Mô tả
Thiết bị tường lửa Firewall JUNIPER SRX340-TAA
– SRX340 Services Gateway with 4G RAM, 8G eUSB, 16x1GE (16x SFP) on-board ports & internal PSU. TAA compliant.
Thông số, tính năng kỹ thuật
Routing Protocols
– IPv4, IPv6, ISO, Connectionless Network Service (CLNS)
– Static routes
– RIP v1/v2
– OSPF/OSPF v3
– BGP with Route Reflector
– IS-IS
– Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF)
– Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE)
– Virtual routers
– Policy-based routing, source-based routing
– Equal-cost multipath (ECMP)
QoS Features
– Support for 802.1p, DiffServ code point (DSCP), EXP
– Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters
– Marking, policing, and shaping
– Classification and scheduling
– Weighted random early detection (WRED)
– Guaranteed and maximum bandwidth
– Ingress traffic policing
– Virtual channels
– Hierarchical shaping and policing
Switching Features
– ASIC-based Layer 2 Forwarding
– MAC address learning
– VLAN addressing and integrated routing and bridging (IRB) support
– Link aggregation and LACP
– LLDP and LLDP-MED
– STP, RSTP, MSTP
– MVRP
– 802.1X authentication
Firewall Services
– Stateful and stateless firewall
– Zone-based firewall
– Screens and distributed denial of service (DDoS) protection
– Protection from protocol and traffic anomaly
– Integration with Pulse Unified Access Control (UAC)
– Integration with Aruba Clear Pass Policy Manager
– User role-based firewall
– SSL Inspection (Forward-proxy)
Network Address Translation (NAT)
– Source NAT with Port Address Translation (PAT)
– Bidirectional 1:1 static NAT
– Destination NAT with PAT
– Persistent NAT
– IPv6 address translation
VPN Features
– Tunnels: Generic routing encapsulation (GRE)3, IP-IP3, IPsec
– Juniper Secure Connect: Remote access / SSL VPN
– Configuration payload: Yes
– IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
– IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384
– Authentication: Pre-shared key and public key infrastructure (PKI) (X.509)
– IPsec (Internet Protocol Security): Authentication Header (AH) / Encapsulating Security Payload (ESP) protocol
– IPsec Authentication Algorithms: hmac-md5, hmac-sha-196, hmac-sha-256
– IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
– Perfect forward secrecy, anti-reply
– Internet Key Exchange: IKEv1, IKEv2
– Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring
– VPNs GRE, IP-in-IP, and MPLS
Network Services
– Dynamic Host Configuration Protocol (DHCP) client/server/relay
– Domain Name System (DNS) proxy, dynamic DNS (DDNS)
– Juniper real-time performance monitoring (RPM) and IP-monitoring
– Juniper flow monitoring (J-Flow)
– Bidirectional Forwarding Detection (BFD)
– Two-Way Active Measurement Protocol (TWAMP)
– IEEE 802.3ah Link Fault Management (LFM)
– IEEE 802.1ag Connectivity Fault Management (CFM)
– High Availability Features
– Virtual Router Redundancy Protocol (VRRP)10
– Stateful high availability
– Dual box clustering
– Active/passive
– Active/active
– Configuration synchronization
– Firewall session synchronization
– Device/link detection
– In-Band Cluster Upgrade (ICU)
– Dial on-demand backup interfaces
– IP monitoring with route and interface failover
– Bảo hành: 12 tháng.
