JUNIPER NFX250-S1 FIREWALL

$4,895 $6,992

Properties

Properties	Juniper NFX250-S1
Description	NFX250, 10 10/100/1000BASE-T ports, 2 100/1000BASE-X SFP ports, 2 10GBASE-X SFP+ ports, 6 core x86 processors, 100 GB SSD, 16 GB memory, Junos Device Manager (Linux container for virtual machine [VM] life cycle management and service activation), Junos Control Plane (VM to handle switching), vSRX NGFW with 60 day trial license (optics sold separately)
Product Family	NFX250 Series
Product Type	Security Firewall
Network interfaces	8 x 10/100/1000BASE-T RJ-45 LAN ports 2 x 10/100/1000BASE-T RJ-45 LAN/WAN ports 2 x 100/1000BASE-X small form-factor pluggable transceiver (SFP) WAN ports 2 x 1GbE/10GbE SFP+ WAN ports 1 x 10/100/1000BASE-T RJ-45 management port ADSL2/VDSL2 SFP
Out-of-band interfaces	RJ-45 console port Mini USB console port USB 2.0 port
Rack units (U)	1 U
Dimensions (WxHxD)	1.72 x 17.36 x 12 in. (4.37 x 44.09 x 30.48 cm)
Weight	9.48 lb (4.3 kg)
Power supply	Fixed PSU 100-240 VAC
Airflow/cooling	Front-to-back (AFO) forced cooling
Acoustic noise level	50 Dba

Specifications

Specifications	NFX250-S1
CPU	Intel 6 Core Xeon D
Memory	16 GB DDR4
Storage	100 GB SSD
Software	Wind River Linux 7
Managed Secure Router	2 Gbps
Managed Security	2 Gbps
IPSec	500 Mbps
Maximum number of VNFs	6
Software Specifications
Packet Switching Capacities	Packet Forwarding Engine (PFE) capacity: 64 Gbps VNF capacity: 20 Gbps full-duplex path to CPU for VNF traffic Throughput via VNFs will vary depending on network function and acceleration technologies supported
Layer 2 Switching	Maximum media access control (MAC) addresses in hardware: up to 16,000‡ Jumbo frames: 9216 bytes‡ Number of VLANs: up to 1024 (VLAN IDs: 4096)‡ Port-based VLAN MAC-based VLAN Voice VLAN Private VLAN (PVLAN) Number of MST instances supported: 64 Compatible with Per-VLAN Spanning Tree Plus (PVST+) Routed VLAN interface (RVI)‡ Link Layer Discovery Protocol–Media Endpoint Discovery (LLDP-MED) with VoIP integration
Routing Protocols	IPv4, IPv6, ISO, Connectionless Network Service (CLNS) Static routes RIP v1/v2 OSPF/OSPF v3 BGP with Route Reflector Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF) Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE) Virtual routers Policy-based routing, source-based routing Equal-Cost Multipath (ECMP)
Threat Defense and Intelligence Services	Intrusion prevention Antivirus Antispam Category/reputation-based URL filtering SecIntel to provide threat intelligence Protection from botnets (command and control) Adaptive enforcement based on GeoIP Juniper Cloud Advanced Threat Prevention to detect and block zeroday malware attacks
High Availability	VRRP Backup link via 3G/4G LTE wireless or other WAN (NFX150) Stateful failover and dual CPE clustering‡ Active/active—L3 mode Active/passive—L3 mode Configuration synchronization Session synchronization firewall and VPN Session failover for routing change Device failure detection, link failure detection IP monitoring with route and interface failover
VPN Features	Tunnels: Generic routing encapsulation (GRE)3, IP-IP3, IPsec Site-site IPsec VPN IPsec crypto algorithms: Data Encryption Standard (DES), triple DES (3DES), Advanced Encryption Standard (AES-256), AES-GCM IPsec authentication algorithms: MD5, SHA-1, SHA-128, SHA-256 Perfect forward secrecy, anti-reply IPv4 and IPv6 IPsec VPN Multiproxy ID for site-site VPN Internet Key Exchange (IKEv1, IKEv2), NAT-T Virtual router and quality-of-service (QoS) aware Standard-based dead peer detection (DPD) support VPN monitoring
Quality of Service (QoS)	Layer 2 QoS Layer 3 QoS Ingress policing: 1 rate 2 color Hardware queues per port: 8 Scheduling methods (egress): Strict priority (SP), shaped-deficit weighted round-robin (SDWRR) 802.1p: DiffServ code point (DSCP)/IP precedence trust and marking L2-L4 classification criteria: Interface, MAC address, Ethertype, 802.1p, VLAN, IP address, DSCP/IP precedence TCP/UDP port numbers Congestion avoidance capabilities: Tail drop
Multicast	Internet Group Management Protocol (IGMP) snooping entries: 1000 IGMP: v1, v2, v3 IGMP snooping PIM-SM
Services and Manageability	Junos OS CLI Web interface (J-Web) Out-of-band management: Serial, 10/100BASE-T Ethernet ASCII configuration Rescue configuration Configuration rollback Simple Network Management Protocol (SNMP): v1, v2c, v3 Remote monitoring (RMON) (RFC 2819) Groups 1, 2, 3, 9 Network Time Protocol (NTP) DHCP server DHCP client and DHCP proxy DHCP relay and helper RADIUS authentication TACACS+ authentication SSHv2 Secure copy HTTP/HTTPs Domain Name System (DNS) resolver System logging Temperature sensor Configuration backup via FTP/secure copy Interface range
Advanced Routing Services	MPLS (RSVP, LDP) Circuit cross-connect (CCC), translational cross-connect (TCC) L2/L3 MPLS VPN Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN) MPLS traffic engineering and MPLS fast reroute
Application Security Services	Application visibility and control Application-based firewall Application QoS Application-based advanced policy-based routing Application quality of experience (AppQoE)
Access Control Lists (Junos OS Firewall Filters)	Port-based ACL (PACL)—ingress VLAN-based ACL (VACL)—ingress and egress Router-based ACL (RACL)—ingress and egress ACL entries (ACE) in hardware per system: 1500 ACL counter for denied packets ACL counter for permitted packets Ability to add/remove/change ACL entries in middle of list (ACL editing) L2-L4 ACL
Security	MAC limiting Allowed MAC addresses—configurable per port Sticky MAC (persistent MAC address learning) Dynamic ARP inspection (DAI) Proxy ARP Static ARP support Dynamic Host Configuration Protocol (DHCP) snooping
Troubleshooting	Debugging: CLI via console, telnet, or SSH Diagnostics: Show and debug command statistics Traffic mirroring (port) Traffic mirroring (VLAN) ACL-based mirroring Mirroring destination ports per system: 1 LAG port monitoring Multiple destination ports monitored to 1 mirror (N:1) Maximum number of mirroring sessions: 1 Mirroring to remote destination (over L2): 1 destination VLAN IP tools: Extended ping and trace Juniper Networks commit and rollback
Optics	EX-SFP-10GE-USR EX-SFP-10GE-DAC-1M EX-SFP-1GE-SX EX-SFP-1GE-SX-ET EX-SFP-1GE-LX EX-SFP-10GE-SR EX-SFP-10GE-LR EX-SFP-10GE-DAC-3M EX-SFP-10GE-DAC-5M EX-SFP-10GE-ER EX-SFP-10GE-ZR EX-SFP-1GE-LH EX-SFP-1GE-LX40K EX-SFP-GE10KT13R14 EX-SFP-GE10KT14R13 EX-SFP-GE10KT13R15 EX-SFP-GE10KT15R13 EX-SFP-GE40KT13R15 EX-SFP-GE40KT15R13 EX-SFP-GE80KCW1470 EX-SFP-GE80KCW1490 EX-SFP-GE80KCW1510 EX-SFP-GE80KCW1530 EX-SFP-GE80KCW1550 EX-SFP-GE80KCW1570 EX-SFP-GE80KCW1590 EX-SFP-GE80KCW1610
Operating temperature	32° to 122° F (0° to 50° C)
Storage temperature	-40° to 158° F (-40° to 70° C)
Operating altitude	Up to 10,000 ft. (3048 m)
Relative humidity operating	5% to 90% (noncondensing)
Relative humidity non-operating	5% to 90% (noncondensing)
Seismic	Designed to meet GR-63, Zone 4 earthquake requirements
Safety	cNRTL-UL60950-1 (Second Edition) C-UL to CAN/CSA 22.2 No.60950-1 (Second Edition) TUV/GS to EN 60950-1 (Second Edition) CB-IEC60950-1 (Second Edition with all country deviations) EN 60825-1 (Second Edition)
Electromagnetic Compatibility	FCC 47CFR Part 15 Class A EN 55022 Class A ICES-003 Class A VCCI Class A AS/NZS CISPR 32 Class A CISPR 22 Class A, CISPR 32 Class A EN 55024 EN 300386 CE
Environmental Compliance	Restriction of Hazardous Substances (ROHS) 6/6 ROHS 7a exemption for power supply components acceptable Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH) Waste Electronics and Electrical Equipment (WEEE)
IEEE Standards	IEEE 802.1AB: Link Layer Discovery Protocol (LLDP) IEEE 802.1ag: Connectivity Fault Management (CFM) IEEE 802.1ak: Multiple VLAN Registration Protocol (MVRP) IEEE 802.1D: Spanning Tree Protocol IEEE 802.1p: CoS prioritization IEEE 802.1Q: VLAN tagging IEEE 802.1Q-in-Q:

