Межсетевой экран Juniper SRX300-SYS-JE
129 031 р.
SRX300 Services Gateway includes hardware (8GbE,4G RAM, 8G Flash, power adapter and cable) and JunosSoftware Enhanced (firewall, NAT, IPSec, routing, MPLS,switching and application security). RMK not included.
| Total onboard ports | 8x1GbE |
| Onboard RJ-45 ports | 6x1GbE |
| Onboard small form-factor pluggable (SFP) transceiver ports | 2x1GbE |
| MACsec-capable ports | 2x1GbE |
| Console (RJ-45 + miniUSB) | 1 |
| USB 3.0 ports (type A) | 1 |
| System memory (RAM) | 4 GB |
| Storage (flash) | 8 GB |
| Size (WxHxD) | 32.08 x 3.47 x 19.10 cm |
| Weight (device and PSU) | 1.98 kg |
| Power supply | AC (external) |
| Average power consumption | 24.9 W |
| Average heat dissipation | 85 BTU/h |
| Maximum current consumption | 0.346 A |
| Airflow/cooling | Fanless |
| Operational temperature | -20° to 60° C |
| Routing with packet mode (64 B packet size) in Kpps | 300 |
| Routing with packet mode (IMIX packet size) in Mbps | 800 |
| Routing with packet mode (1,518 B packet size in Mbps | 1,500 |
| Stateful firewall (64 B packet size) in Kpps | 200 |
| Stateful firewall (IMIX packet size) in Mbps | 500 |
| Stateful firewall (1,518 B packet size) in Mbps | 1,000 |
| IPsec VPN (IMIX packet size) in Mbps | 100 |
| IPsec VPN (1,400 B packet size) in Mbps | 300 |
| Application visibility and control in Mbps | 500 |
| Recommended IPS in Mbps | 200 |
| Next-generation firewall in Mbps | 100 |
| Route table size (RIB/FIB) (IPv4 or IPv6) | 256,000/256,000 |
| Maximum concurrent sessions (IPv4 or IPv6) | 64,000 |
| Maximum security policies | 1,000 |
| Connections per second | 5,000 |
| NAT rules | 1,000 |
| MAC table size | 15,000 |
| IPsec VPN tunnels | 256 |
| Number of remote access uses | 25 |
| GRE tunnels | 256 |
| Maximum number of security zones | 16 |
| Maximum number of virtual routers | 32 |
| Maximum number of VLANs | 1,000 |
| AppID sessions | 16,000 |
| IPS sessions | 16,000 |
| URLF sessions | 16,000 |
| Routing Protocols | • IPv4, IPv6, ISO, Connectionless Network Service (CLNS) • Static routes • RIP v1/v2 • OSPF/OSPF v3 • BGP with Route Reflector • IS-IS • Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF) • Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE) • Virtual routers • Policy-based routing, source-based routing • Equal-cost multipath (ECMP) |
| QoS Features | • Support for 802.1p, DiffServ code point (DSCP), EXP • Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters • Marking, policing, and shaping • Classification and scheduling • Weighted random early detection (WRED) • Guaranteed and maximum bandwidth • Ingress traffic policing • Virtual channels • Hierarchical shaping and policing |
| Switching Features | • ASIC-based Layer 2 Forwarding • MAC address learning • VLAN addressing and integrated routing and bridging (IRB) support • Link aggregation and LACP • LLDP and LLDP-MED • STP, RSTP, MSTP • MVRP • 802.1X authentication |
| Firewall Services | • Stateful and stateless firewall • Zone-based firewall • Screens and distributed denial of service (DDoS) protection • Protection from protocol and traffic anomaly • Integration with Pulse Unified Access Control (UAC) • Integration with Aruba Clear Pass Policy Manager • User role-based firewall • SSL Inspection (Forward-proxy) |
| Network Address Translation (NAT) | • Source NAT with Port Address Translation (PAT) • Bidirectional 1:1 static NAT • Destination NAT with PAT • Persistent NAT • IPv6 address translation |
| VPN Features | • Tunnels: Generic routing encapsulation (GRE)3, IP-IP3, IPsec • Site-site IPsec VPN, auto VPN, group VPN • IPsec crypto algorithms: Data Encryption Standard (DES), triple DES (3DES), Advanced Encryption Standard (AES256), AES-GCM • IPsec authentication algorithms: MD5, SHA-1, SHA-128, SHA-256 • Pre-shared key and public key infrastructure (PKI) (X.509) • Perfect forward secrecy, anti-reply • IPv4 and IPv6 IPsec VPN • Multi-proxy ID for site-site VPN • Internet Key Exchange (IKEv1, IKEv2), NAT-T • Virtual router and quality-of-service (QoS) aware • Standard-based dead peer detection (DPD) support • VPN monitoring |
| Network Services | • Dynamic Host Configuration Protocol (DHCP) client/ server/relay • Domain Name System (DNS) proxy, dynamic DNS (DDNS) • Juniper real-time performance monitoring (RPM) and IPmonitoring • Juniper flow monitoring (J-Flow)3 • Bidirectional Forwarding Detection (BFD) • Two-Way Active Measurement Protocol (TWAMP) • IEEE 802.3ah Link Fault Management (LFM) • IEEE 802.1ag Connectivity Fault Management (CFM) |
| High Availability Features | • Virtual Router Redundancy Protocol (VRRP)3 • Stateful high availability - Dual box clustering - Active/passive - Active/active - Configuration synchronization - Firewall session synchronization - Device/link detection - In-Band Cluster Upgrade (ICU) • Dial on-demand backup interfaces • IP monitoring with route and interface failover |
| Management, Automation, Logging, and Reporting | • SSH, Telnet, SNMP • Smart image download • Juniper CLI and Web UI • Junos Space and Security Director • Python • Junos OS event, commit, and OP script • Application and bandwidth usage reporting • Auto installation • Debug and troubleshooting tools • Zero-Touch Provisioning with Contrail Service Orchestration |
| Advanced Routing Services | • Packet mode • MPLS (RSVP, LDP) • Circuit cross-connect (CCC), translational cross-connect (TCC) • L2/L3 MPLS VPN, pseudowires • Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN) • MPLS traffic engineering and MPLS fast reroute |
| Application Security Services | • Application visibility and control • Application-based firewall • Application QoS • Application-based advanced policy-based routing • Application quality of experience (AppQoE) |
| Threat Defense and Intelligence Services | Intrusion prevention • Antivirus • Antispam • Category/reputation-based URL filtering • Spotlight Secure threat intelligence • Protection from botnets (command and control) • Adaptive enforcement based on GeoIP • Sky Advanced Threat Prevention to detect and block zeroday attacks |