JUNIPER NFX250-S2 FIREWALL

Model: NFX250-S2
Detail:
  • NFX250,‚ 10 x 10/100/1000BASE-T ports,‚ 2 x 100/1000BASE-X SFP ports,‚ 2 x 10GBASE-X SFP+ ports,‚ 6 x core x86 processor, 400 GB SSD, 32 GB memory
List Price: US$10,805.00
Price:
$7,564.00
You Save: $3,241.00 (30% OFF)
Condition: Brand New Sealed
Availability: SPECIAL ORDER
Shipping: FREE SHIPPING for all U.S orders over $100. Please call us at 201-559-1474, fill out the contact form, or chat with a live agent for other shipping methods.
Tax: $0.00 Tax Outside NJ and TX
Quantity:
+
-

[shortdesc]
  • NFX250,‚ 10 x 10/100/1000BASE-T ports,‚ 2 x 100/1000BASE-X SFP ports,‚ 2 x 10GBASE-X SFP+ ports,‚ 6 x core x86 processor, 400 GB SSD, 32 GB memory
[/shortdesc]
[properties]
Properties Juniper NFX250-S2
Description NFX250, 10 10/100/1000BASE-T ports, 2 100/1000BASE-X SFP ports, 2 10GBASE-X SFP+ ports, 6 core x86 processors, 400 GB SSD, 32 GB memory, Junos Device Manager (Linux container for virtual machine [VM] life cycle management and service activation), Junos Control Plane (VM to handle switching), vSRX NGFW with 60 day trial license (optics sold separately).
Product Family NFX250 Series
Product Type Security Firewall
Network interfaces 8 x 10/100/1000BASE-T RJ-45 LAN ports
2 x 10/100/1000BASE-T RJ-45 LAN/WAN ports
2 x 100/1000BASE-X SFP WAN ports
2 x 1GbE/10GbE SFP+ WAN ports
1 x 10/100/1000BASE-T RJ-45 management port
ADSL2/VDSL2 SFP
Out-of-band interfaces RJ-45 console port
Mini USB console port
USB 2.0 port
Rack units (U) 1 U
Dimensions (WxHxD) 1.72 x 17.36 x 12 in.
(4.37 x 44.09 x 30.48 cm)
Weight 9.48 lb (4.3 kg)
Power supply Fixed PSU 100-240 VAC
Airflow/cooling Front-to-back (AFO) forced cooling
Acoustic noise level 50 Dba
[/properties][specifications]
Specifications NFX250-S2
CPU Intel 6 Core Xeon D
Memory 32 GB DDR4
Storage 400 GB SSD
Software Wind River Linux 7
Managed Secure Router 4 Gbps
Managed Security 4 Gbps
IPSec 1.2 Gbps
Maximum number of VNFs 8
Software Specifications
Packet Switching Capacities Packet Forwarding Engine (PFE) capacity: 64 Gbps
VNF capacity: 20 Gbps full-duplex path to CPU for VNF traffic
Throughput via VNFs will vary depending on network function and acceleration technologies supported
Layer 2 Switching Maximum media access control (MAC) addresses in hardware: up to 16,000‡
Jumbo frames: 9216 bytes‡
Number of VLANs: up to 1024 (VLAN IDs: 4096)‡
Port-based VLAN
MAC-based VLAN
Voice VLAN
Private VLAN (PVLAN)
Number of MST instances supported: 64
Compatible with Per-VLAN Spanning Tree Plus (PVST+)
Routed VLAN interface (RVI)‡
Link Layer Discovery Protocol–Media Endpoint Discovery (LLDP-MED) with VoIP integration
Routing Protocols IPv4, IPv6, ISO, Connectionless Network Service (CLNS)
Static routes
RIP v1/v2
OSPF/OSPF v3
BGP with Route Reflector
Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF)
Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE)
Virtual routers
Policy-based routing, source-based routing
Equal-Cost Multipath (ECMP)
Threat Defense and Intelligence Services Intrusion prevention
Antivirus
Antispam
Category/reputation-based URL filtering
SecIntel to provide threat intelligence
Protection from botnets (command and control)
Adaptive enforcement based on GeoIP
Juniper Cloud Advanced Threat Prevention to detect and block zeroday malware attacks
High Availability VRRP
Backup link via 3G/4G LTE wireless or other WAN (NFX150)
Stateful failover and dual CPE clustering‡
Active/active—L3 mode
Active/passive—L3 mode
Configuration synchronization
Session synchronization firewall and VPN
Session failover for routing change
Device failure detection, link failure detection
IP monitoring with route and interface failover
VPN Features Tunnels: Generic routing encapsulation (GRE)3, IP-IP3, IPsec
Site-site IPsec VPN
IPsec crypto algorithms: Data Encryption Standard (DES), triple DES (3DES), Advanced Encryption Standard (AES-256), AES-GCM
IPsec authentication algorithms: MD5, SHA-1, SHA-128, SHA-256
Perfect forward secrecy, anti-reply
IPv4 and IPv6 IPsec VPN
Multiproxy ID for site-site VPN
Internet Key Exchange (IKEv1, IKEv2), NAT-T
Virtual router and quality-of-service (QoS) aware
Standard-based dead peer detection (DPD) support
VPN monitoring
Quality of Service (QoS) Layer 2 QoS
Layer 3 QoS
Ingress policing: 1 rate 2 color
