Juniper产品介绍

Juniper Networks NetScreen-ISG 2000(1)Maximum Performance and Capacity (2)Firewall performance 2 Gbps 3DES performance1 Gbps Deep Inspection performance 300 Mbps Concurrent sessions 512,000New sessions/second 30,000Policies 30,000Interfaces Up to 8 Mini GBIC (SX or LX),up to 28 10/100Mode of OperationLayer 2 mode (transparent mode)(5)Yes Layer 3 mode (route and/or NA T mode) Yes NA T (Network Address Translation)Yes PA T (Port Address Translation)Yes Policy-based NA T Yes Virtual IP 8(4)Mapped IP8,192(3)Users supportedUnrestrictedFirewallNumber of network attacks detected 31Network attack detection Yes DoS and DDoS protections Yes TCP reassembly for fragmented packet protection Yes Malformed packet protections Yes Deep Inspection firewall Yes Stateful protocol signatures Yes Protocols supported HTTP , FTP , SMTP , POP 3, IMAP , DNS Content Inspection Yes Malicious Web filtering up to 128 URLs External Web filtering (Websense)Yes Integrated Web filtering No VPNConcurrent VPN tunnels up to 10,000(3)Tunnel interfacesup to 1,024(3)DES (56-bit), 3DES (168-bit) and AES encryption Yes MD-5 and SHA-1 authentication Yes Manual Key, IKE, PKI (X.509)Yes Perfect forward secrecy (DH Groups)1,2,5Prevent replay attack Yes Remote access VPN Yes L2TP within IPSec Yes IPSec NA T traversalYes Redundant VPN gateways YesFirewall and VPN User Authentication Built-in (internal) database - user limit 1,500(3)3rd Party user authentication RADIUS, RSA SecurID, and LDAPXAUTH VPN authentication Yes Web-based authentication Yes System ManagementWebUI (HTTP and HTTPS)Yes Command Line Interface (console)Yes Command Line Interface (telnet)YesCommand Line Interface (SSH)Yes, v1.5 and v2.0 compatibleJuniper Networks NetScreen-ISG 2000(1)System ManagementNetScreen-Security ManagerYes All management via VPN tunnel on any interface Yes SNMP full custom MIB Yes Rapid deployment NoLogging/MonitoringSyslog (multiple servers)External, up to 4 serversE-mail (2 addresses)Yes NetIQ WebTrends External SNMP (v2)Yes TracerouteYes VPN tunnel monitorYes VirtualizationMaximum number of Virtual Systems 0 default, upgradeable to 50(6)Maximum number of security zones 26 default, upgradeable to 126(6)Maximum number of virtual routers 3 default, upgradeable to 53(6)Number of VLANs supported 500 max RoutingOSPF/BGP dynamic routing up to 8 instances each (3)RIPv2 dynamic routing up to 50 instances supported (3)Static routes20,000Source-based routingYesHigh Availability (HA)Active/Active Yes Active/PassiveYes Redundant interfacesYes Configuration synchronizationYes Session synchronization for firewall and VPN Yes Session failover for routing change Yes Device failure detection Yes Link failure detectionYes Authentication for new HA members Yes Encryption of HA traffic Yes IP Address Assignment StaticYes DHCP , PPPoE client No Internal DHCP server No DHCP relayYes PKI SupportPKI Certificate requests (PKCS 7 and PKCS 10)Yes Automated certificate enrollment (SCEP)Yes Online Certificate Status Protocol (OCSP)Yes Certificate Authorities Supported Verisign Yes Entrust Yes Microsoft Yes RSA KeonYes iPlanet (Netscape)Yes