Domestic Shipping

All products from Gaia Consulting Services are shipped Monday through Friday via trusted carriers such as UPS, FedEx, or USPS. We are pleased to offer free delivery on all orders over $100 within the United States. Orders typically take 1-6 business days to arrive, depending on your location. For orders that do not qualify for free delivery, shipping rates are calculated based on factors such as the shipping carrier, method, package weight, and destination. Please note that additional surcharges may apply for shipments to Hawaii, Alaska, Puerto Rico, and APO/FPO addresses. While we strive to ship orders on the same day they are placed, any delays or cancellations will be promptly communicated to you.

International Shipping

Gaia Consulting Services also offers international shipping to customers worldwide. However, please be aware that we adhere to all international trade laws and regulations and do not ship to countries currently under embargo by the United States.

Shipping Carriers and Transit Times

For international shipments, we utilize reliable carriers such as UPS, FedEx, and DHL to ensure your orders arrive safely and on time. Transit times typically range between 7-15 business days, depending on the destination and chosen shipping method. Please note that customs clearance processes may cause delays, which are beyond our control.

Customs, Duties, and Taxes

Customers outside the United States are responsible for any customs duties, taxes, or additional fees imposed by their country's customs authorities. Gaia Consulting Services cannot predict or control these charges and advises customers to familiarize themselves with their country's import regulations before placing an order. Please note that these charges are not included in the item price or shipping costs.

Order Processing

We strive to process and ship orders quickly and efficiently. If any issues arise with your order, we will notify you promptly to keep you informed of its status.

Shipping Addresses

To ensure smooth delivery, please provide an accurate and complete shipping address during checkout. Gaia Consulting Services cannot be held liable for orders shipped to incorrect addresses due to customer error. If you need to modify your shipping address after placing an order, please contact us immediately. Please note that we may be unable to change the shipping address if your order has already been processed.