JUNIPER SRX320-SYS-JB-P FIREWALL
$1,189
$2,542
Description
Juniper SRX300 line of services gateways delivers next-generation security, networking, and SD-WAN solution that helps you support the changing needs of your cloud-enabled enterprise network. Whether you're rolling out new services and applications across multiple locations, connecting to the cloud, or improving operational efficiency, SRX300 Services Gateways provides scalable, secure, and easy-to-manage connectivity.
Properties
Properties | Juniper SRX320-SYS-JB-P |
Description | SRX320 Firewalls includes hardware (8GbE, 6-port POE+, 2x MPIM slots, 4G RAM, 8G Flash, power adapter and cable) and Junos Software Base (firewall, NAT, IPSec, routing, MPLS and switching). RMK not included. |
Product Family | SRX300 Series |
Product Type | Security Firewall |
Connectivity Specification | |
Total onboard ports | 8x1GbE |
Onboard RJ-45 ports | 6x1GbE |
Onboard small form-factor pluggable (SFP) transceiver ports | 2x1GbE |
MACsec-capable ports | 2x1GbE |
Out-of-band (OOB) management ports | 0 |
Mini PIM (WAN) slots | 2 |
Console (RJ-45 + miniUSB) | 1 |
USB 3.0 ports (type A) | 1 |
PoE+ ports | 6 |
Includes | Junos Software Base (firewall, NAT, IPSec, routing, MPLS and switching) |
Form factor | Desktop |
Dimensions (WxHxD) | 11.81 x 1.73 x 7.52 in. (29.99 x 4.39 x 19.10 cm) |
Weight (device and PSU) | 3.4 lb (1.55 kb) |
Power | |
Power supply | AC (external) |
Redundant PSU | No |
Rated DC voltage range | N/A |
Rated DC operating voltage range | N/A |
Maximum PoE power | 180 W |
Average power consumption | 221 W |
Average heat dissipation | 755 BTU/h |
Maximum current consumption | 2.755 A |
Airflow/cooling | Front to back |
Acoustic noise level | 40 Dba |
Specifications
Specifications | SRX320-SYS-JB-P |
System memory (RAM) | 4 GB |
Storage | 8 GB |
SSD slots | 0 |
Firewall performance (max) | 1 Gbps |
IPS performance | 100 Mbps |
AES256+SHA-1 / 3DES+SHA-1 VPN performance | 250 Mbps |
New sessions/second (sustained, TCP, 3-way) | 5000 |
Routing with packet mode (64 B packet size) in Kpps | 300 |
Routing with packet mode (IMIX packet size) in Mbps | 800 |
Routing with packet mode (1,518 B packet size in Mbps | 1,500 |
Stateful firewall (64 B packet size) in Kpps | 200 |
Stateful firewall (IMIX packet size) in Mbps | 600 |
Stateful firewall (1,518 B packet size) in Mbps | 1,900 |
IPsec VPN (IMIX packet size) in Mbps | 116 |
IPsec VPN (1,400 B packet size) in Mbps | 336 |
Application visibility and control in Mbps | 500 |
Recommended IPS in Mbps | 200 |
Next-generation firewall in Mbps | 226 |
Secure Web Access firewall in Mbps | 171 |
Route table size (RIB/FIB) (IPv4 or IPv6) | 256,000/256,000 |
Maximum concurrent sessions (IPv4 or IPv6) | 64,000 |
Maximum security policies | 1,000 |
Connections per second | 5,000 |
NAT rules | 1,000 |
MAC table size | 15,000 |
IPsec VPN tunnels | 256 |
Number of remote access/SSL VPN (concurrent) users | 50 |
GRE tunnels | 256 |
Maximum number of security zones | 16 |
Maximum number of virtual routers | 32 |
Maximum number of VLANs | 1,000 |
AppID sessions | 16,000 |
IPS sessions | 16,000 |
URLF sessions | 16,000 |
WAN and Wi-Fi Interface Support | |
1 port T1/E1 MPIM (SRX-MP-1T1E1-R) | Yes |
1 port VDSL2 Annex A/M MPIM (SRX-MP-1VDSL2-R) | Yes |
4G / LTE MPIM (SRX-MP-LTE-AA and SRX-MP-LTE-AE) | Yes |
802.11ac Wave 2 Wi-Fi MPIM | Yes |
WAN and Wi-Fi Interface Module Performance Data | |
4G/LTE: Dual SIM 4G/LTE-A CAT 6 | Up to 300 Mbps download and 50 Mbps upload |
Wi-Fi MPIM: Dual band 802.11 a/b/g/n/ac Wave 2 (2x2 MIMO) | Up to 866 Mbps at 5GHz / 300 Mbps at 2.4GHz |
Software Specifications | |
Routing Protocols | IPv4, IPv6, ISO, Connectionless Network Service (CLNS) Static routes RIP v1/v2 OSPF/OSPF v3 BGP with Route Reflector IS-IS Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF) Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE) Virtual routers Policy-based routing, source-based routing Equal-cost multipath (ECMP) |
QoS Features | Support for 802.1p, DiffServ code point (DSCP), EXP Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters Marking, policing, and shaping Classification and scheduling Weighted random early detection (WRED) Guaranteed and maximum bandwidth Ingress traffic policing Virtual channels Hierarchical shaping and policing |
Switching Features | ASIC-based Layer 2 Forwarding MAC address learning VLAN addressing and integrated routing and bridging (IRB) support Link aggregation and LACP LLDP and LLDP-MED STP, RSTP, MSTP MVRP 802.1X authentication |
Firewall Services | Stateful and stateless firewall Zone-based firewall Screens and distributed denial of service (DDoS) protection Protection from protocol and traffic anomaly Integration with Pulse Unified Access Control (UAC) Integration with Aruba Clear Pass Policy Manager User role-based firewall SSL Inspection (Forward-proxy) |
Network Address Translation (NAT) | Source NAT with Port Address Translation (PAT) Bidirectional 1:1 static NAT Destination NAT with PAT Persistent NAT IPv6 address translation |