Hardware queues per port: 8
Scheduling methods (egress): Strict priority (SP), shaped-deficit weighted round-robin (SDWRR)
802.1p: DiffServ code point (DSCP)/IP precedence trust and marking
L2-L4 classification criteria: Interface, MAC address, Ethertype, 802.1p, VLAN, IP address, DSCP/IP precedence
TCP/UDP port numbers
Congestion avoidance capabilities: Tail drop
Multicast Internet Group Management Protocol (IGMP) snooping entries: 1000
IGMP: v1, v2, v3
IGMP snooping
PIM-SM
Services and Manageability Junos OS CLI
Web interface (J-Web)
Out-of-band management: Serial, 10/100BASE-T Ethernet
ASCII configuration
Rescue configuration
Configuration rollback
Simple Network Management Protocol (SNMP): v1, v2c, v3
Remote monitoring (RMON) (RFC 2819) Groups 1, 2, 3, 9
Network Time Protocol (NTP)
DHCP server
DHCP client and DHCP proxy
DHCP relay and helper
RADIUS authentication
TACACS+ authentication
SSHv2
Secure copy
HTTP/HTTPs
Domain Name System (DNS) resolver
System logging
Temperature sensor
Configuration backup via FTP/secure copy
Interface range
Advanced Routing Services MPLS (RSVP, LDP)
Circuit cross-connect (CCC), translational cross-connect (TCC)
L2/L3 MPLS VPN
Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN)
MPLS traffic engineering and MPLS fast reroute
Application Security Services Application visibility and control
Application-based firewall
Application QoS
Application-based advanced policy-based routing
Application quality of experience (AppQoE)
Access Control Lists (Junos OS Firewall Filters) Port-based ACL (PACL)—ingress
VLAN-based ACL (VACL)—ingress and egress
Router-based ACL (RACL)—ingress and egress
ACL entries (ACE) in hardware per system: 1500
ACL counter for denied packets
ACL counter for permitted packets
Ability to add/remove/change ACL entries in middle of list (ACL editing)
L2-L4 ACL
Security MAC limiting
Allowed MAC addresses—configurable per port
Sticky MAC (persistent MAC address learning)
Dynamic ARP inspection (DAI)
Proxy ARP
Static ARP support
Dynamic Host Configuration Protocol (DHCP) snooping
Troubleshooting Debugging: CLI via console, telnet, or SSH
Diagnostics: Show and debug command statistics
Traffic mirroring (port)
Traffic mirroring (VLAN)
ACL-based mirroring
Mirroring destination ports per system: 1
LAG port monitoring
Multiple destination ports monitored to 1 mirror (N:1)
Maximum number of mirroring sessions: 1
Mirroring to remote destination (over L2): 1 destination
VLAN
IP tools: Extended ping and trace
Juniper Networks commit and rollback
Optics EX-SFP-10GE-USR
EX-SFP-10GE-DAC-1M
EX-SFP-1GE-SX
EX-SFP-1GE-SX-ET
EX-SFP-1GE-LX
EX-SFP-10GE-SR
EX-SFP-10GE-LR
EX-SFP-10GE-DAC-3M
EX-SFP-10GE-DAC-5M
EX-SFP-10GE-ER
EX-SFP-10GE-ZR
EX-SFP-1GE-LH
EX-SFP-1GE-LX40K
EX-SFP-GE10KT13R14
EX-SFP-GE10KT14R13
EX-SFP-GE10KT13R15
EX-SFP-GE10KT15R13
EX-SFP-GE40KT13R15
EX-SFP-GE40KT15R13
EX-SFP-GE80KCW1470
EX-SFP-GE80KCW1490
EX-SFP-GE80KCW1510
EX-SFP-GE80KCW1530
EX-SFP-GE80KCW1550
EX-SFP-GE80KCW1570
EX-SFP-GE80KCW1590
EX-SFP-GE80KCW1610
Operating temperature 32° to 122° F (0° to 50° C)
Storage temperature -40° to 158° F (-40° to 70° C)
Operating altitude Up to 10,000 ft. (3048 m)
Relative humidity operating 5% to 90% (noncondensing)
Relative humidity non-operating 5% to 90% (noncondensing)
Seismic Designed to meet GR-63, Zone 4 earthquake requirements
Safety cNRTL-UL60950-1 (Second Edition)
C-UL to CAN/CSA 22.2 No.60950-1 (Second Edition)
TUV/GS to EN 60950-1 (Second Edition)
CB-IEC60950-1 (Second Edition with all country deviations)
EN 60825-1 (Second Edition)
Electromagnetic Compatibility FCC 47CFR Part 15 Class A
EN 55022 Class A
ICES-003 Class A
VCCI Class A
AS/NZS CISPR 32 Class A
CISPR 22 Class A, CISPR 32 Class A
EN 55024
EN 300386
CE
Environmental Compliance Restriction of Hazardous Substances (ROHS) 6/6
ROHS 7a exemption for power supply components acceptable
Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH) Waste Electronics and Electrical Equipment (WEEE)
IEEE Standards IEEE 802.1AB: Link Layer Discovery Protocol (LLDP)
IEEE 802.1ag: Connectivity Fault Management (CFM)
IEEE 802.1ak: Multiple VLAN Registration Protocol (MVRP)
IEEE 802.1D: Spanning Tree Protocol
IEEE 802.1p: CoS prioritization
IEEE 802.1Q: VLAN tagging
IEEE 802.1Q-in-Q: VLAN Stacking
IEEE 802.1w: Rapid Spanni

