JUNIPER SRX1500-SYS-JB-AC FIREWALL
Description
Juniper SRX1500-SYS-JB-AC Firewall
The Juniper SRX1500 is an advanced next-generation firewall and security services gateway designed to safeguard vital networks in campus settings, regional headquarters, and sizable branch offices. This device offers comprehensive SD-WAN functionality to enterprises and service providers, featuring Zero-Touch Provisioning (ZTP) for streamlining branch network connectivity during setup and maintenance processes. It is capable of providing firewall performance of up to 9.2 Gbps, intrusion prevention of 3.3 Gbps, and IPsec VPN of 4.5 Gbps in scenarios such as enterprise campus, regional headquarters, and large branch deployments.
Quick Specs:
- 100GB SSD
- Total Onboard Ports: 16x 1GbE and 4x10 GbE
- Virtual Router Redundancy Protocol (VRRP)
- Primary boot storage (mSATA): 16GB
Please see the related tabs for the SRX1500-SYS-JB-AC datasheet and compatible accessories.
Properties
Properties | Juniper SRX1500-SYS-JB-AC |
Description | SRX1500 Services Gateway includes hardware (16GbE, 4x10GbE, 16G RAM, 16G Flash, 100G SSD, AC PSU, cable and RMK) and Junos Software Base (firewall, NAT, IPSec, routing, MPLS and switching) |
Product Family | SRX1500 Series |
Product Type | Security Firewall |
Connectivity Specification | |
Total onboard ports | 16x1GbE and 4x10GbE |
Onboard RJ-45 ports | 12x1GbE |
Onboard small form-factor pluggable (SFP) transceiver ports | 4x1GbE |
MACsec-capable ports | 2x1GbE |
Onboard SFP+ ports | 4x10GbE |
Out-of-band (OOB) management ports | 1x1GbE |
Dedicated high availability (HA) ports | 1x1GbE (SFP) |
PIM slots | 2 |
Console (RJ-45 + miniUSB) | 1 |
USB 2.0 ports (type A) | 1 |
Form factor | 1 U |
Dimensions (WxHxD) | 17.28 x 1.75 x 18.2 in (43.9 x 4.44 x 46.22 cm) |
Weight (device and PSU) | 16.1 lb (7.30 kg) |
Power | |
Power supply | AC (external) |
Redundant PSU | 1+1 |
Average power consumption | 150 W |
Average heat dissipation | 512 BTU / hour |
Maximum current consumption | 2.5A (for AC PSU) |
Maximum inrush current | 50A by 1 AC cycle |
Airflow/cooling | Front to back |
Acoustic noise level | 66.5dBA |
Specifications
Specifications | SRX1500-SYS-JB-AC |
System memory (RAM) | 16 GB |
Primary boot storage (mSATA) | 16 GB |
Secondary storage (SSD) | 100 GB |
Routing/firewall (IMIX packet size) Gbps | 4.8 |
Routing/firewall (1,518 B packet size) Gbps | 9.2 |
IPsec VPN (IMIX packet size) Gbps | 1.3 |
IPsec VPN (1400 B packet size) in Gbps | 4.5 |
Application visibility and control in Gbps | 7.9 |
Recommended IPS in Gbps | 3.3 |
Next-generation firewall in Gbps | 2.1 |
Secure Web Access firewall in Gbps | 1.6 |
Route table size (RIB/FIB) (IPv4) | 2 million / 1 million |
Maximum concurrent sessions (IPv4 or IPv6) | 2,000,000 |
Maximum security policies | 16,000 |
Connections per second | 90,000 |
NAT rules | 8,000 |
Media access control (MAC) table size | 64,000 (standalone mode) |
IPsec VPN tunnels | 2,000 |
Number of remote access/SSL VPN (concurrent) users | 2,000 |
GRE tunnels | 2,048 |
Maximum security zones | 512 |
Maximum virtual router | 512 |
Maximum VLANs | 3,900 |
Software Specifications | |
Routing Protocols | IPv4, IPv6 Static routes RIP v1/v2 OSPF/OSPF v3 BGP with Route Reflector IS-IS Multicast: Internet Group Management Protocol (IGMP) v1/v2; Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM); Session Description Protocol (SDP); Distance Vector Multicast Routing Protocol (DVMRP); Multicast Source Discovery Protocol (MSDP); Reverse Path Forwarding (RPF) Encapsulation: VLAN, Point-to-Point Protocol over Ethernet (PPPoE) Virtual routers Policy-based routing, source-based routing Equal-cost multipath (ECMP) |
QoS Features | Support for 802.1p, DiffServ code point (DSCP), EXP Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters Marking, policing, and shaping Classification and scheduling Weighted random early detection (WRED) Guaranteed and maximum bandwidth Ingress traffic policing Virtual channels Hierarchical shaping and policing |
