with 100% hardware-based
NTP clients service disruption.
NTP packet processing capable of 360,000
• Security-hardened for peace-of-mind time
service operations
NTP requests per second. The Reflector Leverage Built-In Hardware
also works with the CPU-protecting firewall, The SyncServer S600 includes additional
• Multiple GbE NTP ports for easy network
with bandwidth limiting of all non-NTP traffic. built-in hardware features enabled through
configuration and adaptation
Coupled with the Reflector is DoS detection, software license keys, such as the security
• Best-in-class time accuracy for improved
notification, and protection against abnor- hardened NTP Reflector, IEEE 1588 PTP
log file time stamp precision and usability
mally high network traffic. The NTP Reflector output and input operations, and Galileo/
• Very reliable and easy-to-use network
processes all packets at GbE line speed, GLONASS/QZSS/BeiDou support.
time appliance for modern networks and
making it resistant to the level of network
business operations The SyncServer S600, the future of time
traffic that could be delivered in a DoS attack.
server operations, today.

www.microchip.com
Four GbE Ports for Performance, Flexibility Standard Management Access Security
and Security All of the expected network management protocols are stan-
The S600 has four dedicated and isolated GbE Ethernet dard in the S600. These include mandatory password access,
ports, each equipped with NTP hardware time stamping. HTTPS/SSL only (using the high-encryption cipher suite),
These are connected to a high-speed microprocessor with SSH, access control lists, service termination, SNMPv2/v3,
microsecond-accurate time stamps to assure high-bandwidth and NTP MD5 authentication. All traffic to the S600 CPU is
NTP performance. This exceeds the need of servicing 10,000 bandwidth-limited for protection against DoS attacks. The
NTP requests per second with no degradation in time local keypad on the server can be password-protected to
stamp accuracy.. prevent tampering.

The four GbE ports provide network

Security-Hardening Option
configuration flexibility and enhanced
The SyncServer S600 can be further hardened from both an
security. Multiple isolated and synchronized
NTP perspective and an authentication perspective through
time servers can also be configured. Two
the Security Protocol License option that includes the
10 GbE SFP+ ports can be added for
security-hardened NTP Reflector.
NTP/PTP operations as well.

Multiple ports provide the flexibility to adapt to different Operational hardening through the 360,000 NTP packet per
network topologies as networks grow and change. An S600 second NTP Reflector with 100% hardware-based NTP packet
can be the single time source to synchronize clients on dif- processing also works with a CPU-protecting firewall by band-
ferent subnets and physical networks. There is only one time width limiting all non-NTP traffic. The Reflector also monitors
reference, but it can appear as though there are four clocks packet flow for DoS detection and reporting, yet remains impervi-
available because each port is independent. ous to the level of network traffic as it operates at line speed.

NTP can be served on all four ports (six if 10 GbE ports are Authentication hardening is available for NTP client/server
added). The highly secure web-based management interface authentication through the NTP Autokey function or user
is only available on port 1, so that administrators may choose access authentication through TACACS+, RADIUS, and LDAP.
to keep that IP address private and secure. Unique access Third party CA-signed X.509 certificates are installable for
control lists per port can govern server response to client further hardening of management access. For more informa-
requests for time. tion about the protocol license option, see the SyncServer
Options datasheet.
Intuitive, Secure and Easy-to-Use Web Interface
The modern web interface is the primary control interface of
the S600. Once the keypad and display bring the unit online,
complete status and control functions are easily found on the
left navigation menu.

At-a-glance dashboard presentation combined with logical

organization and intuitive controls that make configuring the
S600 easy. An entire drop-down menu in the S600 dedicated to security-
related protocols.

