Junos 10.2
120 Gbps
30 Gbps
30 Gbps
10 Million
350,000
80,000
Unrestricted
11
N/A
N/A
N/A
- 40 x 1 Gigabit Ethernet SFP
- 4 x 10 Gigabit Ethernet (short reach (SR) or long reach (LR))
- 16 x 10/100/1000 Ethernet FlexIOC
- 4 x 10 Gigabit Ethernet (SR or LR) FlexIOC
- Active/Passive, Active/Active
- Low impact chassis cluster
- Interface aggregation groups across chassis cluster
- Application Identification: yes
- Application Denial of Service Protection (AppDoS): yes
- AppTrack: yes
- Network attack detection: Yes
- DoS and DDoS protection: Yes
- TCP reassembly for fragmented packet protection: Yes
- Brute force attack mitigation: Yes
- SYN cookie protection: Yes
- Zone-based IP spoofing: Yes
- Malformed packet protection: Yes
- GPRS stateful inspection: Yes
- Stateful protocol signatures: Yes
- Attack detection mechanisms: Stateful signatures, protocol anomaly detection (zero-day coverage), application identification
- Attack response mechanisms: Drop connection, close connection, session packet log, session summary, email, custom session
- Attack notification mechanisms: Structured syslog
- Worm protection: Yes
- SSL encrypted traffic inspection: Yes
- Simplified installation through recommended policies: Yes
- Trojan protection: Yes
- Spyware/adware/keylogger protection: Yes
- Other malware protection: Yes
- Protection against attack proliferation from infected systems: Yes
- Reconnaissance protection: Yes
- Request and response side attack protection: Yes
- Compound attacks — combines stateful signatures and protocol anomalies: Yes
- Create custom attack signatures: Yes
- Access contexts for customization: 500+
- Attack editing (port range, other): Yes
- Stream signatures: Yes
- Protocol thresholds: Yes
- Stateful protocol signatures: Yes
- Approximate number of attacks covered: 6,000+
- Detailed threat descriptions and remediation/patch info: Yes
- Create and enforce appropriate application-usage policies: Yes
- Attacker and target audit trail and reporting: Yes
- Deployment modes: Inline or TAP
- Dimensions (W x H x D): 17.5 x 27.8 x 23.5 in (44.5 x 70.5 x 59.7 cm)
- Weight: Chassis: Fully Configured: 334 lb / 151.6 kg
- Power supply (AC): 200 to 240 V AC
- Power supply (DC): -40 to -60 V DC
- Maximum power draw: 5,100 W
Switch Fabric and Control Board (SCB)
At the heart of the Dynamic Services Architecture is the switch fabric and control board (SCB). The SCB transforms the chassis from a simple module enclosure into a highly effective mesh network. The purpose of the SCB is to allow all modules in the chassis to send traffic at extremely high bandwidth.
The Route Engine (RE)
The routing engine (RE) is tightly coupled with the functionality of the SCB and can be considered the central nervous system of the architecture. The RE is the control plane of the chassis, and provides overall management and communications to and from system administrators, as well as calculating route tables for routing network traffic.
Services Processing Card (SPC)
If the RE is the central nervous system of the chassis, the Service Processing Card (SPC), is the brain.SPCs are blades that provide the capacity to perform the heavy lifting of processing network packets.The chassis must have at least one SPC to operate.
The true elegance of this design is realized when more than one SPC is installed.Rather than the chassis now having two or more “brains,” as in traditional network architecture, the addition of a new SPC essentially results in a larger system that can perform many more tasks at a given time.
Input/Output Cards (IOC)
The chassis slots in the Dynamic Services Architecture are unique in that they are card-agnostic, allowing administrators to configure the architecture for their specific needs up to the limits of the chassis itself.For example, an organization that requires more processing capability, such as a military installation, may include more SPCs and fewer Input/Output cards (IOCs).An Internet service provider, on the other hand, may choose to provide a great deal of I/O for its customer traffic, while needing less raw processing power. As business requirements change, administrators may easily add IOCs and SPCs to reconfigure the architecture as needed.
Based on this agnostic slot design, the IOC can therefore scale independently — the chassis may be equipped with as many IOCs as there are available slots (with at least one slot for the SPC).The dynamic nature of the architecture then automatically maps each session to a SPC in real time as new sessions are received to be processed.
SRX5600 and SRX5800 Services Gateways
549 KB (한글) ]
| Model Number | Description |
|---|---|
| SRX5800BASE-AC | AC SRX 5800 chassis, includes RE, 2xSCB, 3 AC power supplies |
| SRX5800BASE-DC | DC SRX 5800 chassis, includes RE, 2xSCB, 2 DC power supplies |
| SRX 5000 Components | |
| SRX5K-SCB | SCB SRX 5000 Switch Control Board |
| SRX5K-RE-13-20 | SRX 5000 Routing Engine, 1.3 Ghz, 2 GB DRAM |
| SRX5K-SPC-2-10-40 | SRX 5000 Service Processing Card |
| SRX5K-4XGE-XFP | 4x10 Gigabit XFP Ethernet I/O Card for SRX 5000, no transceivers |
| SRX5K-40GE-SFP | 40x1 Gigabit SFP Ethernet I/O Card for SRX 5000, no transceivers |
| SRX5K-FPC-IOC | SRX5000 Flex IOC. Supports 2 pluggable port modules |
| SRX-IOC-16GE-TX | SRX5000 Flex IOC 16 port 10/100/1000 Ethernet module |
| SRX-IOC-4XGE-XFP | SRX5000 Flex IOC 4x10 Gigabit XFP Ethernet module, no transceivers |
| Transceivers | |
| SRX-SFP-1GE-LX | Small form-factor pluggable 1000BASE-LX Gigabit Ethernet Optic Module |
| SRX-SFP-1GE-SX | Small form-factor pluggable 1000BASE-SX Gigabit Ethernet Optic Module |
| SRX-SFP-1GE-T | Small form-factor pluggable 1000BASE-T Gigabit Ethernet Module (uses Cat 5 cable |
| SRX-XFP-10G-L-OC192-SR1 | Dual Rate 10-gigabit pluggable transceiver for 10 Gigabit Ethernet and OC192, 1210 nm for 10 Km transmission |
| SRX-XFP-10G-S | 10 Gigabit Ethernet pluggable transceiver, 850 nm for 300 m transmission |