Baltimore Yes DOD PKIYesJuniper Network’s Integrated Security Gateway,the NetScreen-ISG 2000,is a purpose-built,high-performance system designed to deliver scalable network and application security for large enterprise,carrier and data center networks. Integrating best-of-breed Deep Inspection firewall,VPN and DoS solutions,the JuniperNetworks NetScreen-ISG 2000 enables secure,reliable connectivity along with network and application-level protection for key,high-traffic network segments. The NetScreen-ISG 2000 is built on Juniper Network’s next-generation architecture which includes a fourth generation security ASIC,the GigaScreen 3,high speedmicroprocessors and add-on security modules to provide the predictable,multi-Gigabit performance needed for the most demanding network segments.Juniper Networks NetScreen-ISG 2000Juniper NetworksNetScreen-ISG 2000(1)AdministrationLocal administrators database20External administrator database RADIUS/LDAP/SecurID Restricted administrative networks6Root Admin, Admin, and Read Only user levels YesSoftware upgrades TFTP/WebUI/NSMConfiguration Roll-back YesTraffic ManagementGuaranteed bandwidth NoMaximum bandwidth Yes, per physical interface Priority-bandwidth utilization NoDiffServ stamp Yes, per policyExternal FlashCompactFlash™Supports 128 or 512 MBIndustrial-Grade SanDisk Event logs and alarms YesSystem config script YesNetScreen ScreenOS Software YesDimensions and PowerDimensions (H/W/L) 5.25/17.5/23 inchesWeight52 lbs.Rack mountable19” standard, 23” optional Power Supply (AC)90 to 264 VAC, 250 watts Power Supply (DC)-36 to -72 VDC, 250 wattsLicensing Options: The NetScreen-ISG 2000 is available with two licensing options to provide two different levels of functionality and capacity.Advanced Models: The Advanced software license provides all of the features and capacities listed within this specsheet.Baseline Models: The Baseline software license provides an entry-level solution for customer environments where features such as Deep Inspection™, OSPF and BGP dynamic routing, advanced High Availabilty, and full capacity are not criticalrequirements. The following table shows the features and capacities that are different than the Advanced models:NetScreen-ISG 2000 Baseline AdvancedSessions256,000512,000Concurrent VPN tunnels1,00010,000Deep Inspection Firewall No YesVLANs100500OSPF/BGP No YesHigh Availability (HA)Active/Passive Active/ActiveCertificationsSafety CertificationsUL, CUL, CSA, CBEMC CertificationsFCC class A, CE class A, C-Tick, VCCI class AEnvironmentOperational temperature: 32°to 122°F, 0°to 50°CNon-operational temperature: -4°to 158°F, -20°to 70°CHumidity: 10 to 90% non-condensingMTBF (Bellcore model)7.6 yearsSecurityPending Ordering InformationProduct Part NumberNetScreen-ISG 2000 Bundles Advanced*NetScreen-ISG 2000 system 1 4 port 10/100 I/O Module NS-ISG-2000-P00A-S00 NetScreen-ISG 2000 system 1 8 port 10/100 I/O Module NS-ISG-2000-P01A-S00 NetScreen-ISG 2000 system 1 Dual-Port mini-GBIC NS-ISG-2000-P02A-S00I/O ModuleNetScreen-ISG 2000 system 1 dual port 10/100/1000NS-ISG-2000-P03A-S00Copper I/O ModuleNetScreen-ISG 2000 Bundles