Juniper SRX550M Firewall

No image set
Base price
Description

Routing Protocols

  • IPv4, IPv6, ISO, Connectionless Network Service (CLNS)
  • Static routes
  • RIP v1/v2
  • OSPF/OSPF v3
  • BGP with route reflector
  • IS-IS
  • Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF)
  • Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE)
  • Virtual routers
  • Policy-based routing, source-based routing
  • Equal-cost multipath (ECMP)

QoS Features

  • Support for 802.1p, DiffServ code point (DSCP), EXP
  • Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters
  • Marking, policing, and shaping
  • Classification and scheduling
  • Weighted random early detection (WRED)
  • Guaranteed and maximum bandwidth
  • Ingress traffic policing
  • Virtual channels
  • Hierarchical shaping and policing

Switching Features

  • ASIC-based Layer 2 forwarding
  • MAC address learning
  • VLAN addressing and integrated routing and bridging (IRB) support
  • Link aggregation and LACP
  • Link Layer Discovery Protocol (LLDP) and Link Layer Discovery Protocol–Media Endpoint Discovery (LLDP-MED)
  • Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Tree Protocol (MSTP)
  • Multiple VLAN Registration Protocol (MVRP)
  • 802.1X authentication

Firewall Services

  • Stateful and stateless firewall
  • Zone-based firewall
  • Screens and distributed denial of service (DDoS) protection
  • Protection from protocol and traffic anomaly
  • Integration with Pulse Unified Access Control (UAC)
  • Integration with Aruba Clear Pass Policy Manager
  • User role-based firewall
  • SSL Inspection (forward-proxy)

Network Address Translation (NAT)

  • Source NAT with Port Address Translation (PAT)
  • Bidirectional 1:1 static NAT
  • Destination NAT with PAT
  • Persistent NAT
  • IPv6 address translation

VPN Features

  • Tunnels: Site-to-Site, Hub and Spoke, Dynamic Endpoint, AutoVPN, ADVPN, Group VPN (IPv4/IPv6/Dual Stack)
  • Juniper Secure Connect: Remote access/SSL VPN
  • Configuration payload: Yes
  • IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
  • IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384
  • Authentication: Pre-shared key and public key infrastructure (PKI) (X.509)
  • IPsec (Internet Protocol Security): Authentication Header (AH)/Encapsulating Security Payload (ESP) protocol
  • IPsec Authentication Algorithms: hmac-md5, hmac-sha-196, hmac-sha-256
  • IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
  • Perfect forward secrecy, anti-reply
  • Internet Key Exchange: IKEv1, IKEv2
  • Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring
  • VPNs GRE, IP-in-IP, and MPLS

Network Services

  • Dynamic Host Configuration Protocol (DHCP) client/server/relay
  • Domain Name System (DNS) proxy, dynamic DNS (DDNS)
  • Juniper real-time performance monitoring (RPM) and IP-monitoring
  • Juniper flow monitoring (J-Flow)
  • Bidirectional Forwarding Detection (BFD)
  • Two-Way Active Measurement Protocol (TWAMP)
  • IEEE 802.3ah Link Fault Management (LFM)
  • IEEE 802.1ag Connectivity Fault Management (CFM)

High Availability Features

  • Virtual Router Redundancy Protocol (VRRP)
  • Stateful high availability
  • Dual box clustering
  • Active/passive
  • Active/active
  • Configuration synchronization
  • Firewall session synchronization
  • Device/link detection
  • In-Band Cluster Upgrade (ICU)
  • Dial on-demand backup interfaces
  • IP monitoring with route and interface failover

Management, Automation, Logging, and Reporting

  • SSH, Telnet, SNMP
  • Smart image download
  • Juniper CLI and Web UI
  • Mist AI
    • Simplified management
    • WAN Assurance
  • Junos Space and Security Director
  • Python, PyEz, and Ansible modules
  • Junos OS event, commit, and OP script
  • Application and bandwidth usage reporting
  • Auto installation
  • Debug and troubleshooting tools
  • ZTP with Contrail Service Orchestration

Advanced Routing Services

  • Packet mode
  • MPLS (RSVP, LDP)
  • Circuit cross-connect (CCC), translational cross-connect (TCC)
  • L2/L3 MPLS VPN, pseudowires
  • Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN)
  • MPLS traffic engineering and MPLS fast reroute