Juniper NFX250-S2 Firewall (NFX250-S2)

The NFX250 Network Services Platform offers enhanced capacity, performance, and scalability for larger enterprise entities and service providers seeking to consolidate multiple services onto a single platform. This product provides increased Virtual Network Function (VNF) capacity. It is equipped with Juniper Networks' vSRX Virtual Firewall to ensure the secure deployment of Software-Defined Wide Area Network (SD-WAN), secure routing, and a diverse range of managed services.

Quick Specs:

  • 400GB SSD
  • 32GB DDR4 Ram
  • CPU: Intel 6 Core Xeon D
  • Front-to-back forced cooling

Please see the related tabs for the NFX250-S2 datasheet and compatible accessories.

Specifications

Specifications NFX250-S2
CPU Intel 6 Core Xeon D
Memory 32 GB DDR4
Storage 400 GB SSD
Software Wind River Linux 7
Managed Secure Router 4 Gbps
Managed Security 4 Gbps
IPSec 1.2 Gbps
Maximum number of VNFs 8
Software Specifications
Packet Switching Capacities Packet Forwarding Engine (PFE) capacity: 64 Gbps
VNF capacity: 20 Gbps full-duplex path to CPU for VNF traffic
Throughput via VNFs will vary depending on network function and acceleration technologies supported
Layer 2 Switching Maximum media access control (MAC) addresses in hardware: up to 16,000‡
Jumbo frames: 9216 bytes‡
Number of VLANs: up to 1024 (VLAN IDs: 4096)‡
Port-based VLAN
MAC-based VLAN
Voice VLAN
Private VLAN (PVLAN)
Number of MST instances supported: 64
Compatible with Per-VLAN Spanning Tree Plus (PVST+)
Routed VLAN interface (RVI)‡
Link Layer Discovery Protocol–Media Endpoint Discovery (LLDP-MED) with VoIP integration
Routing Protocols IPv4, IPv6, ISO, Connectionless Network Service (CLNS)
Static routes
RIP v1/v2
OSPF/OSPF v3
BGP with Route Reflector
Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF)
Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE)
Virtual routers
Policy-based routing, source-based routing
Equal-Cost Multipath (ECMP)
Threat Defense and Intelligence Services Intrusion prevention
Antivirus
Antispam
Category/reputation-based URL filtering
SecIntel to provide threat intelligence
Protection from botnets (command and control)
Adaptive enforcement based on GeoIP
Juniper Cloud Advanced Threat Prevention to detect and block zeroday malware attacks
High Availability VRRP
Backup link via 3G/4G LTE wireless or other WAN (NFX150)
Stateful failover and dual CPE clustering‡
Active/active—L3 mode
Active/passive—L3 mode
Configuration synchronization
Session synchronization firewall and VPN
Session failover for routing change
Device failure detection, link failure detection
IP monitoring with route and interface failover
VPN Features Tunnels: Generic routing encapsulation (GRE)3, IP-IP3, IPsec
Site-site IPsec VPN
IPsec crypto algorithms: Data Encryption Standard (DES), triple DES (3DES), Advanced Encryption Standard (AES-256), AES-GCM
IPsec authentication algorithms: MD5, SHA-1, SHA-128, SHA-256
Perfect forward secrecy, anti-reply
IPv4 and IPv6 IPsec VPN
Multiproxy ID for site-site VPN
Internet Key Exchange (IKEv1, IKEv2), NAT-T
Virtual router and quality-of-service (QoS) aware
Standard-based dead peer detection (DPD) support
VPN monitoring
Quality of Service (QoS) Layer 2 QoS
Layer 3 QoS
Ingress policing: 1 rate 2 color
Hardware queues per port: 8
Scheduling methods (egress): Strict priority (SP), shaped-deficit weighted round-robin (SDWRR)
802.1p: DiffServ code point (DSCP)/IP precedence trust and marking
L2-L4 classification criteria: Interface, MAC address, Ethertype, 802.1p, VLAN, IP address, DSCP/IP precedence
TCP/UDP port numbers
Congestion avoidance capabilities: Tail drop
Multicast Internet Group Management Protocol (IGMP) snooping entries: 1000
IGMP: v1, v2, v3
IGMP snooping
PIM-SM
Services and Manageability Junos OS CLI
