| Maximum Performance and Capacity | |
| Operating System | Junos |
| Firewall Performance (Large Packets) | 950 Mbps |
| Firewall Performance (IMIX) | 300 Mbps |
| Firewall + Routing PPS (64 Byte) | 125 Kpps |
| VPN Performance | 100 Mbps |
| IPsec VPN Tunnels | 512 |
| IPS (Intrusion Prevention System) | 100 Mbps |
| Antivirus | 35 Mbps |
| Connections per Second | 2,500 |
| Maximum Concurrent Sessions | 96,000 |
| Maximum Security Policies | 2048 |
| Maximum Users Supported | No restrictions |
| |
| Network Connectivity | |
| Fixed Ports | Fully assignable 8 x Ge RJ45 |
| I/O Slots | 2 x Mini-PIM & Internal 3G ExpressCard |
| Other | RG45 Console port |
| USB | 2 |
| |
| Routing | |
| BGP instances | 16 |
| BGP peers | 16 |
| BGP routes | 32000 |
| OSPF instances | 16 |
| OSPF routes | 32000 |
| RIP v1 / v2 instances | 16 |
| RIP v2 routes | 32000 |
| Static routes | 16000 |
| Source-based routing | Yes |
| Policy-based routing | Yes |
| Equal-cost multipath (ECMP) | Yes |
| Reverse path forwarding (RPF) | Yes |
| |
| MPLS4 | |
| Layer 2 VPN (VPLS) | Yes |
| Layer 3 VPN | Yes |
| LDP | Yes |
| RSVP | Yes |
| Circuit Cross-connect (CCC) | Yes |
| Translational Cross-connect (TCC) | Yes |
| |
| Multicast7 | Yes |
| IGMP (v1, v2, v3) | Yes |
| Protocol independent multicast (PIM) sparse mode (SM) | Yes |
| PIM dense mode (DM) | Yes |
| PIM source-specific multicast (SSM) | Yes |
| Multicast inside IPsec tunnel | Yes |
| |
| IPsec VPN | |
| Concurrent VPN tunnels | 512 |
| Tunnel interfaces | 64 |
| DES (56-bit), 3DES (168-bit) and AES (256-bit) | Yes |
| MD-5 and SHA-1 authentication | Yes |
| Manual key, Internet Key Exchange (IKE), public key infrastructure (PKI) (X.509) | Yes |
| Perfect forward secrecy (DH Groups) | 1,2,5 |
| Prevent replay attack | Yes |
| Dynamic remote access VPN | Yes |
| IPsec NAT traversal | Yes |
| Redundant VPN gateways | Yes |
| |
| User Authentication and Access Control | |
| Third-party user authentication | Local, RADIUS, RSA SecureID, LDAP |
| RADIUS accounting | Yes |
| XAUTH VPN, Web-based, 802.X authentication | Yes |
| Unified Access Control enforcement point | |
| PKI certificate requests (PKCS 7 and PKCS 10) | Yes |
| Automated certificate enrollment (SCEP) | |
| Online Certificate Status Protocol (OCSP) | |
| Certificate Authorities supported | VeriSign, Entrust, Microsoft, RSA Keon, iPLanet, |
| Self signed certificates | (Netscape), Baltimore, DoD PKI |
| |
| Virtualisation | |
| Maximum number of security zones | 24 |
| Maximum number of virtual routers | 15 |
| Maximum number of VLANs | 128 |
| |
| |
| Address Translation | |
| Source NAT with or without Port Address Translation (PAT) | Yes |
| Static NAT | Yes |
| Destination NAT with or without PAT | Yes |
| |
| IP Address Assignment (IPv4 & IPv6) | |
| Static | Yes |
| DHCP, PPPoE client | Yes |
| Internal DHCP server | Yes |
| DHCP relay | Yes |
| |
| L2 Switching | |
| VLAN 802.1Q | Yes |
| Link Aggregation 802.3ad/LACP | Yes |
| Spanning Tree Protocol (STP) 802.1D, RSTP 802.1w, MSTP 802.1s | Yes |
| Authentication 802.1x Port based and multiple supplicant | Yes |
| |
| |
| Traffic Management Quality of Service (QoS) | |
| Guaranteed bandwidth | Yes |
| Maximum bandwidth | Yes |
| Ingress traffic policing | Yes |
| Priority-bandwidth utilization | Yes |
| DiffServ marking | Yes |
