Juniper SRX340-SYS-JB Firewall

Juniper SRX340-SYS-JB Firewall

The Juniper SRX340-SYS-JB is a member of the SRX300 firewall family. The SRX340 firewall provides a secure connection for midsize distributed enterprise branch offices by integrating security, routing, switching, and WAN connectivity into a compact 1 U form factor. This networking and security platform offers up to 4.7 Gbps firewall and 733 Mbps IPsec VPN support, making it a cost-effective solution for these organizations.

Quick Specs:

• 4x 16GbE MPIM slots
• 4GB RAM
• Form Factor: 1U
• Junos Software Base

Please see the related tabs for the SRX340-SYS-JB datasheet and compatible accessories.

Properties	Juniper SRX340-SYS-JB Firewall
Description	SRX340 Firewalls include hardware (16GbE, 4x MPIM slots, 4G RAM, 8G Flash, power supply, cable and RMK) and Junos Software Base (firewall, NAT, IPSec, routing, MPLS and switching)
Product Family	SRX300 LINE OF FIREWALLS
Product Type	Firewall
SRX300 Highlights	The SRX300 line of firewalls consists of secure SD-WAN routers that bring high performance and proven deployment capabilities to enterprises that need to build a worldwide network of thousands of remote sites. WAN or Internet connectivity and Wi Fi module options include: • Ethernet, T1/E1, ADSL2/2+, and VDSL • 3G/4G LTE wireless • 802.11ac Wave 2 Wi-Fi
SRX340	Securely connecting midsize distributed enterprise branch offices, the SRX340 firewall consolidates security, routing, switching, and WAN connectivity in a 1 U form factor. The SRX340 supports up to 4.7 Gbps firewall and 733 Mbps IPsec VPN in a single, cost-effective networking and security platform.
Up to 20 Gbps of routing and firewall performance	• Best suited for small, medium and large branch office deployments • Addresses future needs for scale and feature capacity
Stateful high availability (HA), IP monitoring	• Uses stateful HA to synchronize configuration and firewall sessions • Supports multiple WAN interfaces with dial-on-demand backup • Route/link failover based on real-time link performance
Better end-user application and cloud experience and lower operational costs	• ZTP simplifies remote device provisioning • Advanced Policy-Based Routing (APBR) orchestrates business intent policies across the enterprise WAN • Application quality of experience (AppQoE) measures application SLAs and improves the end-user experience • Controls and prioritizes traffic based on application and user role
WAN assurance	• Complements the Juniper Secure SD-WAN solution with AI-powered automation and service levels • Provides visibility and insights into users, applications, WAN links, control, data plane, and CPU for proactive remediation
IPsec VPN, Remote Access/SSL VPN, Media Access Control Security (MACsec)	• Creates secure, reliable, and fast overlay links over public internet • Employs anti-counterfeit features to protect from unauthorized hardware spares • Includes high-performance CPU with built-in hardware to assist IPsec acceleration • Provides TPM-based protection of device secrets such as passwords and certificates • Offers secure and flexible remote access SSL VPN with Juniper Secure Connect
IPS, antivirus, anti-spam, enhanced web filtering, Juniper Advanced Threat Prevention Cloud, Encrypted Traffic Insights, and Threat Intelligence Feeds	• Provides real-time updates to IPS signatures and protects against exploits • Protects from zero-day attacks • Implements industry-leading antivirus and URL filtering • Integrates open threat intelligence platform with third-party feeds • Restores visibility that was lost due to encryption without the heavy burden of full TLS/SSL decryption
On-box GUI, Security Director	• Application updates are provided continually provided by Juniper Threat Labs • Inspects and detects applications inside the SSL-encrypted traffic
On-box GUI, Security Director	• Includes centralized management for auto-provisioning, firewall policy management, Network Address Translation (NAT), and IPsec VPN deployments, or simple, easy-to-use on-box GUI for local management
Junos OS	• Integrates routing, switching, and security in a single device • Reduces operation expense with Junos automation capabilities

