產品資料   產品規格   相關下載  

The SRX1400 Services Gateway is a professional-grade platform for security ideally suited for small- to mid-size data centers, mobile operator, and enterprise and service provider 10 GbE network environments, where consolidated functionality, uncompromising performance, and services integration, are required.

It consolidates multiple security services and networking functions in a highly-available 3RU appliance, and that features a modular design that uses common form-factor modules serviceable from the front panel. It incorporates innovations that improve reliability, enhance network availability, and deliver deterministic performance of concurrent security services at scale.

Junos Software version tested	Junos 12.1X44
Firewall performance (max)	10 Gbps
IPS performance (NSS 4.2.1)	3 Gbps
AES256+SHA-1 / 3DES+SHA-1 VPN performance	4 Gbps
Maximum concurrent sessions	1.5 million
New sessions/second (sustained, TCP, 3-way)	70,000
Maximum security policies	40,000
Maximum users supported	Unrestricted
Maximum available slots for IOCs	1 (front slot)
Fixed I/O ports	GE Base System 6 10/100/1000 RJ45 + 4 1000Base-X SFP + 2 1000Base-X SFP shared as data or clustering control XGE Base System 3 10GBase-X SFP plus + 6 10/100/1000 RJ45 + 1 1000Base-X SFP + 2 1000Base-X SFP shared as data or clustering control
CX111 3G Bridge support	N/A
Internal 3G Express Card Slot support	N/A
Centralized Management	Junos Space Security Design
LAN interface options	16 x 10/100/1000 RJ45 16 x 1000Base-X SFP 2 x 10GBase-X XFP
High-availability support	Active/Passive, Active/Active Low impact chassis cluster Interface aggregation groups across chassis cluster
AppSecure Services	Application Identification: yes Application Denial of Service Protection (AppDoS): yes AppTrack: yes AppQoS: yes AppFW: yes
Dimensions and Power	Dimensions (W x H x D: 17.5 x 5.25 x 13.8 in (44.5 x 13.3 x 35.05 cm) Weight: Base Chassis: 29.3 lb (13.3 kg) Fully configured chassis: 42.5 lb (19.3 kg) Power supply (AC): 100 to 127 VAC, 60 Hz, 13.0 A Maximum power draw: 485W (AC/DC power) Power supply redundancy: 1 + 1
Firewall	Network attack detection: Yes DoS and DDoS protection: Yes TCP reassembly for fragmented packet protection: Yes Brute force attack mitigation: Yes SYN cookie protection: Yes Zone-based IP spoofing: Yes Malformed packet protection: Yes GPRS stateful inspection: Yes
Intrusion Prevention System	Stateful protocol signatures: Yes Attack detection mechanisms: Stateful signatures, protocol anomaly detection (zero-day coverage), application identification Attack response mechanisms: Drop connection, close connection, session packet log, session summary, email, custom session Attack notification mechanisms: Structured syslog Worm protection: Yes SSL encrypted traffic inspection: Yes Simplified installation through recommended policies: Yes Trojan protection: Yes Spyware/adware/keylogger protection: Yes Other malware protection: Yes Protection against attack proliferation from infected systems: Yes Reconnaissance protection: Yes Request and response side attack protection: Yes Compound attacks — combines stateful signatures and protocol anomalies: Yes Create custom attack signatures: Yes Access contexts for customization: 500+ Attack editing (port range, other): Yes Stream signatures: Yes Protocol thresholds: Yes Stateful protocol signatures: Yes Approximate number of attacks covered: 6,000+ Detailed threat descriptions and remediation/patch info: Yes Create and enforce appropriate application-usage policies: Yes Attacker and target audit trail and reporting: Yes Deployment modes: Inline or TAP