Get a quote!

Product Information

High Performance, Enhanced Security Network Time Server

Microsemi's SyncServer S600 purpose-built network time server delivers exact hardware based Network Time Protocol (NTP) timestamps and offers unparalleled accuracy and security meeting the needs of both current and future networks.

High Security and Capacity

The four standard GbE ports combined handle with ease more than 10,000 NTP requests per second using hardware time stamping and compensation. All traffic to the S600 CPU is bandwidth-limited for protection against denial-of-service (DoS) attacks.

For significantly more robust and secure NTP operations, enable the Security-Hardened NTP Reflector™ with 100% hardwarebased NTP packet processing capable of 120,000 NTP requests per second*. The Reflector also works with the CPU-protecting firewall, bandwidth limiting all non-NTP traffic. Coupled with the Reflector is DoS detection, notification, and protection against abnormally high network traffic. The NTP Reflector™ processes all packets at GbE line speed, thereby making it impervious to the level of network traffic that could be delivered in a DoS attack.

Security is an inherent part of the SyncServer S600 architecture. In addition to standard security features related to the hardening of the web interface, NTP operations and to server access, unsecure access protocols are deliberately omitted from the S600 while remaining services can be disabled. Advanced authentication services such as TACACS+, RADIUS, and LDAP are optionally available.

Timing and Design Reliability

The 72-channel GNSS receiver, together with Microsemi's patented Active Thermal Compensation Technology, provides best-inclass time accuracy of <15 ns RMS to UTC. In addition, a durable hardware design subjected to severe shock and vibration testing, and high reliability components that extend the operating temperature range to a very wide -20°C to +65°C. Further, the dual power supply option with SNMP trap enabled monitoring avoids time service interruptions. Upgrade to a high performance oscillator, such as a Rubidium atomic clock, to keep the S600 accurate for a long time in the event of a GNSS service disruption.

Leverage Built-In Hardware

The S600 includes additional built-in hardware features that are enabled through software license keys, such as the Security-Hardened NTP Reflector™. Anticipated future software enabled hardware options are GbE PTP operations and GLONASS support.

Four GbE Ports for Performance, Flexibility, and Security

The S600 has four dedicated and isolated GbE Ethernet ports, each equipped with NTP hardware time stamping. These are connected to a very high-speed microprocessor with microsecond accurate time stamps to assure high-bandwidth NTP performance. This more than meets the need of servicing 10,000 NTP requests per second.

Multiple ports provide the flexibility to adapt to different network topologies as networks grow and change. A S600 can be the single time-source to synchronize clients on different subnets and physical networks. Since each port is independent, it can appear as though there are four clocks available, even though there is only a single time reference.

NTP can be served on all four ports. The highly secure web-based management interface is only available on port 1 so that administrators may choose to keep that IP address private and secure. Unique access control lists for each port can govern server response to client requests for time.

Intuitive, Secure, and Easy to Use Web Interface

The modern web interface is the primary control interface of the S600. Once the keypad and display are used to bring the unit online, complete status and control functions are easily found via the wellorganized left side-expanding/collapsing navigation menu.

Standard Management Access Security

All of the expected network management protocols are standard in the S600. These include mandatory password access, HTTPS/SSL only (using the high encryption cipher suite), SSH, access control lists, service termination, SNMPv2/v3, and NTP MD5 authentication. All traffic to the S600 CPU is bandwidth-limited for protection against DoS attacks. The local keypad on the server can be password-protected to prevent tampering.

Security-Hardening Option

The SyncServer S600 can be seriously hardened from both an NTP perspective and an authentication perspective through the Security Protocol License Option, which includes the Security-Hardened NTP Reflector.

Operational Hardening - via the 120,000 NTP packet per second NTP Reflector™ with 100% hardware based NTP packet processing also works with a CPU-protecting firewall by bandwidth limiting all non-NTP traffic. The Reflector also monitors packet flow for DoS detection and reporting, yet remains impervious to the level of network traffic as it operates at line speed.

Authentication Hardening - is available for NTP client or server authentication through the NTP Autokey function or user access authentication via TACACS+, RADIUS, and LDAP. (See the SyncServer Options datasheet for more detail on the Security Protocol License Option.)

Unprecedented NTP Accuracy

The Stratum 1 level S600 derives nanosecond accurate time directly from the atomic clocks aboard the GNSS satellites. By using an integrated, 72-channel Global Navigation Satellite System (GNSS) receiver, every visible satellite can be tracked and used to maintain accurate and reliable time. Even in urban canyon environments where direct satellite visibility can be limited, manually inputting the position can be sufficient to acquire accurate time even from a single intermittent satellite.

Ultra High Performance NTP

The S600 can effortlessly support hundreds of thousands of network clients while maintaining microsecond caliber NTP timestamp accuracy. NTP request throughput rates exceed 10,000 requests/ second while also maintaining NTP timestamp accuracy. If the Security License option is enabled, the NTP Reflector™ can process over 120,000 NTP requests per second with 15 nanosecond caliber time stamp accuracy with the added benefit of security hardening the network port. This can easily translate into sub-millisecond typical NTP client synchronization accuracy on a LAN.

Peering and Holdover

If the GNSS reference signal is lost entirely, the S600 can automatically revert to retrieving time from other user-designated internal or external network time servers. This technology, known as "peering", prevents disruption of time service to the network and the network administrator is notified immediately of the change in time reference status and stratum change via SNMP.

A popular adjunct to peering is letting the time server operate in holdover (also called “free run” or “flywheel”), where the clock in the time server is allowed to drift if the GNSS signal is lost. The user can specify how far to let the clock drift in terms of estimated time accuracy before reverting to peering. If the optional Rubidium Atomic Clock is installed, the S600 can flywheel for weeks and still be accurate to less than a millisecond.

Time Cross-Checking for Peace-of-Mind Reliability

The S600 can time cross-check GNSS against at least two other time servers. This protects against an improperly operating GNSS receiver that can subtly corrupt the time. It also serves as a form of spoofing protection.

Flexible Control over System Timing Inputs and Outputs

By protocol definition, the S600 serves NTP in the UTC timescale (or optionally the GPS timescale). However, the S600 can display local time rather than UTC time on the front panel.

Serial Time Outputs

The dedicated Data/Timing port is provided to output NMEA-0183 or NENA PSAP strings. If NENA is selected, the serial Console port also supports the two-way timing aspects of the standard. In addition, the F8 and F9 Microsemi legacy time strings are also available.

Oscillator Upgrades Improve Holdover Accuracy and Save Valuable Time

The standard S600 is equipped with a crystal oscillator that keeps the S600 accurate to nanoseconds when tracking GNSS. However, if GNSS connectivity is lost, thereby placing the server in holdover, the oscillator will begin to drift impacting timing accuracy. Upgrading the oscillator improves the holdover accuracy significantly. For example, consider the drift rates below for the standard oscillator compared to the OCXO and Rubidium upgrades:

Oscillator Holdover Drift (1st 24 hours)

  • Standard: 400 microseconds
  • OCXO: 25 microseconds
  • Rubidium: <1microsecond

The value of the upgraded oscillator is that if the GNSS signal is lost the S600 can continue to serve very accurate NTP time. This provides the IT staff plenty of time to correct the problem with no degradation or disruption in network time synchronization accuracy.