Web interface (J-Web)
Out-of-band management: Serial, 10/100BASE-T Ethernet
ASCII configuration
Rescue configuration
Configuration rollback
Simple Network Management Protocol (SNMP): v1, v2c, v3
Remote monitoring (RMON) (RFC 2819) Groups 1, 2, 3, 9
Network Time Protocol (NTP)
DHCP server
DHCP client and DHCP proxy
DHCP relay and helper
RADIUS authentication
TACACS+ authentication
SSHv2
Secure copy
HTTP/HTTPs
Domain Name System (DNS) resolver
System logging
Temperature sensor
Configuration backup via FTP/secure copy
Interface range
Advanced Routing Services MPLS (RSVP, LDP)
Circuit cross-connect (CCC), translational cross-connect (TCC)
L2/L3 MPLS VPN
Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN)
MPLS traffic engineering and MPLS fast reroute
Application Security Services Application visibility and control
Application-based firewall
Application QoS
Application-based advanced policy-based routing
Application quality of experience (AppQoE)
Access Control Lists (Junos OS Firewall Filters) Port-based ACL (PACL)—ingress
VLAN-based ACL (VACL)—ingress and egress
Router-based ACL (RACL)—ingress and egress
ACL entries (ACE) in hardware per system: 1500
ACL counter for denied packets
ACL counter for permitted packets
Ability to add/remove/change ACL entries in middle of list (ACL editing)
L2-L4 ACL
Security MAC limiting
Allowed MAC addresses—configurable per port
Sticky MAC (persistent MAC address learning)
Dynamic ARP inspection (DAI)
Proxy ARP
Static ARP support
Dynamic Host Configuration Protocol (DHCP) snooping
Troubleshooting Debugging: CLI via console, telnet, or SSH
Diagnostics: Show and debug command statistics
Traffic mirroring (port)
Traffic mirroring (VLAN)
ACL-based mirroring
Mirroring destination ports per system: 1
LAG port monitoring
Multiple destination ports monitored to 1 mirror (N:1)
Maximum number of mirroring sessions: 1
Mirroring to remote destination (over L2): 1 destination
VLAN
IP tools: Extended ping and trace
Juniper Networks commit and rollback
Optics EX-SFP-10GE-USR
EX-SFP-10GE-DAC-1M
EX-SFP-1GE-SX
EX-SFP-1GE-SX-ET
EX-SFP-1GE-LX
EX-SFP-10GE-SR
EX-SFP-10GE-LR
EX-SFP-10GE-DAC-3M
EX-SFP-10GE-DAC-5M
EX-SFP-10GE-ER
EX-SFP-10GE-ZR
EX-SFP-1GE-LH
EX-SFP-1GE-LX40K
EX-SFP-GE10KT13R14
EX-SFP-GE10KT14R13
EX-SFP-GE10KT13R15
EX-SFP-GE10KT15R13
EX-SFP-GE40KT13R15
EX-SFP-GE40KT15R13
EX-SFP-GE80KCW1470
EX-SFP-GE80KCW1490
EX-SFP-GE80KCW1510
EX-SFP-GE80KCW1530
EX-SFP-GE80KCW1550
EX-SFP-GE80KCW1570
EX-SFP-GE80KCW1590
EX-SFP-GE80KCW1610
Operating temperature 32° to 122° F (0° to 50° C)
Storage temperature -40° to 158° F (-40° to 70° C)
Operating altitude Up to 10,000 ft. (3048 m)
Relative humidity operating 5% to 90% (noncondensing)
Relative humidity non-operating 5% to 90% (noncondensing)
Seismic Designed to meet GR-63, Zone 4 earthquake requirements
Safety cNRTL-UL60950-1 (Second Edition)
C-UL to CAN/CSA 22.2 No.60950-1 (Second Edition)
TUV/GS to EN 60950-1 (Second Edition)
CB-IEC60950-1 (Second Edition with all country deviations)
EN 60825-1 (Second Edition)
Electromagnetic Compatibility FCC 47CFR Part 15 Class A
EN 55022 Class A
ICES-003 Class A
VCCI Class A
AS/NZS CISPR 32 Class A
CISPR 22 Class A, CISPR 32 Class A
EN 55024
EN 300386
CE
Environmental Compliance Restriction of Hazardous Substances (ROHS) 6/6
ROHS 7a exemption for power supply components acceptable
Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH) Waste Electronics and Electrical Equipment (WEEE)
IEEE Standards IEEE 802.1AB: Link Layer Discovery Protocol (LLDP)
IEEE 802.1ag: Connectivity Fault Management (CFM)
IEEE 802.1ak: Multiple VLAN Registration Protocol (MVRP)
IEEE 802.1D: Spanning Tree Protocol
IEEE 802.1p: CoS prioritization
IEEE 802.1Q: VLAN tagging
IEEE 802.1Q-in-Q: VLAN Stacking
IEEE 802.1w: Rapid Spanni