Specifications	Juniper SRX340-SYS-JB Firewall
Software Specifications
Routing Protocols	• IPv4, IPv6, ISO, Connectionless Network Service (CLNS) • Static routes • RIP v1/v2 • OSPF/OSPF v3 • BGP with Route Reflector • IS-IS • Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF) • Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE) • Virtual routers • Policy-based routing, source-based routing • Equal-cost multipath (ECMP)
QoS Features	• Support for 802.1p, DiffServ code point (DSCP), EXP • Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters • Marking, policing, and shaping • Classification and scheduling • Weighted random early detection (WRED) • Guaranteed and maximum bandwidth • Ingress traffic policing • Virtual channels • Hierarchical shaping and policing
Switching Features	• ASIC-based Layer 2 Forwarding • MAC address learning • VLAN addressing and integrated routing and bridging (IRB) support • Link aggregation and LACP • LLDP and LLDP-MED • STP, RSTP, MSTP • MVRP • 802.1X authentication
Firewall Services	• Stateful and stateless firewall • Zone-based firewall • Screens and distributed denial of service (DDoS) protection • Protection from protocol and traffic anomaly • Integration with Pulse Unified Access Control (UAC) • Integration with Aruba Clear Pass Policy Manager • User role-based firewall • SSL Inspection (Forward-proxy)
Network Address Translation (NAT)	• Source NAT with Port Address Translation (PAT) • Bidirectional 1:1 static NAT • Destination NAT with PAT • Persistent NAT • IPv6 address translation
VPN Features	• Tunnels: Site-to-Site, Hub and Spoke, Dynamic Endpoint, AutoVPN, ADVPN, Group VPN (IPv4/ IPv6/ Dual Stack) • Juniper Secure Connect: Remote access / SSL VPN • Configuration payload: Yes • IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AECCBC, AES-GCM, SuiteB • IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384 • Authentication: Pre-shared key and public key infrastructure (PKI) (X.509) • IPsec (Internet Protocol Security): Authentication Header (AH) / Encapsulating Security Payload (ESP) protocol • IPsec Authentication Algorithms: hmac-md5, hmac-sha-196, hmac-sha-256 • IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB • Perfect forward secrecy, anti-reply • Internet Key Exchange: IKEv1, IKEv2 • Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring • VPNs GRE, IP-in-IP, and MPLS • Application and bandwidth usage reporting • Auto installation • Debug and troubleshooting tools • Zero-Touch Provisioning with Contrail Service Orchestration
Network Services	• Dynamic Host Configuration Protocol (DHCP) client/server/ relay • Domain Name System (DNS) proxy, dynamic DNS (DDNS) • Juniper real-time performance monitoring (RPM) and IPmonitoring • Juniper flow monitoring (J-Flow)1 • Bidirectional Forwarding Detection (BFD) • Two-Way Active Measurement Protocol (TWAMP) • IEEE 802.3ah Link Fault Management (LFM) • IEEE 802.1ag Connectivity Fault Management (CFM)
High Availability Features	• Virtual Router Redundancy Protocol (VRRP) • Stateful high availability • Dual box clustering • Active/passive • Active/active • Configuration synchronization • Firewall session synchronization • Device/link detection • In-Band Cluster Upgrade (ICU) • Dial on-demand backup interfaces • IP monitoring with route and interface failover
Management, Automation, Logging, and Reporting	• SSH, Telnet, SNMP • Smart image download • Juniper CLI and Web UI • Mist AI - Simplified management - WAN Assurance • Security Director • Security Director Cloud • Juniper Secure Edge • Python • Junos OS event, commit, and OP script
Advanced Routing Services	• Packet mode • MPLS (RSVP, LDP) • Circuit cross-connect (CCC), translational cross-connect (TCC) • L2/L3 MPLS VPN, pseudowires • Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN) • MPLS traffic engineering and MPLS fast reroute
