Software release | - Junos OS Release 6.0 and later
|
Description | - High-bandwidth encryption (in accordance with IPSec standards)
- Power requirement: 0.21 A @ 48 V (10 W)
- Support for IPSec encryption, decryption, and key calculation
acceleration
Note:
The ES PIC does not support reassembly and decryption
of encrypted packets that were fragmented in an IPSec tunnel. |
Hardware features | - Extends the existing security functionality to Internet
traffic at high-performance rates
- Throughput at 800 Mbps, half duplex
- 1000 IPSec tunnels or 2000 IPSec security association
(SA) pairs
- Supports MTUs of up to 3900 bytes
|
Software features | For a list of the software features available
for services PICs, see the Junos Services Interfaces Configuration Guide. - Support for IPv4
- Authentication hash algorithms: MD-5 and SHA-1
- Encryption algorithms: DES, 3-DES, and Null
- Automated key management using Diffie-Hellman key establishment
- Support for preshared key management
- Authentication Header and Encapsulating Security Payload
(ESP) independently or in bundle mode
- Tunnel mode IPSec encryption and decryption for data traffic
- Transport mode IPSec encryption and decryption for control
traffic
- Static and dynamic security associations (SA) supported
- SA lifetime configurable in seconds and kilobytes
|
LEDs | One tricolor: - Off—Not enabled
- Green—Online with no alarms or failures
- Yellow—Online with alarms for remote failures
- Red—Active with a local alarm; router has detected
a failure
|
Instrumentation (counters) | - Input and output bytes per tunnel
- Total authentication failures
- Total antireply failures
- Total encryption ASIC errors per PIC
|
