Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

SRX5600 Services Gateway System Overview

SRX5600 Services Gateway Description

The SRX5600 Services Gateway is a high-performance, highly scalable, carrier-class security device with multi-processor architecture.

The SRX5600 Services Gateway is 8 rack units (U) tall. Three of these devices can be stacked in a single floor-to-ceiling rack, for increased port density per unit of floor space.

The services gateway provides eight slots that you can populate with two Switch Control Boards (SCBs) and six other cards of the following types:

  • Services Processing Cards (SPCs) provide the processing capacity to run integrated services such as firewall, IPsec, and IDP.

  • Modular PIC Concentrators (MPCs) provide Ethernet interfaces that connect the services gateway to your network.

  • I/O cards (IOCs) provide Ethernet interfaces that connect the services gateway to your network.

  • Flex IOCs are similar to IOCs, but have slots for port modules that allow you greater flexibility in adding different types of Ethernet ports to your services gateway.

For detailed information about the cards supported by the services gateway, see the SRX5400, SRX5600, and SRX5800 Services Gateway Card Reference at www.juniper.net/documentation/.

Benefits of the SRX5600 Services Gateway

  • The next generation SPCs and IOCs on the SRX5600 Services Gateway support up to 570 IMIX Gbps firewall throughput, 180 million concurrent sessions, and 460 Gbps IPS.

    The ability to support unique security policies per zone and ability to scale with the growth of the network infrastructure, makes the SRX5600 an ideal deployment for consolidation of services in large enterprise, service provider, or mobile operator environments.

  • IPS Capabilities - Juniper Networks IPS capabilities offer several unique features such as Protocol decodes, Zero-day protection, Active/active traffic monitoring, and packet capture logging per rule assure the highest level of network security.

  • Content Security UTM Capabilities - The UTM services offered on the SRX5000 line of Services Gateways include industry-leading antivirus, antispam, content filtering, and additional content security services.

    The UTM services provide sophisticated protection from:

    • Antivirus experts against malware attacks that can lead to data breaches and lost productivity.

    • Advanced persistent threats perpetrated through social networking attacks and the latest phishing scams with sophisticated e-mail filtering and content blockers.

    • Lost productivity and the impact of malicious URLs and extraneous or malicious content on the network to help maintain bandwidth.

  • Advanced Threat Prevention (ATP) - Juniper Sky ATP, a SaaS-based service, and the Juniper ATP Appliance, an on-premises solution:

    • Protects enterprise users from a spectrum of advanced malware that exploits “zero-day” vulnerabilities.

    • Proactively blocks malware communication channels.

    • The Juniper ATP Appliance includes support for cloud-based e-mail services such as Office 365 and Google Mail, and detects threats in SMB traffic.

    • Single pane-of-glass management with Security Director and JSA Series integration.

SRX5600 Services Gateway FRUs

Field-replaceable units (FRUs) are services gateway components that can be replaced at the customer site. The services gateway uses the following types of FRUs:

Table 1 lists the FRUs of the services gateway and the action to perform to install, remove, or replace an FRU.

Table 1: Field-Replaceable Units

Field-Replaceable Units (FRUs)

Action

Air filter

You need not power off the services gateway to install, remove, or replace any of these FRUs.

Fan tray

Craft interface

AC and DC power supplies (if redundant)

SFP and XFP transceivers

IOCs

Power off the services gateway to install, remove, or replace any of these FRUs.

Flex IOCs

Port modules of the Flex IOCs

Routing Engine

SCBs

SPCs

MPCs

MICs

SRX5600 Services Gateway Component Redundancy

The following major hardware components are redundant:

  • SCBs—The host subsystem consists of a Routing Engine installed in an SCB. The device must have one host subsystem installed. You can install a second SCB for redundancy. If a second SCB is installed, the host subsystem SCB functions as the primary and the other functions as the backup. If the SCB of the host subsystem fails, the other SCB takes over as the primary.

  • Power supplies—In the low-line (110 V) AC power configuration, the device contains three or four AC power supplies, located horizontally at the rear of the chassis in slots PEM0 through PEM3 (left to right). Each AC power supply provides power to all components in the device. When three power supplies are present, they share power almost equally within a fully populated system. Four AC power supplies provide full power redundancy. If one power supply fails or is removed, the remaining power supplies instantly assume the entire electrical load without interruption. Three power supplies provide the maximum configuration with full power for as long as the device is operational.

    In the high-line (220 V) AC power configuration, the device contains two or four AC power supplies located horizontally at the rear of the chassis in slots PEM0 through PEM3 (left to right). Each AC power supply provides power to all components in the device. When two or more power supplies are present, they share power almost equally within a fully populated system. Four AC power supplies provide full power redundancy. If one power supply fails or is removed, the remaining power supplies instantly assume the entire electrical load without interruption. Two power supplies provide the maximum configuration with full power for as long as the device is operational.

    In the DC configuration, two power supplies are required to supply power to a fully configured device. One power supply supports approximately half of the components in the device, and the other power supply supports the remaining components. The addition of two power supplies provides full power redundancy. If one power supply fails or is removed, the remaining power supplies instantly assume the entire electrical load without interruption. Two power supplies provide the maximum configuration with full power for as long as the device is operational.

  • Cooling system—The cooling system has redundant components, which are controlled by the host subsystem. If one of the fans fails, the host subsystem increases the speed of the remaining fans to provide sufficient cooling for the services gateway indefinitely.