Baseline*Netscreen-ISG 2000 system 1 4 port 10/100 I/O Module NS-ISG-2000B-P00A-S00 Netscreen-ISG 2000 system 1 8 port 10/100 I/O Module NS-ISG-2000B-P01A-S00 Netscreen-ISG 2000 system 1 Dual port mini-GBIC NS-ISG-2000B-P02A-S00I/O ModuleNetScreen-ISG 2000 system 1 dual port 10/100/1000NS-ISG-2000B-P03A-S00Copper I/O Module*All systems include 2 AC power supplies and 0 virtual systemsNetScreen-ISG 2000 Virtual System UpgradesVSYS Upgrade 0 to 5NS-ISG-2000-VSYS-5 VSYS Upgrade 5 to 25NS-ISG-2000-VSYS-25 VSYS Upgrade 25 to 50NS-ISG-2000-VSYS-50 VSYS Upgrade 0 to 25NS-ISG-2000-VSYS-025 VSYS Upgrade 0 to 50NS-ISG-2000-VSYS-050Every Virtual System includes 1 virtual router and 2 security zones, usable in the virtual or root systemNetScreen-ISG 2000 ComponentsI/O Module - Dual Port Mini GBIC-SX NS-ISG-2000-SX2I/O Module - Dual Port Mini GBIC-LX NS-ISG-2000-LX2I/O Module - 4 Port 10/100 Fast Ethernet NS-ISG-2000-FE4I/O Module - 8 Port 10/100 Fast Ethernet NS-ISG-2000-FE8I/O Module - Dual Port 10/100/1000 Gig Ethernet NS-ISG-2000-TX2SX transceiver (mini-GBIC)NS-SYS-GBIC-MSXLX transceiver (mini-GBIC)NS-SYS-GBIC-MLXAC power supply NS-ISG-2000-PWR-AC DC power supply NS-ISG-2000-PWR-DC Japan power cord option NS-ISG-2000-JAPANFan module NS-ISG-2000-FANRack Mount Kit (19 in., all mounting hardware)NS-ISG-2000-RCK-01 Rack Mount Kit (23 in., all mounting hardware)NS-ISG-2000-RCK-02 Blank Interface Panel NS-ISG-2000-IPAN Blank Power Supply Cover NS-ISG-2000-PPAN(1)Performance, capacity and features listed are based upon systems ScreenOS 5.0.0 and may vary with other ScreenOS releases. Actual throughput may vary based upon packet size and enabled features.(2)Performance and capacity provided are the measured maximums under ideal testing conditions. May vary by deployment.(3)Shared among all Virtual Systems(4)Not available with Virtual Systems(5) NA T, PA T, policy based NA T, virtual IP, mapped IP, virtual systems, virtual routers, VLANs, OSPF, BGP, RIPv2, Active/Active HA,and IP address assignment are not available in layer 2 transparent mode(6)Requires purchase of virtual system key. Every virtual system includes one virtual router and two security zones, usable inthe virtual or root system.1194 North Mathilda Avenue Sunnyvale, CA 94089 USA Phone: 888-JUNIPER (888-586-4737) or 408-745-2000 Fax: 408-745-2100Copyright © 2004 Juniper Networks, Inc. All rights reserved.Juniper Networks, the Juniper Networks logo, NetScreen, NetScreen Technologies, GigaScreen, and the NetScreen logo are registered trademarks of Juniper Networks, Inc. NetScreen-5GT, NetScreen-5XP, NetScreen-5XT, NetScreen-25, NetScreen-50, NetScreen-100, NetScreen-204, NetScreen-208, NetScreen-500, NetScreen-5200, NetScreen-5400, NetScreen-Global PRO, NetScreen-Global PRO Express, NetScreen-Remote Security Client, NetScreen-Remote VPN Client, NetScreen-IDP 10, NetScreen-IDP 100, NetScreen-IDP 500, GigaScreen ASIC, GigaScreen-II ASIC, and NetScreen ScreenOS are trademarks of Juniper Networks, Inc. All other trademarks and registered trademarks are the property of their respective companies.Part Number: 110011-003 Sept 2004。

