Maximum Performance and Capacity | |
Operating System | Junos |
Firewall Performance (Large Packets) | 950 Mbps |
Firewall Performance (IMIX) | 300 Mbps |
Firewall + Routing PPS (64 Byte) | 125 Kpps |
VPN Performance | 100 Mbps |
IPsec VPN Tunnels | 512 |
IPS (Intrusion Prevention System) | 100 Mbps |
Antivirus | 35 Mbps |
Connections per Second | 2,500 |
Maximum Concurrent Sessions | 96,000 |
Maximum Security Policies | 2048 |
Maximum Users Supported | No restrictions |
| |
Network Connectivity | |
Fixed Ports | Fully assignable 8 x Ge RJ45 |
I/O Slots | 2 x Mini-PIM & Internal 3G ExpressCard |
Other | RG45 Console port |
USB | 2 |
| |
Routing | |
BGP instances | 16 |
BGP peers | 16 |
BGP routes | 32000 |
OSPF instances | 16 |
OSPF routes | 32000 |
RIP v1 / v2 instances | 16 |
RIP v2 routes | 32000 |
Static routes | 16000 |
Source-based routing | Yes |
Policy-based routing | Yes |
Equal-cost multipath (ECMP) | Yes |
Reverse path forwarding (RPF) | Yes |
| |
MPLS4 | |
Layer 2 VPN (VPLS) | Yes |
Layer 3 VPN | Yes |
LDP | Yes |
RSVP | Yes |
Circuit Cross-connect (CCC) | Yes |
Translational Cross-connect (TCC) | Yes |
| |
Multicast7 | Yes |
IGMP (v1, v2, v3) | Yes |
Protocol independent multicast (PIM) sparse mode (SM) | Yes |
PIM dense mode (DM) | Yes |
PIM source-specific multicast (SSM) | Yes |
Multicast inside IPsec tunnel | Yes |
| |
IPsec VPN | |
Concurrent VPN tunnels | 512 |
Tunnel interfaces | 64 |
DES (56-bit), 3DES (168-bit) and AES (256-bit) | Yes |
MD-5 and SHA-1 authentication | Yes |
Manual key, Internet Key Exchange (IKE), public key infrastructure (PKI) (X.509) | Yes |
Perfect forward secrecy (DH Groups) | 1,2,5 |
Prevent replay attack | Yes |
Dynamic remote access VPN | Yes |
IPsec NAT traversal | Yes |
Redundant VPN gateways | Yes |
| |
User Authentication and Access Control | |
Third-party user authentication | Local, RADIUS, RSA SecureID, LDAP |
RADIUS accounting | Yes |
XAUTH VPN, Web-based, 802.X authentication | Yes |
Unified Access Control enforcement point | |
PKI certificate requests (PKCS 7 and PKCS 10) | Yes |
Automated certificate enrollment (SCEP) | |
Online Certificate Status Protocol (OCSP) | |
Certificate Authorities supported | VeriSign, Entrust, Microsoft, RSA Keon, iPLanet, |
Self signed certificates | (Netscape), Baltimore, DoD PKI |
| |
Virtualisation | |
Maximum number of security zones | 24 |
Maximum number of virtual routers | 15 |
Maximum number of VLANs | 128 |
| |
| |
Address Translation | |
Source NAT with or without Port Address Translation (PAT) | Yes |
Static NAT | Yes |
Destination NAT with or without PAT | Yes |
| |
IP Address Assignment (IPv4 & IPv6) | |
Static | Yes |
DHCP, PPPoE client | Yes |
Internal DHCP server | Yes |
DHCP relay | Yes |
| |
L2 Switching | |
VLAN 802.1Q | Yes |
Link Aggregation 802.3ad/LACP | Yes |
Spanning Tree Protocol (STP) 802.1D, RSTP 802.1w, MSTP 802.1s | Yes |
Authentication 802.1x Port based and multiple supplicant | Yes |
| |
| |
Traffic Management Quality of Service (QoS) | |
Guaranteed bandwidth | Yes |
Maximum bandwidth | Yes |
Ingress traffic policing | Yes |
Priority-bandwidth utilization | Yes |
DiffServ marking | Yes |