Application Security Services (Offered as advanced security services subscription licenses. )	• Application visibility and control • Application-based advanced policy-based routing • Application-based advanced policy-based routing (APBR) • Application-based link monitoring and switchover with Application quality of experience (AppQoE)
Threat Defense and Intelligence Services	• Intrusion prevention • Antivirus • Antispam • Category/reputation-based URL filtering • Protection from botnets (command and control) • Adaptive enforcement based on GeoIP • Juniper Advanced Threat Prevention to detect and block zeroday attacks • Adaptive Threat Profiling • Encrypted Traffic Insights • SecIntel to provide threat intelligence
WAN and Wi-Fi Interface
1 port T1/E1 MPIM (SRX-MP-1T1E1-R)	YES
1 port VDSL2 Annex A/M MPIM (SRX-MP-1VDSL2-R)	YES
4G / LTE MPIM (SRX-MP-LTE-AA and SRX-MP-LTE-AE)	YES
802.11ac Wave 2 Wi-Fi MPIM	YES
Hardware Specifications
Connectivity
Total onboard ports	16x1GbE
Onboard RJ-45 ports	8x1GbE
Onboard small form-factor pluggable (SFP) transceiver ports	8x1GbE
MACsec-capable ports	16x1GbE
Out-of-band (OOB) management ports	1x1GbE
Mini PIM (WAN) slots	4
Console (RJ-45 + miniUSB)	1
USB 3.0 ports (type A)	1
PoE+ ports	0
Memory and Storage
System memory (RAM)	4 GB
Storage	8 GB
SSD slots	1
Dimensions and Power
Form factor	1U
Size (WxHxD)	17.36 x 1.72 x 14.57 in. (44.09 x 4.36 x 37.01 cm)
Weight (device and PSU)	10.80 lb (4.90 kg)
Redundant PSU	No
Power supply	AC (internal)
Rated DC voltage range	N/A
Rated DC operating voltage range	N/A
Maximum PoE power	N/A
Average power consumption	122 W
Average heat dissipation	420 BTU/h
Maximum current consumption	1.496 A
Acoustic noise level	45.5 dBA
Airflow/cooling	Front to back
Environmental, Compliance, and Safety Certification
Operational temperature	32° to 104° F (0° to 40° C)
Nonoperational temperature	(-4° to 158° F (-20° to 70° C)
Operating humidity	10% to 90% noncondensing
Nonoperating humidity	5% to 95% non-condensing
Meantime between failures (MTBF)	27 years
FCC classification	Class A
RoHS compliance	RoHS 2
FIPS 140-2	Level 2 (Junos 19.2R1)
Common Criteria certification	NDPP, VPNEP, FWEP, IPSEP (based on Junos 19.2R1)
Performance and Scale
Parameter
Routing with packet mode (64 B packet size) in Mbps	550
Routing with packet mode (IMIX packet size) in Mbps	1,600
Routing with packet mode (1,518 B packet size in Mbps	3,000
Stateful firewall (64 B packet size) in Kpps	350
Stateful firewall (IMIX packet size) in Mbps	1,100
Stateful firewall (1,518 B packet size) in Mbps	4,700
IPsec VPN (IMIX packet size) in Mbps	239
IPsec VPN (1,400 B packet size) in Mbps	733
Application visibility and control in Mbps	1,000
Recommended IPS in Mbps	400
Next-generation firewall in Mbps	420
Secure Web Access firewall in Mbps	280
Route table size (RIB/FIB) (IPv4 or IPv6)	1 million/600,000 (Route scaling numbers are with enhanced route-scale features turned on.)
Maximum concurrent sessions (IPv4 or IPv6)	256,000
Maximum security policies	2,000
Connections per second	10,000
NAT rules	2,000
MAC table size	15,000
IPsec VPN tunnels	1,024
Number of remote access/SSL VPN (concurrent) users	150
GRE tunnels	512
Maximum number of security zones	64
Maximum number of virtual routers	64
Maximum number of VLANs	2,000
AppID sessions	64,000
IPS sessions	64,000
URLF sessions	64,000

INTERNATIONAL -

International buyers must acknowledge that all duties and taxes are their sole responsibility and Network Devices Inc is not held responsible for possible additional charges.

DOMESTIC -

Products are shipped Monday through Friday via UPS/FedEx/USPS. The estimated delivery time is 1-6 business days depending on location. If “Free Shipping” is offered, it will be by Ground only and within USA Continental States Only (48 States). There will be a surcharge on shipments to Hawaii, Alaska, Puerto Rico and APO/FPO addresses. After you have made a purchase, the surcharge will be calculated using the parcel’s weight and size. Network Devices Inc ships the product the same day of receiving an order. Otherwise you will a receive notification of delay or cancellation of said order.