Juniper防火墙Juniper防火墙是一种企业级网络安全设备，专门设计用于保护网络免受非法入侵、恶意软件和其他网络威胁的攻击。

本文将介绍Juniper防火墙的基本原理、功能和配置方法。

1. 简介Juniper防火墙是Juniper Networks公司生产的一系列网络安全设备，包括物理和虚拟防火墙产品。

它采用先进的技术和算法，为企业提供强大的安全防护能力。

Juniper防火墙具有高性能、高可靠性和高安全性的特点，被广泛应用于数据中心、企业网络和云环境中。

2. 基本原理Juniper防火墙基于过滤规则对网络流量进行检查和控制。

它通过检查IP包的源地址、目的地址、端口和协议等信息，决定是否允许该流量通过。

防火墙还可以进行深度包检查和应用层协议分析，以识别和阻止潜在的安全威胁。

3. 功能3.1 防火墙规则防火墙规则是决定哪些流量被允许通过防火墙的最重要的配置项之一。

管理员可以根据网络的安全需求和策略，定义各种规则，如允许或禁止特定IP地址、端口或协议的流量通过。

3.2 网络地址转换（NAT）Juniper防火墙支持网络地址转换（NAT），它允许在私有网络和公共网络之间建立映射关系。

NAT可以隐藏内部网络的真实IP地址，提高网络的安全性，并且允许多个内部主机共享一个公共IP地址。

3.3 虚拟专用网络（VPN）Juniper防火墙支持虚拟专用网络（VPN）技术，可以建立安全的远程连接并加密数据传输。

VPN可以用于远程办公、分支机构互联和对外合作等场景，保护数据在传输过程中的安全性和隐私性。

3.4 入侵检测与预防系统（IDS/IPS）Juniper防火墙集成了入侵检测与预防系统（IDS/IPS），可以实时监测网络流量，识别并阻止潜在的入侵行为。

IDS/IPS可以在网络层和应用层提供全面的安全保护，有效地减少安全威胁所带来的风险。

3.5 安全日志和报警Juniper防火墙可以生成详细的安全日志，并提供实时的报警机制。

Juniper路由器配置详解第一章：Juniper路由器概述Juniper Networks是全球知名的网络设备供应商之一，其路由器产品以高性能和可靠性而闻名。

本章将介绍Juniper路由器的基本概念和架构。

首先将介绍Junos操作系统，然后探讨Juniper路由器的不同系列和型号。

第二章：Juniper路由器接口配置Juniper路由器的接口配置非常重要，它决定了如何连接路由器以及与其他设备进行通信。

本章将详细讨论接口类型、接口配置命令以及不同接口的特性和用途。

第三章：基本路由配置路由是网络中数据包传输的基础，对于Juniper路由器的配置来说非常重要。

本章将介绍如何配置静态路由和动态路由，包括OSPF和BGP等常用路由协议。

第四章：高级路由配置高级路由配置允许更复杂的路由策略和动态路由选择。

本章将讨论路由策略配置和路由过滤列表等高级路由功能，以及如何实现路由红istribution和路由聚合。

第五章：安全配置网络安全对于任何企业来说都是至关重要的。

本章将介绍如何配置Juniper路由器的安全功能，包括防火墙、虚拟私有网络（VPN）和安全策略等。

我们还将谈及如何使用Juniper安全套件提供的高级保护机制来保护网络。

第六章：QoS配置服务质量（QoS）是保证网络性能的重要因素之一。

本章将详细讨论如何使用Juniper路由器的QoS功能来管理带宽、优化流量和提供最佳用户体验。

第七章：管理配置管理配置是确保Juniper路由器正常运行的关键。

本章将讨论如何配置远程访问、系统日志和故障排除等管理功能。

我们还将介绍如何使用Junos Space网络管理平台来实现集中化管理和配置。

第八章：高可用性配置高可用性是企业网络的重要要求之一。

本章将介绍如何配置Juniper路由器的高可用性功能，包括冗余路由器、Virtual Chassis和Link Aggregation等。

我们还将讨论如何实现网络故障恢复和负载均衡。