Juniper NFX250-S2 Firewall (NFX250-S2)

The NFX250 Network Services Platform offers enhanced capacity, performance, and scalability for larger enterprise entities and service providers seeking to consolidate multiple services onto a single platform. This product provides increased Virtual Network Function (VNF) capacity. It is equipped with Juniper Networks' vSRX Virtual Firewall to ensure the secure deployment of Software-Defined Wide Area Network (SD-WAN), secure routing, and a diverse range of managed services.

Quick Specs:

  • 400GB SSD
  • 32GB DDR4 Ram
  • CPU: Intel 6 Core Xeon D
  • Front-to-back forced cooling

Please see the related tabs for the NFX250-S2 datasheet and compatible accessories.

Properties

Properties Juniper NFX250-S2
Description NFX250, 10 10/100/1000BASE-T ports, 2 100/1000BASE-X SFP ports, 2 10GBASE-X SFP+ ports, 6 core x86 processors, 400 GB SSD, 32 GB memory, Junos Device Manager (Linux container for virtual machine [VM] life cycle management and service activation), Junos Control Plane (VM to handle switching), vSRX NGFW with 60 day trial license (optics sold separately).
Product Family NFX250 Series
Product Type Security Firewall
Network interfaces 8 x 10/100/1000BASE-T RJ-45 LAN ports
2 x 10/100/1000BASE-T RJ-45 LAN/WAN ports
2 x 100/1000BASE-X SFP WAN ports
2 x 1GbE/10GbE SFP+ WAN ports
1 x 10/100/1000BASE-T RJ-45 management port
ADSL2/VDSL2 SFP
Out-of-band interfaces RJ-45 console port
Mini USB console port
USB 2.0 port
Rack units (U) 1 U
Dimensions (WxHxD) 1.72 x 17.36 x 12 in.
(4.37 x 44.09 x 30.48 cm)
Weight 9.48 lb (4.3 kg)
Power supply Fixed PSU 100-240 VAC
Airflow/cooling Front-to-back (AFO) forced cooling
Acoustic noise level 50 Dba
INTERNATIONAL -

International buyers must acknowledge that all duties and taxes are their sole responsibility and Network Devices Inc is not held responsible for possible additional charges.

DOMESTIC -

Products are shipped Monday through Friday via UPS/FedEx/USPS. The estimated delivery time is 1-6 business days depending on location. If “Free Shipping” is offered, it will be by Ground only and within USA Continental States Only (48 States). There will be a surcharge on shipments to Hawaii, Alaska, Puerto Rico and APO/FPO addresses. After you have made a purchase, the surcharge will be calculated using the parcel’s weight and size. Network Devices Inc ships the product the same day of receiving an order. Otherwise you will a receive notification of delay or cancellation of said order.
 
Just added to your wishlist:
My Wishlist
You've just added this product to the cart:
Checkout