Specifications |
|
Software Specifications |
Routing Protocols |
• IPv4, IPv6, ISO, Connectionless Network Service (CLNS) • Static routes • RIP v1/v2 • OSPF/OSPF v3 • BGP with Route Reflector • IS-IS • Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF) • Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE) • Virtual routers • Policy-based routing, source-based routing • Equal-cost multipath (ECMP) |
QoS Features |
• Support for 802.1p, DiffServ code point (DSCP), EXP • Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters • Marking, policing, and shaping • Classification and scheduling • Weighted random early detection (WRED) • Guaranteed and maximum bandwidth • Ingress traffic policing • Virtual channels • Hierarchical shaping and policing |
Switching Features |
• ASIC-based Layer 2 Forwarding • MAC address learning • VLAN addressing and integrated routing and bridging (IRB) support • Link aggregation and LACP • LLDP and LLDP-MED • STP, RSTP, MSTP • MVRP • 802.1X authentication |
Firewall Services |
• Stateful and stateless firewall • Zone-based firewall • Screens and distributed denial of service (DDoS) protection • Protection from protocol and traffic anomaly • Integration with Pulse Unified Access Control (UAC) • Integration with Aruba Clear Pass Policy Manager • User role-based firewall • SSL Inspection (Forward-proxy) |
Network Address Translation (NAT) |
• Source NAT with Port Address Translation (PAT) • Bidirectional 1:1 static NAT • Destination NAT with PAT • Persistent NAT • IPv6 address translation |
VPN Features |
• Tunnels: Site-to-Site, Hub and Spoke, Dynamic Endpoint, AutoVPN, ADVPN, Group VPN (IPv4/ IPv6/ Dual Stack) • Juniper Secure Connect: Remote access / SSL VPN • Configuration payload: Yes • IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AECCBC, AES-GCM, SuiteB • IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384 • Authentication: Pre-shared key and public key infrastructure (PKI) (X.509) • IPsec (Internet Protocol Security): Authentication Header (AH) / Encapsulating Security Payload (ESP) protocol • IPsec Authentication Algorithms: hmac-md5, hmac-sha-196, hmac-sha-256 • IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB • Perfect forward secrecy, anti-reply • Internet Key Exchange: IKEv1, IKEv2 • Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring • VPNs GRE, IP-in-IP, and MPLS • Application and bandwidth usage reporting • Auto installation • Debug and troubleshooting tools • Zero-Touch Provisioning with Contrail Service Orchestration |
Network Services |
• Dynamic Host Configuration Protocol (DHCP) client/server/ relay • Domain Name System (DNS) proxy, dynamic DNS (DDNS) • Juniper real-time performance monitoring (RPM) and IPmonitoring • Juniper flow monitoring (J-Flow)1 • Bidirectional Forwarding Detection (BFD) • Two-Way Active Measurement Protocol (TWAMP) • IEEE 802.3ah Link Fault Management (LFM) • IEEE 802.1ag Connectivity Fault Management (CFM) |
High Availability Features |
• Virtual Router Redundancy Protocol (VRRP) • Stateful high availability • Dual box clustering • Active/passive • Active/active • Configuration synchronization • Firewall session synchronization • Device/link detection • In-Band Cluster Upgrade (ICU) • Dial on-demand backup interfaces • IP monitoring with route and interface failover |
Management, Automation, Logging, and Reporting |
• SSH, Telnet, SNMP • Smart image download • Juniper CLI and Web UI • Mist AI - Simplified management - WAN Assurance • Security Director • Security Director Cloud • Juniper Secure Edge • Python • Junos OS event, commit, and OP script |