Application Security Services

  • Application visibility and control
  • Application-based firewall
  • Application QoS

Enhanced SD-WAN Services

  • Application-based advanced policy-based routing (APBR)
  • Application quality of experience (AppQoE)
  • Application-based link monitoring and switchover with AppQoE

Threat Defense and Intelligence Services

  • Intrusion prevention system (IPS)
  • Antivirus
  • Antispam
  • Category/reputation-based URL filtering
  • Protection from botnets (command and control)
  • Adaptive enforcement based on GeoIP
  • Juniper Advanced Threat Prevention to detect and block zero-day attacks
  • Adaptive Threat Profiling
  • Encrypted Traffic Insights
  • Juniper SecIntel to provide threat intelligence

Hardware Specifications

Network Connectivity

  • Fixed I/O: 6 x 10/100/1000 BASE-T + 4 small form-factor pluggable transceivers (SFP transceivers)
  • I/O slots: 2 x SRX Series Mini-PIM, 6 x Gigabit-Backplane Physical Interface Module (GPIM) or multiple GPIM and XPIM combinations
  • Services and Routing Engine slots: No
  • WAN/LAN interface options: See ordering information
  • Maximum number of PoE ports (PoE optional on some SRX Series models): Up to 40 ports of 802.3af/at with maximum 247 W
  • USB: 2

Flash and Memory

  • Memory (DRAM): 4 GB
  • Memory slots: 2 DIMM
  • Flash memory: 8 GB, CF internal
  • USB port for external storage: Yes

Dimensions and Power

  • Dimensions (W x H x D): 17.5 x 3.5 x 18.2 in (44.4 x 8.8 x 46.2 cm)
  • Weight (device and power supply): 21.96 lb (9.96 kg) (no interface modules, 1 power supply)
  • Rack-mountable: Yes, 2 U
  • Power supply (AC): 100-240 VAC, single 645 W or dual 645 W
  • Maximum PoE power: 247 W redundant, or 494 W non-redundant
  • Average power consumption: 85 W
  • Input frequency: 50-60 Hz
  • Maximum current consumption: 7.5 A @ 100 VAC with single PSU with PoE, 10.5 A @ 100 VAC with dual PSU with PoE
  • Maximum inrush current: 45 A for half-cycle
  • Average heat dissipation: 238 BTU/hr
  • Maximum heat dissipation: 1449 BTU/hr
  • Redundant power supply (hot swappable): Yes (up to maximum capacity of single PSU)
  • Acoustic noise level (per ISO 7779 Standard): 51.8 dB

Environmental, Compliance, and Safety Certification

  • Operational temperature: 32° to 104° F (0° to 40° C)
  • Nonoperational temperature: 4° to 158° F, (-20° to 70° C)
  • Humidity (operating): 10% to 90% noncondensing
  • Humidity (nonoperating): 5% to 95% noncondensing
  • Mean time between failures (Telcordia model): 9.6 years with redundant power
  • FCC classification: Class A
  • RoHS compliance: Yes

Performance and Scale

  • Firewall performance (large packets)2: 7 Gbps
  • Firewall performance (IMIX)2: 2 Gbps
  • Firewall + routing pps (64 Byte)2: 700 Kpps
  • Firewall performance (HTTP)3: 2 Gbps
  • IPsec VPN throughput (large packets): 1.0 Gbps
  • IPsec VPN tunnels: 2000
  • Application firewall4: 2.0 Gbps
  • Intrusion prevention system (IPS)3: 800 Mbps
  • Antivirus: 300 Mbps (Sophos antivirus)
  • Connections per second: 27,000
  • Maximum concurrent sessions: 375,000
  • Maximum security policies: 8000
  • Maximum users supported: Unrestricted
  • Route table size (RIB/FIB) (IPv4 or IPv6): 1.5 million/750,000
  • NAT rules: 6144
  • MAC table size: 15,000
  • Number of remote access/SSL VPN (concurrent) users: 500
  • GRE tunnels: 1500
  • Maximum number of security zones: 96
  • Maximum number of virtual routers: 128
  • Maximum number of VLANs: 3967
  • AppID sessions: 65,000
  • IPS sessions: 64,000
  • URL filtering (URLF) sessions: 64,000

Want to Know More Solutions?