juniper基本概念Juniper是一家提供各种网络产品和解决方案的技术公司，其产品主要用于构建和管理企业级网络和云服务。

以下是一些Juniper的基本概念：1. 路由器和交换机：Juniper生产高性能的路由器和交换机，用于连接和转发数据包在网络中的不同设备和地点之间。

2. Junos操作系统：Junos是Juniper开发的操作系统，用于驱动其路由器和交换机。

Junos以其高度可靠和可扩展的特性而闻名，具有丰富的网络功能和管理工具。

3. SRX防火墙：SRX系列是Juniper的安全设备，用于提供高级网络安全功能，包括防火墙、入侵检测和防御、虚拟专用网络（VPN）和流量分析等。

4. Contrail：Contrail是Juniper的软件定义网络（SDN）解决方案，提供网络虚拟化和自动化的功能。

Contrail可以帮助企业构建可扩展和灵活的网络基础设施，简化网络部署和管理。

5. MX系列路由器：MX系列是Juniper的高性能路由器，专注于服务提供商和企业级网络的需求。

MX系列路由器具有高密度接口、高容量和可靠性，适用于大规模的数据中心和广域网络。

6. QFX系列交换机：QFX系列是Juniper的高性能和可编程性交换机，用于数据中心和企业级网络。

QFX系列交换机具有低延迟、高吞吐量和灵活的配置选项，支持虚拟化和云计算环境。

7. 高级威胁防护：Juniper提供各种高级威胁防护解决方案，包括防火墙、入侵检测和预防系统（IDP）、威胁情报服务和行为分析等。

这些解决方案可以帮助企业保护其网络免受恶意软件、网络攻击和数据泄露等威胁的侵害。

总而言之，Juniper提供了一系列的网络产品和解决方案，以满足企业和服务提供商的需求，并帮助他们构建和管理高性能、安全和可靠的网络基础设施。

产品介绍产品概述QFX5120 提供低延迟、本机 25GbE、丰富的 2 层和 3 层功能、VXLAN 叠加支持和 100GbE 上行链路，使其成为接入和架顶式部署的理想交换机。

QFX5120 具有在虚拟化服务器和裸机服务器之间建立桥接的 3 层网关功能，专为需要叠加/底层网络架构支持的超敏捷数据中心而设计。

高密度 10GbE、25GbE、40GbE 和100GbE 端口也使得 QFX5120 非常适合部署为脊叶式和叶式拓扑。

产品说明数据中心日渐采用云服务，因此迅速扩展，这样每机架所需的网络带宽就更高。

因此，25GbE 和100GbE 已成为大多数数据中心的主导端口速度。

云服务的激增，加上叠加技术的广泛采用，需要能够满足这些不断发展的数据中心需求的高敏捷性交换平台。

而高性能瞻博网络® QFX5120 以太网交换机正符合此要求，从而为动态数据中心奠定了基础。

本机25GbE 端口和 100GbE 上行链路满足 100GbE 主干端口不断增长的需求，可支持所有服务器访问速度，包括 10GbE 和 25GbE。

QFX5120 还支持一组不同的交换架构，包括数据中心交换矩阵、-3 层和脊叶式部署，使用户能够随需求的变化而轻松适应和发展。

架构和关键组件QFX5120 包括本机 25GbE（仅限光纤）和 40GbE 或 100GbE 固定配置选项，以及丰富的 L2、L3、以太网 VPN (EVPN) 和 MPLS 功能。

QFX5120 运行可靠的高性能瞻博网络 Junos®操作系统，所有瞻博网络 QFX 系列交换机和 EX 系列以太网交换机、SRX 系列服务网关和瞻博网络路由器均使用同一操作系统，确保跨整个瞻博网络基础架构实现一致的控制平面功能实施和用户体验。

产品选项QFX5120 交换机是紧凑型 1 U 平台，提供线速数据包性能、超低延迟以及一组丰富的 Junos OS 功能。

包括高吞吐量数据包转发引擎 (PFE) 在内，强大的 2.2 GHz 四核 Intel CPU 以及 16 GB 内存和 64 GB SSD 存储进一步增强了 QFX5120 控制平面的性能。

