Juniper SRX4600-SYS-JB-AC Firewall

Juniper SRX4600-SYS-JB-AC Firewall

The Juniper SRX4600-SYS-JB-AC Firewall is a high-performance next-generation firewall designed for enterprise, service provider, and cloud deployments that require advanced threat prevention, secure networking, and large-scale session handling. Built in a compact 1U form factor, it combines firewall, IPsec VPN, routing, MPLS, NAT, and application-aware security in a single platform.

With up to 400 Gbps firewall throughput, 44 Gbps IPsec VPN IMIX performance, and support for up to 60 million concurrent sessions, the SRX4600 is well suited for protecting data centers, campus networks, and regional hubs. It supports advanced services such as intrusion prevention, antivirus, antispam, URL filtering, SSL inspection, SecIntel, and AI-Predictive Threat Prevention, while also enabling application visibility, traffic control, and secure SD-WAN architectures.

Managed through Juniper Security Director Cloud and supported by Junos OS automation, the SRX4600 helps simplify policy management, improve operational efficiency, and extend zero-trust security across traditional, cloud, and hybrid environments.

Properties	Juniper SRX4600-SYS-JB-AC
Description	SRX4600 Firewall includes hardware (up to 24x1GbE/10GbE, 4x40GbE/100GbE, 256 GB RAM, 2x 1 TB M.2 SSD, dual AC power supplies) and Junos OS with firewall, NAT, IPSec, routing, MPLS, application visibility, and advanced threat protection support.
Product Family	SRX4600 Series
Product Type	Security Firewall
Connectivity Specification
Total onboard I/O ports	Up to 24x1GbE/10GbE (SFP+), 4x40GbE/100GbE (QSFP28)
Out-of-Band (OOB) management ports	RJ-45 (1 Gbps)
Dedicated high availability (HA) ports	2x1GbE/10GbE (SFP+) Control, 2x1GbE/10GbE (SFP+) Data
Console	RJ-45 (RS232)
USB 2.0 ports (Type A)	1
Form factor	1 U
Dimensions (WxHxD)	17.4 x 1.7 x 27.29 in (44.19 x 4.32 x 69.32 cm) with AC PEMs
Weight (system and 2 power entry modules)	38 lb (17.24 kg) with AC PEMs Shipping weight: 45.47 lb (20.62 kg)
Power
Power supply	2x 1600 W AC-DC PSU redundant
Redundant PSU	1+1
Average power consumption	650 W
Average heat dissipation	2218 BTU/hour
Maximum current consumption	12 A (for 110 V AC power) 6 A (for 220 V AC power)
Airflow/cooling	Front to back
Acoustic noise level	69 dBA at normal fan speed, 87 dBA at full fan speed
Timing Interfaces
Time of day – RS-232 (EIA-23)	1xRJ-45
BITS clock	1xRJ-48
10-MHz timing connector (GNSS)	1xInput (COAX), 1xOutput (COAX)
Pulse per second connection (1-PPS)	1xInput (COAX), 1xOutput (COAX)