VPN Features | Tunnels: Site-to-Site, Hub and Spoke, Dynamic Endpoint, AutoVPN, ADVPN, Group VPN (IPv4/ IPv6/ Dual Stack) Juniper Secure Connect: Remote access / SSL VPN Configuration payload: Yes IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384 Authentication: Pre-shared key and public key infrastructure (PKI) (X.509) IPsec (Internet Protocol Security): Authentication Header (AH) / Encapsulating Security Payload (ESP) protocol IPsec Authentication Algorithms: hmac-md5, hmac-sha-196, hmac-sha-256 IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB Perfect forward secrecy, anti-reply Internet Key Exchange: IKEv1, IKEv2 Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring VPNs GRE, IP-in-IP, and MPLS |
Network Services | Dynamic Host Configuration Protocol (DHCP) client/server/relay Domain Name System (DNS) proxy, dynamic DNS (DDNS) Juniper real-time performance monitoring (RPM) and IP-monitoring Juniper flow monitoring (J-Flow)1 Bidirectional Forwarding Detection (BFD) Two-Way Active Measurement Protocol (TWAMP) IEEE 802.3ah Link Fault Management (LFM) IEEE 802.1ag Connectivity Fault Management (CFM) |
High Availability Features | Virtual Router Redundancy Protocol (VRRP) Stateful high availability Dual box clustering Active/passive Active/active Configuration synchronization Firewall session synchronization Device/link detection In-Band Cluster Upgrade (ICU) Dial on-demand backup interfaces IP monitoring with route and interface failover |
Management, Automation, Logging, and Reporting | SSH, Telnet, SNMP Smart image download Juniper CLI and Web UI Mist AI: -Simplified management -WAN Assurance Junos Space and Security Director Python Junos OS event, commit, and OP script Application and bandwidth usage reporting Auto installation Debug and troubleshooting tools Zero-Touch Provisioning with Contrail Service Orchestration |
Advanced Routing Services | Packet mode MPLS (RSVP, LDP) Circuit cross-connect (CCC), translational cross-connect (TCC) L2/L3 MPLS VPN, pseudowires Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN) MPLS traffic engineering and MPLS fast reroute |
Application Security Services | Application visibility and control Application-based firewall Application QoS Application-based advanced policy-based routing Application quality of experience (AppQoE) |
Enhanced SD-WAN Services | Application-based advanced policy-based routing (APBR) Application-based link monitoring and switchover with Application quality of experience (AppQoE) |
Threat Defense and Intelligence Services | Intrusion prevention Antivirus Antispam Category/reputation-based URL filtering Protection from botnets (command and control) Adaptive enforcement based on GeoIP Juniper Advanced Threat Prevention to detect and block zero-day attacks Adaptive Threat Profiling Encrypted Traffic Insights SecIntel to provide threat intelligence |
Operating temperature | 32° to 104° F (0° to 40° C) |
Storage temperature | -4° to 158° F (-20° to 70° C) |
Relative humidity operating | 10% to 90% (noncondensing) |
Relative humidity non-operating | 5% to 95% (noncondensing) |
Meantime between failures (MTBF) | 26 years |
FCC classification | Class A |
RoHS compliance | RoHS 2 |
FIPS 140-2 | Level 1 (Junos 15.1X49-D60) |
Common Criteria certification | NDPP, VPNEP, FWEP, IPSEP (based on Junos 15.1X49-D60) |
Accessories
Accessories | |
SRX320-P-RMK1 | SRX320-POE rack mount kit without adaptor tray |
SRX320-P-RMK0 | SRX320-POE rack mount kit with adaptor tray |
Software Licenses | |
S-SRX320-A1-1 | SRX320 Advanced 1 - JSE/SD-WAN, includes SD-WAN features App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack) and IPS; 1-year subscription (example: S-SRX380-A1-1) |
S-SRX320-A1-3 | SRX320 Advanced 1 - JSE/SD-WAN, includes SD-WAN features App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack) and IPS; 3-year subscription (example: S-SRX380-A1-3) |
S-SRX320-A1-5 | SRX320 Advanced 1 - JSE/SD-WAN, includes SD-WAN features App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack) and IPS; 5-year subscription (example: S-SRX380-A1-5] |
S-SRX320-P1-1 | SRX320 Premium 1, includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Juniper ATP; 1-year subscription (example: S-SRX380-P1-1) |
S-SRX320-P1-3 | SRX320 Premium 1, includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Juniper ATP; 3-year subscription (example: S-SRX380-P1-3) |
S-SRX320-P1-5 | SRX320 Premium 1, includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Juniper ATP; 5-year subscription (example:S-SRX380-P1-5) |
S-SRX320-A2-1 | SRX320 Advanced 2, includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Content Security (UTM, Cloud AV, URLF and AS); 1-year subscription (example: S-SRX380-A2-1) |
S-SRX320-A2-3 | SRX320 Advanced 2, includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Content Security (UTM, Cloud AV, URLF and AS); 3-year subscription (example: S-SRX380-A2-3) |
S-SRX320-A2-5 | SRX320 Advanced 2, includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Content Security (UTM, Cloud AV, URLF and AS); 5-year subscription (example: S-SRX380-A2-5) |