| |
| High Availability | |
| Active/active – L3 mode | Yes |
| Active/passive – L3 mode | Yes |
| Configuration synchronization | Yes |
| VRRP | Yes |
| Session synchronization for firewall and VPN | Yes |
| Session failover for routing change | Yes |
| Device failure detection | Yes |
| Link failure detection | Yes |
| |
| Firewall | |
| Network attack detection | Yes |
| DoS and DDos protection | Yes |
| TCP reassembly for fragmented packet protection | Yes |
| Brute force attack mitigation | Yes |
| SYN cookie protection | Yes |
| Zone-based IP spoofing | Yes |
| Malformed packet protection | Yes |
| |
| Unified Threat Management | |
| Intrusion Prevention System (IPS) | Option |
| Protocol anomaly detection | Option |
| Stateful protocol signatures | Option |
| Intrusion prevention system (IPS) attack pattern obfuscation | Option |
| Customer signatures creation | Option |
| Frequency of updates | Daily and emergency |
| |
| Antivirus | |
| Express AV (packet-based AV) | No |
| File-based antivirus | Yes |
| Signature database | Yes |
| Protocols scanned | POP3, HTTP, SMTP, IMAP, FTP |
| Antispyware | Yes |
| Anti-adware | Yes |
| Antikeylogger | Yes |
| Antispam | Yes |
| Integrated Web filtering | Yes |
| Redirect Web filtering | Yes (no Juniper subscription required) |
| Content filtering | Yes |
| Based on MIME type, file extension, and protocol commands | Yes |
| |
| System Management | |
| Web UI | http & https |
| Command-line interface (Console) | Yes |
| Command-line interface (Telnet) | Yes |
| Command-line interface (SSH) | Yes |
| Network and Security Manager | Yes |
| STRM Series | Yes |
| |
| Administration | |
| Local administrator database | yes |
| External administrator database support | yes |
| telnet/ssh client & server | |
| Software upgrades | with J-care |
| Configuration rollback | multiple |
| |
| Logging/Monitoring | |
| Syslog (multiple servers) | yes |
| SNMP (v2 & v3) | yes |
| SNMP full custom MIB | yes |
| Traceroute | yes |
| VPN tunnel monitor | yes |
| |
| Wireless | |
| CX111 3G Bridge support | Yes |
| Internal 3G ExpressCard slot support | 1 |
| Max WLAN access point supported | 210 |
| |
| Flash and Memory | |
| Memory minimum and maximum (DRAM) | 1GB |
| Memory slots | Fixed memory |
| Flash memory | 1 GB |
| USB port for external storage | Yes |
| |
| Dimensions and Power | |
| Dimensions (W x H x D) | 11.02 x 1.75 x 7.04 in. (28 x 4.4 x 17.9 cm) |
| Weight (device and power supply) | 3.43 lb (1.56 kg) |
| Rack mountable | 1 RU with optional kit |
| Power supply (AC) | 100-240 VAC, 60 W |
| Average power consumption | 28 W |
| Input frequency | 50-60 Hz |
| Maximum current consumption | 0.44 A @ 100 VAC |
| Maximum inrush current | 80 A |
| Average heat dissipation | 126 BTU/hr |
| Maximum heat dissipation | 126 BTU/hr |
| Acoustic noise level (Per ISO 7779 Standard) | 51.1 dB (fanless) |
| |
| Environment | |
| Operational temperature | 0° to 40° C (32° to 104° F) |
| Nonoperational temperature | -20° to 70° C (4° to 158° F) |
| Humidity | 10% to 90% noncondensing |
| Mean time between failures (Telcordia model) | 14.3 years |
| |
| |
| Certifications | |
| Safety certifications | EN 60950-1 |
| EMC certifications | EN 55022 Class B, EN 300386 |
| Network homologation | CTR 12 / 13, CTR 21, DoC |
Đánh giá
Chưa có đánh giá nào.