| |
High Availability | |
Active/active – L3 mode | Yes |
Active/passive – L3 mode | Yes |
Configuration synchronization | Yes |
VRRP | Yes |
Session synchronization for firewall and VPN | Yes |
Session failover for routing change | Yes |
Device failure detection | Yes |
Link failure detection | Yes |
| |
Firewall | |
Network attack detection | Yes |
DoS and DDos protection | Yes |
TCP reassembly for fragmented packet protection | Yes |
Brute force attack mitigation | Yes |
SYN cookie protection | Yes |
Zone-based IP spoofing | Yes |
Malformed packet protection | Yes |
| |
Unified Threat Management | |
Intrusion Prevention System (IPS) | Option |
Protocol anomaly detection | Option |
Stateful protocol signatures | Option |
Intrusion prevention system (IPS) attack pattern obfuscation | Option |
Customer signatures creation | Option |
Frequency of updates | Daily and emergency |
| |
Antivirus | |
Express AV (packet-based AV) | No |
File-based antivirus | Yes |
Signature database | Yes |
Protocols scanned | POP3, HTTP, SMTP, IMAP, FTP |
Antispyware | Yes |
Anti-adware | Yes |
Antikeylogger | Yes |
Antispam | Yes |
Integrated Web filtering | Yes |
Redirect Web filtering | Yes (no Juniper subscription required) |
Content filtering | Yes |
Based on MIME type, file extension, and protocol commands | Yes |
| |
System Management | |
Web UI | http & https |
Command-line interface (Console) | Yes |
Command-line interface (Telnet) | Yes |
Command-line interface (SSH) | Yes |
Network and Security Manager | Yes |
STRM Series | Yes |
| |
Administration | |
Local administrator database | yes |
External administrator database support | yes |
telnet/ssh client & server | |
Software upgrades | with J-care |
Configuration rollback | multiple |
| |
Logging/Monitoring | |
Syslog (multiple servers) | yes |
SNMP (v2 & v3) | yes |
SNMP full custom MIB | yes |
Traceroute | yes |
VPN tunnel monitor | yes |
| |
Wireless | |
CX111 3G Bridge support | Yes |
Internal 3G ExpressCard slot support | 1 |
Max WLAN access point supported | 210 |
| |
Flash and Memory | |
Memory minimum and maximum (DRAM) | 1GB |
Memory slots | Fixed memory |
Flash memory | 1 GB |
USB port for external storage | Yes |
| |
Dimensions and Power | |
Dimensions (W x H x D) | 11.02 x 1.75 x 7.04 in. (28 x 4.4 x 17.9 cm) |
Weight (device and power supply) | 3.43 lb (1.56 kg) |
Rack mountable | 1 RU with optional kit |
Power supply (AC) | 100-240 VAC, 60 W |
Average power consumption | 28 W |
Input frequency | 50-60 Hz |
Maximum current consumption | 0.44 A @ 100 VAC |
Maximum inrush current | 80 A |
Average heat dissipation | 126 BTU/hr |
Maximum heat dissipation | 126 BTU/hr |
Acoustic noise level (Per ISO 7779 Standard) | 51.1 dB (fanless) |
| |
Environment | |
Operational temperature | 0° to 40° C (32° to 104° F) |
Nonoperational temperature | -20° to 70° C (4° to 158° F) |
Humidity | 10% to 90% noncondensing |
Mean time between failures (Telcordia model) | 14.3 years |
| |
| |
Certifications | |
Safety certifications | EN 60950-1 |
EMC certifications | EN 55022 Class B, EN 300386 |
Network homologation | CTR 12 / 13, CTR 21, DoC |
Đánh giá
Chưa có đánh giá nào.