Specifications	SRX4600-SYS-JB-AC
System memory (RAM)	256 GB
Secondary storage (SSD)	2x 1 TB M.2 SSD
Firewall (IMIX) throughput in Gbps	400
Firewall throughput (1518 B) in Gbps	400
IPsec VPN throughput (IMIX) in Gbps	44
IPsec VPN throughput (1400 B) in Gbps	71
Application security performance (TPS/CPS) in Gbps	92 / 41
Next-generation firewall (TPS/CPS) in Gbps	90 / 21
Secure Web Access firewall (CPS) in Gbps	19
Advanced Threat (CPS) in Gbps	10.5
Connections per second (64B)	570,000
SSL connections per second	16,000
Maximum concurrent sessions (IPv4 or IPv6)	60 million
Route table size (RIB/FIB) (IPv4)	4 million / 1.2 million
IPsec VPN tunnels	7,500
Software Specifications
Firewall Services	Stateful firewall services Zone-based firewall Screens and distributed denial of service (DDoS) protection Protection from protocol and traffic anomalies Unified Access Control (UAC)
Network Address Translation (NAT)	Source NAT with Port Address Translation (PAT) Bidirectional 1:1 static NAT Destination NAT with PAT Persistent NAT IPv6 address translation Port Block Allocation method for carrier-grade NAT Deterministic NAT Port overloading, pool pairing, NAPT, NAT44, NAT66, NAPT, NAP-PT, NAT46, NAT64, Dual Stack Lite
VPN Features	Tunnels: Site-to-site, hub and spoke, dynamic endpoint, AutoVPN, ADVPN, Group VPN (IPv4/IPv6/Dual Stack) Juniper Secure Connect: Remote access/SSL VPN Configuration payload: Yes IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, Suite B IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384, SHA-512 Authentication: Pre-shared key and PKI (X.509) IPsec: AH / ESP IPsec Authentication Algorithms: hmac-md5, hmac-sha-196, hmac-sha-256, hmac-sha-512 IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, Suite B Perfect forward secrecy, anti-reply Diffie Hellman groups 14 to 24 Internet Key Exchange: IKEv1, IKEv2 Monitoring: DPD support, VPN monitoring VPNs GRE, IP-in-IP and MPLS
High Availability Features	VRRP—IPv4 and IPv6 Stateful high availability HA clustering Active/active Active/passive Dual MACsec-enabled HA control ports (10GbE) Dual MACsec-enabled HA fabric ports (10GbE) Configuration synchronization Firewall session synchronization Device/link detection Unified ISSU Multi-Node HA (MNHA) IP monitoring with route and interface failover
Application Security Services	Application visibility and control Application QoS Advanced/application policy-based routing (APBR) Application Quality of Experience (AppQoE) Application-based multipath routing User-based firewall
Threat Defense and Intelligence Services	IPS Antivirus Antispam Category/reputation-based URL filtering SSL proxy/inspection Protection from botnets (command and control) Adaptive enforcement based on GeoIP Juniper ATP Cloud Adaptive Threat Profiling Encrypted Traffic Insights SecIntel threat intelligence Juniper ATP virtual appliance AI-Predictive Threat Prevention
Routing Protocols	IPv4, IPv6, static routes, RIP v1/v2 OSPF/OSPF v3 BGP with route reflector BFD EVPN-VXLAN IS-IS Multicast: IGMP v1/v2, PIM SM/DM/SSM, SDP, DVMRP, MSDP, RPF Encapsulation: VLAN, PPPoE Virtual routers Policy-based routing, source-based routing Equal-cost multipath (ECMP)
QoS Features	Support for 802.1p, DiffServ code point (DSCP) Classification based on interface, bundles, or multifield filters Marking, policing, and shaping Classification and scheduling Weighted random early detection (WRED) Guaranteed and maximum bandwidth
Network Services	DHCP client/server/relay DNS proxy, dynamic DNS (DDNS) Juniper real-time performance monitoring (RPM) and IP monitoring Juniper flow monitoring (J-Flow)
Management, Automation, Logging, and Reporting	SSH, Telnet, SNMP Smart image download Juniper CLI and Web UI Juniper Security Director Cloud Python Junos OS events, commit, and OP scripts Application and bandwidth usage reporting gRPC telemetry Debug and troubleshooting tools
Operating temperature	32° to 104° F (0° to 40° C)
Operating humidity	5% to 90% non-condensing
Meantime between failures (MTBF)	111,626 hours (12.75 years)
FCC classification	Class A
RoHS compliance	RoHS 2
NEBS compliance	Designed for NEBS Level 3

INTERNATIONAL -

International buyers must acknowledge that all duties and taxes are their sole responsibility and Network Devices Inc is not held responsible for possible additional charges.

DOMESTIC -

Products are shipped Monday through Friday via UPS/FedEx/USPS. The estimated delivery time is 1-6 business days depending on location. If “Free Shipping” is offered, it will be by Ground only and within USA Continental States Only (48 States). There will be a surcharge on shipments to Hawaii, Alaska, Puerto Rico and APO/FPO addresses. After you have made a purchase, the surcharge will be calculated using the parcel’s weight and size. Network Devices Inc ships the product the same day of receiving an order. Otherwise you will a receive notification of delay or cancellation of said order.