Juniper SRX1500 Firewall

No image set
Base price
Description

Firewall Services

  • Stateful and stateless firewall
  • Zone-based firewall
  • Screens and distributed denial of service (DDoS) protection
  • Protection from protocol and traffic anomalies
  • Integration with Pulse Unified Access Control (UAC)
  • Integration with Aruba Clear Pass Policy Manager
  • User role-based firewall
  • SSL Inspection

Network Address Translation (NAT)

  • Source NAT with Port Address Translation (PAT)
  • Bidirectional 1:1 static NAT
  • Destination NAT with PAT
  • Persistent NAT
  • IPv6 address translation

VPN Features

  • Tunnels: Site-to-Site, Hub and Spoke, Dynamic Endpoint, AutoVPN, ADVPN, Group VPN (IPv4/IPv6/Dual Stack)
  • Juniper Secure Connect: Remote access/SSL VPN
  • Configuration payload: Yes
  • IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
  • IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384
  • Authentication: Pre-shared key and public key infrastructure (PKI) (X.509)
  • IPsec (Internet Protocol Security): Authentication Header (AH)/Encapsulating Security Payload (ESP) protocol
  • IPsec Authentication Algorithms: hmac-md5, hmac-sha-196
  • IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
  • Perfect forward secrecy, anti-reply
  • Internet Key Exchange: IKEv1, IKEv2
  • Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring
  • VPNs GRE, IP-in-IP, and MPLS

High Availability Features

  • Virtual Router Redundancy Protocol (VRRP)
  • Stateful high availability
    • Dual box clustering
    • Active/passive
    • Active/active
    • Configuration synchronization
    • Firewall session synchronization
    • Device/link detection
    • In-Service Software Upgrade (ISSU)
  • IP monitoring with route and interface failover

Application Security Services

  • Application visibility and control
  • Application-based firewall
  • Application QoS
  • Advanced/application policy-based routing (APBR)
  • Application Quality of Experience (AppQoE)
  • Application-based multipath routing

Threat Defense and Intelligence Services

  • Intrusion prevention
  • Antivirus
  • Antispam
  • Category/reputation-based URL filtering
  • Protection from botnets (command and control)
  • Adaptive enforcement based on GeoIP
  • Juniper Advanced Threat Prevention, a cloud-based SaaS offering, to detect and block zero-day attacks
  • Juniper ATP Appliance, a distributed, on-premises advanced threat prevention solution to detect and block zero-day attacks
  • Adaptive Threat Profiling
  • Encrypted Traffic Insights
  • SecIntel to provide threat intelligence

 Routing Protocols

  • IPv4, IPv6
  • Static routes
  • RIP v1/v2
  • OSPF/OSPF v3
  • BGP with Route Reflector
  • IS-IS
  • Multicast: Internet Group Management Protocol (IGMP) v1/v2; Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM); Session Description Protocol (SDP); Distance Vector Multicast Routing Protocol (DVMRP); Multicast Source Discovery Protocol (MSDP); Reverse Path Forwarding (RPF)
  • Encapsulation: VLAN, Point-to-Point Protocol over Ethernet (PPPoE)
  • Virtual routers
  • Policy-based routing, source-based routing
  • Equal-cost multipath (ECMP)

QoS Features

  • Support for 802.1p, DiffServ code point (DSCP), EXP
  • Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters
  • Marking, policing, and shaping
  • Classification and scheduling
  • Weighted random early detection (WRED)
  • Guaranteed and maximum bandwidth
  • Ingress traffic policing
  • Virtual channels
  • Hierarchical shaping and policing

Switching Features

  • ASIC-based Layer 2 forwarding
  • MAC address learning
  • VLAN addressing and integrated routing and bridging (IRB) support
  • Link aggregation and LACP
  • LLDP and LLDP-MED
  • STP, RSTP, MSTP
  • MVRP
  • 1X authentication