Switching Features | ASIC-based Layer 2 forwarding MAC address learning VLAN addressing and integrated routing and bridging (IRB) support Link aggregation and LACP LLDP and LLDP-MED STP, RSTP, MSTP MVRP 802.1X authentication |
Firewall Services | Stateful and stateless firewall Zone-based firewall Screens and distributed denial of service (DDoS) protection Protection from protocol and traffic anomalies Integration with Pulse Unified Access Control (UAC) Integration with Aruba Clear Pass Policy Manager User role-based firewall SSL Inspection |
Network Address Translation (NAT) | Source NAT with Port Address Translation (PAT) Bidirectional 1:1 static NAT Destination NAT with PAT Persistent NAT IPv6 address translation |
VPN Features | Tunnels: Site-to-Site, Hub and Spoke, Dynamic Endpoint, AutoVPN, ADVPN, Group VPN (IPv4/IPv6/Dual Stack) Juniper Secure Connect: Remote access/SSL VPN Configuration payload: Yes IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384 Authentication: Pre-shared key and public key infrastructure (PKI) (X.509) IPsec (Internet Protocol Security): Authentication Header (AH)/Encapsulating Security Payload (ESP) protocol IPsec Authentication Algorithms: hmac-md5, hmac-sha-196 IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB Perfect forward secrecy, anti-reply Internet Key Exchange: IKEv1, IKEv2 Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring VPNs GRE, IP-in-IP, and MPLS |
Network Services | Dynamic Host Configuration Protocol (DHCP) client/server/relay Domain Name System (DNS) proxy, dynamic DNS (DDNS) Juniper real-time performance monitoring (RPM) and IP monitoring Juniper flow monitoring (J-Flow) Bidirectional Forwarding Detection (BFD) Two-Way Active Measurement Protocol (TWAMP) IEEE 802.3ah Link Fault Management (LFM) IEEE 802.1ag Connectivity Fault Management (CFM) |
High Availability Features | Virtual Router Redundancy Protocol (VRRP) Stateful high availability -Dual box clustering -Active/passive -Active/active -Configuration synchronization -Firewall session synchronization -Device/link detection -In-Service Software Upgrade (ISSU) IP monitoring with route and interface failover |
Management, Automation, Logging, and Reporting | Management, Automation, Logging, and Reporting SSH, Telnet, SNMP Smart image download Juniper CLI and Web UI Juniper Networks Junos Space and Security Director Python Junos OS event, commit and OP scripts Application and bandwidth usage reporting Auto installation Debug and troubleshooting tools |
Advanced Routing Services | Packet mode MPLS (RSVP, LDP) Circuit cross-connect (CCC), translational cross-connect (TCC) L2/L2 MPLS VPN, pseudo-wires Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN) MPLS traffic engineering and MPLS fast reroute |
Application Security Services | Application visibility and control Application-based firewall Application QoS Advanced/application policy-based routing (APBR) Application Quality of Experience (AppQoE) Application-based multipath routing |
Threat Defense and Intelligence Services | Intrusion prevention Antivirus Antispam Category/reputation-based URL filtering Protection from botnets (command and control) Adaptive enforcement based on GeoIP Juniper Advanced Threat Prevention, a cloud-based SaaS offering, to detect and block zero-day attacks Juniper ATP Appliance, a distributed, on-premises advanced threat prevention solution to detect and block zero-day attacks Adaptive Threat Profiling Encrypted Traffic Insights SecIntel to provide threat intelligence |
Operating temperature | 32° to 104° F (0° to 40° C) |
Storage temperature | -4° to 158° F (-20° to 70° C) |
Relative humidity operating | 10% to 90% (noncondensing) |
Relative humidity non-operating | 5% to 95% (noncondensing) |
Meantime between failures (MTBF) | 9.78 years (85,787 hours) |
FCC classification | Class A |
RoHS compliance | RoHS 2 |
FIPS 140-2 |
Level 2 (Junos 19.2)
|
Accessories
Transceivers | |
EX-SFP-1FE-FX | Small Form Factor Pluggable 100Base-FX Fast Ethernet Optics |
EX-SFP-1FE-LX | SFP 100BASE-LX, LC connector, 1310nm, 10km Reach on Single Mode Fiber |