www.microchip.com
Unprecedented NTP Accuracy Time Cross-Checking for Peace-of-Mind Reliability
The Stratum 1 level S600 derives nanosecond-accurate time The S600 can time cross-check GNSS against at least two
directly from the atomic clocks aboard the GNSS satellites. By other time servers. This protects against an improperly operat-
using an integrated, 72-channel GNSS receiver, every visible ing GNSS receiver that can subtly corrupt the time. It also
satellite can be tracked and used to maintain accurate and serves as a form of spoofing protection.
reliable time. Even in urban canyon environments where direct
satellite visibility can be limited, manually inputting the position Multi-Port/Profile IEEE 1588 PTP Grandmaster
can be sufficient to acquire accurate time even from a single Applications demanding very precise time accuracy can
intermittent satellite. require the IEEE 1588 precise time protocol (PTP). The S600
PTP Output License enables multi-port/profile PTP grandmas-
Ultra-High Performance NTP ter operations leveraging the built-in hardware time stamping
The S600 can effortlessly support hundreds of thousands of on each LAN port of the S600.
network clients while maintaining microsecond-caliber NTP time
stamp accuracy. NTP request throughput rates can exceed IEEE 1588 PTP Input License
10,000 requests/second while maintaining NTP time stamp
PTP input is useful for tunneling time to the S600 over the
accuracy. NTP monitoring, charting and MRU logging assist in
network. PTP input can be the primary time reference or used
managing the NTP client activity. If the Security License option
as a backup reference in the event of GPS signal loss. With
is enabled, the NTP Reflector can process over 360,000 NTP
GPS, the S600 can automatically calibrate and store observed
requests per second with 15 ns caliber time stamp accuracy with
network path delay asymmetries for PTP input use if the GPS
the added benefit of security hardening the network port.
signal is lost.
Peering and Holdover
If the GNSS reference signal is lost entirely, the S600 can
automatically revert to retrieving time from other user-designated
internal or external network time servers. This technology, known
as peering, prevents disruption of time services to the network,
and the network administrator is notified immediately of the
change in time reference status and stratum through SNMP.

A popular adjunct to peering is letting the time server operate Oscillator Upgrades Improve Holdover Accuracy
in holdover (also called free run or flywheel), where the clock in and Save Valuable Time
the time server is allowed to drift if the GNSS signal is lost. The The standard S600 is equipped with a crystal oscillator that
user can specify how far to let the clock drift in terms of esti- keeps the S600 accurate to nanoseconds when tracking
mated time accuracy before reverting to peering. If the optional GNSS. However, if GNSS connectivity is lost, thereby plac-
Rubidium atomic clock is installed, the S600 can flywheel for ing the server in holdover, the oscillator will begin to drift and
weeks and still be accurate to less than a millisecond. impact timing accuracy. Upgrading the oscillator improves
the holdover accuracy significantly. For example, consider the
Multi-GNSS Constellation Support for following drift rates for the standard oscillator compared to the
Enhanced Reliability OCXO and Rubidium upgrades.
Timing integrity, continuity, and reliability can be improved with
the multi-GNSS constallation license that adds support for Oscillator Holdover Drift (first 24 hours)

Galileo, GLONASS, BeiDou, QZSS and SBAS constellations Standard 400 microseconds

in addition to the standard GPS constellation. With more OCXO 25 microseconds

satellites in view, timing performance can be improved in chal- Rubidium <1 microsecond

lenging environments, such as urban canyons. All SyncServer

The value of the upgraded oscillator is that if the GNSS signal
S600's ship with GNSS hardware ready to be enabled with a
is lost, the S600 can continue to serve very accurate NTP
software license.
time. This provides the IT staff plenty of time to correct the
problem with no degradation or disruption in network time
synchronization accuracy.