Advanced Routing Services |
• Packet mode • MPLS (RSVP, LDP) • Circuit cross-connect (CCC), translational cross-connect (TCC) • L2/L3 MPLS VPN, pseudowires • Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN) • MPLS traffic engineering and MPLS fast reroute |
Application Security Services (Offered as advanced security services subscription licenses. ) |
• Application visibility and control • Application-based advanced policy-based routing • Application-based advanced policy-based routing (APBR) • Application-based link monitoring and switchover with Application quality of experience (AppQoE) |
Threat Defense and Intelligence Services |
• Intrusion prevention • Antivirus • Antispam • Category/reputation-based URL filtering • Protection from botnets (command and control) • Adaptive enforcement based on GeoIP • Juniper Advanced Threat Prevention to detect and block zeroday attacks • Adaptive Threat Profiling • Encrypted Traffic Insights • SecIntel to provide threat intelligence |
Hardware Specifications |
Connectivity |
|
Total onboard ports |
8x1GbE |
Onboard RJ-45 ports |
6x1GbE |
Onboard small form-factor pluggable (SFP) transceiver ports |
2x1GbE |
MACsec-capable ports |
2x1GbE |
Out-of-band (OOB) management ports |
0 |
Mini PIM (WAN) slots |
0 |
Console (RJ-45 + miniUSB) |
1 |
USB 3.0 ports (type A) |
1 |
PoE+ ports |
N/A |
Memory and Storage |
System memory (RAM) |
4 GB |
Storage |
8 GB |
SSD slots |
0 |
Dimensions and Power |
Form factor |
Desktop |
Size (WxHxD) |
12.63 x 1.37 x 7.52 in. (32.08 x 3.47 x 19.10 cm) |
Weight (device and PSU) |
4.38 lb (1.98 kg) |
Redundant PSU |
No |
Power supply |
AC (external) |
Rated DC voltage range |
N/A |
Rated DC operating voltage range |
N/A |
Maximum PoE power |
N/A |
Average power consumption |
24.9 W |
Average heat dissipation |
85 BTU/h |
Maximum current consumption |
0.346 A |
Acoustic noise level |
0dB (fanless) |
Airflow/cooling |
Fanless |
Environmental, Compliance, and Safety Certification |
Operational temperature |
(-4° to 140° F) (-20° to 60° C) |
Nonoperational temperature |
(-4° to 158° F (-20° to 70° C) |
Operating humidity |
10% to 90% noncondensing |
Nonoperating humidity |
5% to 95% non-condensing |
Meantime between failures (MTBF) |
44.5 years |
FCC classification |
Class A |
RoHS compliance |
RoHS 2 |
FIPS 140-2 |
Level 2 (Junos 19.2R1) |
Common Criteria certification |
NDPP, VPNEP, FWEP, IPSEP (based on Junos 19.2R1) |
Performance and Scale |
Parameter |
|
Routing with packet mode (64 B packet size) in Mbps |
300 |
Routing with packet mode (IMIX packet size) in Mbps |
800 |
Routing with packet mode (1,518 B packet size in Mbps |
1,500 |
Stateful firewall (64 B packet size) in Kpps |
200 |
Stateful firewall (IMIX packet size) in Mbps |
600 |
Stateful firewall (1,518 B packet size) in Mbps |
1,900 |
IPsec VPN (IMIX packet size) in Mbps |
116 |
IPsec VPN (1,400 B packet size) in Mbps |
336 |
Application visibility and control in Mbps |
500 |
Recommended IPS in Mbps |
200 |
Next-generation firewall in Mbps |
226 |
Secure Web Access firewall in Mbps |
171 |
Route table size (RIB/FIB) (IPv4 or IPv6) |
256,000/256,000 |
Maximum concurrent sessions (IPv4 or IPv6) |
64,000 |
Maximum security policies |
1,000 |
Connections per second |
5,000 |
NAT rules |
1,000 |
MAC table size |
15,000 |
IPsec VPN tunnels |
256 |
Number of remote access/SSL VPN (concurrent) users |
25 |
GRE tunnels |
256 |
Maximum number of security zones |
16 |
Maximum number of virtual routers |
32 |
Maximum number of VLANs |
1,000 |
AppID sessions |
16,000 |
IPS sessions |
16,000 |
URLF sessions |
16,000 |