Network Services

  • Dynamic Host Configuration Protocol (DHCP) client/server/relay
  • Domain Name System (DNS) proxy, dynamic DNS (DDNS)
  • Juniper real-time performance monitoring (RPM) and IP monitoring
  • Juniper flow monitoring (J-Flow)
  • Bidirectional Forwarding Detection (BFD)
  • Two-Way Active Measurement Protocol (TWAMP)
  • IEEE 802.3ah Link Fault Management (LFM)
  • IEEE 802.1ag Connectivity Fault Management (CFM)

Advanced Routing Services

  • Packet mode
  • MPLS (RSVP, LDP)
  • Circuit cross-connect (CCC), translational cross-connect (TCC)
  • L2/L2 MPLS VPN, pseudo-wires
  • Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN)
  • MPLS traffic engineering and MPLS fast reroute

Management, Automation, Logging, and Reporting

  • SSH, Telnet, SNMP
  • Smart image download
  • Juniper CLI and Web UI
  • Juniper Networks Junos Space and Security Director
  • Python
  • Junos OS event, commit and OP scripts
  • Application and bandwidth usage reporting
  • Auto installation
  • Debug and troubleshooting tools

Hardware Specifications

Specification

SRX1500

Connectivity

Total onboard ports

16x1GbE and 4x10GbE

Onboard RJ-45 ports

12x1GbE

Onboard small form-factor pluggable (SFP) transceiver ports

4x1GbE

Onboard SFP+ ports

4x10GbE

Out-of-Band (OOB) management ports

1x1GbE

Dedicated high availability (HA) ports

1x1GbE (SFP)

PIM slots

2

Console (RJ-45 + miniUSB)

1

USB 2.0 ports (type A)

1

Memory and Storage

System memory (RAM)

16 GB

Primary boot storage (mSATA)

16 GB

Secondary storage (SSD)

100 GB

Dimensions and Power

Form factor

1 U

Size (WxHxD)

17.5 x 1.75 x 18.2 in (44.45 x 4.44 x 46.22 cm)

Weight (device and PSU)

16.1 lb (7.30 kg)

Redundant PSU

1+1

Power supply

AC/DC (external)

Average power consumption

150 W

Average heat dissipation

512 BTU / hour

Maximum current consumption

2.5A (for AC PSU);
6.2A (for DC PSU)

Maximum inrush current

50A by 1 AC cycle

Acoustic noise level

66.5dBA

Airflow/cooling

Front to back

Operating temperature

32° to 104° F (0° to 40° C)

Nonoperating temperature

4° to 158° F (-20° to 70° C)

Operating humidity

10% to 90% noncondensing

Nonoperating humidity

5% to 95% noncondensing

Meantime between failures (MTBF)

9.78 years (85,787 hours)

FCC classification

Class A

RoHS compliance

RoHS 2

FIPS 140-2

Level 2 (Junos 19.2)

Performance and Scale

Routing/firewall (IMIX packet size) Gbps2

4.8

Routing/firewall (1,518 B packet size) Gbps2

9.2

IPsec VPN (IMIX packet size) Gbps2

1.3

IPsec VPN (1400 B packet size) in Gbps2

4.5

Application visibility and control in Gbps3

7.9

Recommended IPS in Gbps3

3.3

Next-generation firewall in Gbps4

2.1

Secure Web Access firewall in Gbps5

1.6

Route table size (RIB/FIB) (IPv4)

2 million / 1 million

Maximum concurrent sessions (IPv4 or IPv6)

2,000,000

Maximum security policies

16,000

Connections per second

90,000

NAT rules

8,000

Media access control (MAC) table size

64,000 (standalone mode)

IPsec VPN tunnels

2,000

Number of remote access/SSL VPN (concurrent) users

2,000

GRE tunnels

2,048

Maximum security zones

512

Maximum virtual router

512

Maximum VLANs

3,900

Want to Know More Solutions?