www.microchip.com
Specifications Optional Network Protocols
GNSS Receiver/Antenna • Autokey • LDAPv3
• PTP • RADIUS
• 72 parallel channel GNSS receiver • X.509 HTTPS certificates
• TACACS+
• GPS time traceable to UTC (USNO)
• Static and dynamic operational modes NTP Server Performance
• Acquisition time of 30 seconds (cold start)
• 10,000 NTP requests per second while maintaining ac-
• Cable length up to 900 feet (275 m).
curacy associated with reference time source.**
• GNSS option adds Galileo/GLONASS/BeiDou/SBAS/
• Stratum 1 through GNSS: overall server time stamp
QZSS support in addition to GPS
accuracy of 5 μs to UTC with 1-sigma variation of 15 μs
Time Accuracy (typical). All NTP time stamps are hardware-based or have
• Standard: <15 ns RMS to UTC (USNO), typical real-time hardware compensation for internal asymmetric
• OCXO: <15 ns RMS to UTC (USNO) delays. The accuracy is inclusive of all NTP packet delays
• Rubidium: <15 ns RMS to UTC (USNO) in and out of the server, as measured at the network
interface. NTP serves the UTC timescale by definition, but
After one day locked to GPS; evaluated over normal environ-
the user can choose to serve GPS timescale instead. The
ment (test range <±5 °F) defined in GR-2830..
user can also select the UTC leap second smearing/slew-
ing behavior. The SyncServer easily supports hundreds of
Oscillator Aging (Monthly) thousands of NTP clients.
• Standard: ±1×10–7 • NTP Activity Charting and MRU Logging: A rolling 24
• OCXO: ±5×10–9 hour chart displays overall NTPd requests/minute activity.
• Rubidium: ±1×10–10 An NTPd Most Recently Used (MRU) list provides details
After one month of continuous operation. on the most recent 1024 NTP client IP addresses. Data
is sortable and exportable. Selection of an individual
Holdover Accuracy (One Day) IP address charts the NTP request totals in 30 minute
• Standard: 400 µs increments over the past 24 hours. These tools are useful
• OCXO: 25 µs to verify an NTP client is reaching the SyncServer and to
• Rubidium: <1 µs identify NTP clients that may be requesting the time more
frequently than desired.
Evaluated over normal environment (test range <±5 °F)
• NTP Reflector option: 360,000 NTP client mode three
defined in GR-2830 after five days locked to GPS.
requests per second. NTP packets time stamped 100%
in hardware with prevailing clock accuracy. All non-NTP
Frequency Output Accuracy and Stability
packets are provided to the CPU on a bandwidth-limited
• <1x10–12 at 1 day locked to GPS basis. The NTP Reflector is included as part of the Security
Standard Network Protocols Protocol License option.
• NTP (SHA1 and MD5), SNTP (unicast)
NTP Activity Chart
• SNMP v2c, v3
• SNMP MIB II, Custom MIB, system status via SNMP
• DHCP/DHCPv6
• HTTPS/SSL* (TLS 1.1/1.2)
• SMTP forwarding
• SSHv2
• Telnet
• IPv4/IPv6
• Syslog: 1 to 8 servers
• Key management protocols can be individually disabled
• Port 1: Management and Time protocols Rolling 24 hour NTPd activity chart to accompany Most
• Port 2, 3, and 4 (optional 5 and 6): Time protocols only Recently Used (MRU) list with individual NTPd client activity
details and chart.
*SSL_High_Encryption Cypher suite or the SSL_High_And_Medium_Encryption Cypher suite.
**<1% NTPd packet drop at 10,000 NTPd requests per second (1GbE/10GbE). <10% NTPd
packet drop at 10,000 NTPd requests per second (100BaseT)

www.microchip.com
Mechanical/Environmental Rear Panel
Specification Details Specification Details
1.73" × 17.24" × 15.88" Four RJ-45
Size (4.4 cm × 43.8 cm × 40.3 cm) Network 100/1000BASE-T
1U rack mount, including BNCs Ethernet, speed/duplex: Auto, 100/1000 full
88 VAC–264 VAC NMEA-0183; ZDA/GGA/GSV/RMC messages;
50 Hz–60 Hz Serial Data/Timing NENA 04-002 messages; DB9-F RS-232 user
AC Power
50W selectable rate to 115.2 kbps
Optional second power supply
1 PPS Out BNC, rising edge on-time, TTL into 50Ω
Optional Dual-DC 20 VDC to 75 VDC
BNC L1/B1,
Power 50W GNSS
1575/1602/1561 MHz
Operating Non-Rb: –20°C to 65°C
Temperature Rb: –5°C to 55°C Console DB9-F RS-232
–40°C to 85°C Alarm Relay SPST, maximum 300 mA and 32V
IEC 60068-2-1Ab (low-temp soak), IEC 60068-2- IEC 60320 C14 connector, optional second
Storage Power
2Bb (hi-temp soak), IEC 60068-2-14Nb (change power supply/connector, hitless switching
Temperature
of temp), IEC 60068-2-78Cb (humidity storage),
Optional DC Power Mating connector is Molex HCS-125 series
IEC 60068-2-30Db (humidity condensation)
Operational ≤95%, non-condensing, IEC 60068-2-78Cb, IEC
Humidity 60068-2-30Db Product Includes
FCC Part 15, Class A, CISPR SyncServer S600, locking power cord, and rack mount ears.
Certifications 22, Class A, UL/CSA 60950-1, IEC 60950-1, EN
60950-1, VCCI, RoHS 5/6
Two-year hardware warranty. Current manual and MIB are
Server weight 12.5 lbs (5.7 kgs)
available online at www.microsemi.com. MIB can also be
downloaded from the SyncServer.
Shipping Package 16.3 lbs (7.4 kgs)