CTP-SFP-1GE-LX | Small Form Factor Pluggable 1000Base-LX Gigabit Ethernet Optic Module, CTP1000 |
CTP-SFP-1GE-SX | Small Form Factor Pluggable 1000Base-SX Gigabit Ethernet Optic Module, CTP1000 |
CTP-SFP-1GE-T | Small Form Factor Pluggable 1000Base-T Gigabit Ethernet Module (uses Cat 5 cable) |
EX-SFP-1GE-LH | Small Form Factor Pluggable 1000Base-LH Gigabit Ethernet Optics |
EX-SFP-1GE-LX | Small Form Factor Pluggable 1000Base-LX Gigabit Ethernet Optics |
EX-SFP-1GE-SX | Small Form Factor Pluggable 1000Base-SX Gigabit Ethernet Optics |
EX-SFP-1GE-SX-ET | SFP, 1000Base-SX Gigabit Ethernet, Extended Temperature Range Optics |
EX-SFP-1GE-T | Small Form Factor Pluggable 10/100/1000 Copper Transceiver Module |
QFX-SFP-1GE-LX | SFP 1000Base-LX Gigabit Ethernet Optics, 1310nm for 10km transmission on SMF |
QFX-SFP-1GE-SX | SFP 1000Base-SX Gigabit Ethernet Optics, 850nm for upto 550m transmission on MMF |
QFX-SFP-1GE-T | SFP 1000Base-T Copper Transceiver Module for up to 100m transmission |
SFP-1G-LH-C | SFP, 1G, SMF 70km, Industrial Temperature (-40 through 85 DegC), Duplex LC connector |
SFP-1G-LX-C | SFP, 1G, SMF 10km and MMF 550m, Extended Temperature (-5 through 70 DegC), Duplex LC connector |
SFP-1G-SX-C | SFP, 1G, FDDI 220m and OM1 275m/OM2 MMF 550m, Extended Temperature (-10 through 85 DegC), Duplex LC connector |
SFP-1G-T-C | Small Form Factor Pluggable 1000Base-T Gigabit Ethernet Module (uses Cat 5 cable) |
SRX-SFP-1GE-LH | Small Form Factor Pluggable 1000Base-LH Gigabit Ethernet Optic Module |
SRX-SFP-1GE-LH-ET | Small Form Factor Pluggable 1000Base-LH Gigabit Ethernet Optic Module - Extended temperature |
SRX-SFP-1GE-LX | Small Form Factor Pluggable 1000Base-LX Gigabit Ethernet Optic Module |
SRX-SFP-1GE-LX-ET | Small Form Factor Pluggable 1000Base-LX Gigabit Ethernet Optic Module - Extended temperature |
SRX-SFP-1GE-SX | Small Form Factor Pluggable 1000Base-SX Gigabit Ethernet Optic Module |
SRX-SFP-1GE-SX-ET | Small Form Factor Pluggable 1000Base-SX Gigabit Ethernet Optic Module - Extended temperature |
SRX-SFP-1GE-T | Small Form Factor Pluggable 1000Base-T Gigabit Ethernet Module |
SRX-SFP-1GE-T-ET | Small Form Factor Pluggable 1000Base-T Gigabit Ethernet Module - Extended temperature |
EX-SFP-10GE-DAC-1M | SFP+ 10 Gigabit Ethernet Direct Attach Copper (Twinax Copper Cable), 1M |
EX-SFP-10GE-DAC-3M | SFP+ 10 Gigabit Ethernet Direct Attach Copper (Twinax Copper Cable), 3M |
EX-SFP-10GE-ER | SFP+ 10GBase-ER 10 Gigabit Ethernet Optics Module, 1550nm for 40Km Transmission |
EX-SFP-10GE-LR | Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+) LR Optics |
EX-SFP-10GE-LRM | Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+) LRM Optics |
EX-SFP-10GE-SR | Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+) SR Optics |
QFX-SFP-10GE-ER | SFP+ 10GBase-ER 10 Gigabit Ethernet Optics, 1550nm for 40km transmission on SMF |
QFX-SFP-10GE-LR | SFP+ 10GBase-LR 10 Gigabit Ethernet Optics, 1310nm for 10km transmission on SMF |
QFX-SFP-10GE-SR | SFP+ 10GBase-SR 10 Gigabit Ethernet Optics, 850nm for up to 300m transmission on MMF |
QFX-SFP-DAC-1M | SFP+ 10 Gigabit Ethernet Direct Attach Copper (twinax copper cable) 1m |
QFX-SFP-DAC-3M | SFP+ 10 Gigabit Ethernet Direct Attach Copper (twinax copper cable) 3m |
SFP-10G-LRM-C | Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+) LRM Optics |
SFPP-10G-LRT2-C | SFP+, 10G-LR Transceiver type 2 |
SFPP-10G-SR-C | SFP+, 10G-SR Transceiver |
SFPP-10GE-LRM | 10 Gigabit Ethernet Long Reach Multimode (LRM) SFP+ |
SRX-SFP-10GE-DAC-1M | SFP+ 10 Gigabit Ethernet Direct Attach Copper (Twinax Copper Cable), 1M |
SRX-SFP-10GE-DAC-3M | SFP+ 10 Gigabit Ethernet Direct Attach Copper (Twinax Copper Cable), 3M |
SRX-SFP-10GE-ER | SFP+ 10GBase-ER 10 Gigabit Ethernet Optics Module, 1550nm for 40Km transmission |
SRX-SFP-10GE-LR | Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+) LR Optics |
SRX-SFP-10GE-LRM | Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+) LRM Optics |
SRX-SFP-10GE-SR | Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+) SR Optics |