Shock and Vibration SyncServer S600 Rear Panel

Specification Details
ETSI EN-300 019-2-3
Operational
Mil-Std-810H
IEC 60068-2-6 Fc (sinusoidal vibration) Mil-Std- Ordering Information
Storage
810H, figure 514.6C-3
Description Part Number
EN300 019-2-3
Seismic
NEBS GR-63-CORE SyncServer S600 090-15200-601
Transportation
SyncServer S600 with OCXO 090-15200-602
Bounce IEC 60068-2-27Ea (shock 18 g)
SyncServer S600 with Rubidium 090-15200-603
Vibration IEC 60068-2-64Fh (random vibration)
Package Drop IEC 60068-2-31 Ec SyncServer S600 with dual AC PSU 090-15200-604

SyncServer S600 with OCXO and dual AC

090-15200-605
Front Panel PSU

Specification Details SyncServer S600 with Rubidium and dual AC

090-15200-606
PSU
Sharp, high-resolution, 160 × 32 vacuum-
Display
fluorescent Custom configure your build-to-order SyncServer S600 using
0–9 numeric, up, down, left, right, ENTER, CLR, the online SyncServer Configurator tool at my.microsemi.com.
Keypad
TIME, STATUS, MENU, keypad lockout. Configurations can be submitted as requests for quotes.
LEDs (tri-color: green/red/orange)
Sync Time reference status Note: The SyncServer S600 is TAA Compliant
Network Network connection status
Alarm Fault condition

www.microchip.com
Hardware Options Software Options
10 GbE LAN Ports Security Protocol License with Security-
Two additional 10 GbE SFP+ ports equipped with hardware Hardened NTP Reflector
time stamping that supports NTP, PTP, and NTP Reflector Security-hardened NTP Reflector and authentication hard-
operations. ening with NTP Autokey, TACACS+, RADIUS, LDAP, and
CA-signed X.509 certificates.
Rubidium Atomic Oscillator Upgrade
Improves stability, accuracy, and holdover accuracy. Holdover PTP Output/Grandmaster
accuracy is <1 μs for the first 24 hours and <3 μs after the (Simultaneous Multi-Port/Profile)
first three days. Single license enables multi-port, multi-profile IEEE 1588 PTP
Grandmaster operations leveraging the built-in hardware time
OCXO Oscillator Upgrade stamping in all SyncServers.
Improves holdover accuracy to 25 μs for the first day.
PTP Input
Dual AC Power Supplies PTP as a timing input for tunneling time through PTP or
The dual-corded, dual-AC power supply option provides load as a backup time reference in the event of the loss of the
sharing and active power management system with hitless GNSS signal.
failover.
Multi-GNSS Constellation
Dual DC Power Supplies Track GPS/SBAS, Galileo, QZSS, GLONASS, and/or BeiDou
The dual-corded, dual-DC power supply option provides load constellations for improved integrity and satellite visibility in an
sharing and active power management system with hitless urban canyons.
failover.
Synchronization Software
Antenna Accessories Comprehensive MS Windows-based network time synchroni-
Antenna cables and accessories enable versatile solutions to zation software with monitoring and auditing functions.
meet most installation requirements.

Note: For complete information, see the Options datasheet.

Disclaimer from Microchip SyncServer S600, document DS00002903A Information contained in this publication regarding device applications and the like is provided only for your convenience and may be superseded by
updates. It is your responsibility to ensure that your application meets with your specifications. MICROCHIP MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHETHER EXPRESS OR IMPLIED, WRITTEN
OR ORAL, STATUTORY OR OTHERWISE, RELATED TO THE INFORMATION, INCLUDING BUT NOT LIMITED TO ITS CONDITION, QUALITY, PERFORMANCE, MERCHANTABILITY OR FITNESS FOR PURPOSE. Microchip
disclaims all liability arising from this information and its use. Use of Microchip devices in life support and/or safety applications is entirely at the buyer’s risk, and the buyer agrees to defend, indemnify and hold harmless
Microchip from any and all damages, claims, suits, or expenses resulting from such use. No licenses are conveyed, implicitly or otherwise, under any Microchip intellectual property rights unless otherwise stated.

The Microchip name and logo and the Microchip logo are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. All other trademarks mentioned herein are property of their respective
companies.
© 2019, Microchip Technology Incorporated. All Rights Reserved. 8/19  900-00715-000 Rev H DS00002903B

www.microchip.com