DATASHEETProduct DescriptionThe Juniper Networks ® SRX5600 and SRX5800 Services Gateways are next-generation security platforms based on a revolutionary new architecture that provides market-leading performance, scalability, and service integration. These devices are ideally suited for service provider, large enterprise and public sector networks including:• Cloud and hosting provider data centers • Securing mobile operator environments • Managed service providers• Securing core service provider infrastructure • Large enterprise data centers• Aggregation of departmental and segmented security solutionsBased on Juniper’s dynamic services architecture, the SRX5000 line provides unrivaled scalability and performance. Each services gateway can support near linear scalability, with the addition of services processing cards (SPC) enabling a fully equipped SRX5800 to support more than 120 Gbps firewall throughput. The SPCs are designed to support a wide range of services enabling future support of new capabilities without the need for service-specific hardware. Using SPCs on all services ensures that there are no idle resources based on specific services being used—maximizing hardware utilization. The scalability and flexibility of the SRX5000 line is supported by equally robust interfaces. The SRX5000 line employs a modular approach to interfaces where each platform can be equipped with a flexible number of input/output cards (IOCs). With the IOCs sharing the same interface slot as the SPCs, the gateway can be configured as needed to support the ideal balance of processing and I/O. Hence, each deployment of the SRX Series can be tailored to specific network requirements. With this flexibility, the SRX5800 can be configured to support more than 400 Gigabit Ethernet ports or 88 10-Gigabit Ethernet ports.The scalability of both SPCs and IOCs in the SRX5000 line is enabled by the custom designed switch fabric. Supporting up to 960 Gbps of data transfer, the fabric enables realization of maximum processing and I/O capability available in any particular configuration. This level of scalability and flexibility facilitates future expansion and growth of the network infrastructure, providing unrivaled investment protection.Product OverviewJuniper Networks SRX5000 line of services gateways is the next-generation solution for securing the ever increasing network infrastructure and applications requirements for both enterprise and service provider environments. Designed from the ground up to provide flexible processing scalability, I/O scalability, and services integration, the SRX5000 line can meet the network and security requirements of data center hyper-consolidation, rapid managed services deployments, and aggregation of security solutions. Incorporating the routing heritage and service provider reliability of Junos OS with the rich security heritage of ScreenOS, service provider reliability, and ScreenOS security heritage, the SRX Series also offers the high feature/service integration necessary to secure modern network infrastructure and applications.SRX5600 ANDGA TEWAYSThe tight service integration on the SRX Series is enabledby Juniper Networks Junos® operating system. By combiningthe routing heritage of Junos OS and the security heritage of ScreenOS®, the SRX Series is equipped with a robust list of services that include firewall, intrusion prevention system (IPS), denial of service (DoS), application security, Network Address Translation (NAT), and quality of service (QoS). In addition tothe benefit of individual services, incorporating multiple security and networking services within one OS greatly optimizes the flow of traffic through the platform. Network traffic no longer needsto be routed across multiple data paths/cards or even disparate operating systems within a single gateway.Junos OS also delivers carrier-class reliability to the already redundant SRX Series. The SRX Series enjoys the benefit ofa single source OS, single release train, and single integrated architecture traditionally available on Juniper’s carrier-class routers and switches. The SRX Series is managed by Juniper Networks Network and Security Manager (NSM), the single application used to manage all Juniper Networks firewall, IPS, Secure Sockets Layer (SSL), Juniper Networks Unified Access Control (UAC), and EX Series products.SRX5800The SRX5800 Services Gateway is the market-leading security solution supporting more than 120 Gbps firewall, 30 Gbps IPS and 350,000 connections per second. Equipped with the full range of security services, SRX5800 is ideally suited for securing large enterprise, hosted or co-located data centers, secure service provider, and cloud provider infrastructures, and mobile operator environments. The massive performance, scalability and flexibility of the SRX5800 makes it ideal for densely consolidated processing environments, and the service density makes it ideal for cloud and managed service providers.SRX5600The SRX5600 Services Gateway uses the same SPCs and IOCsas the SRX5800 and can support up to 60 Gbps firewall and 15 Gbps IPS. The SRX5600 is ideally suited for securing enterprise data centers as well as aggregation of various security solutions. The capability to support unique security policies per zones andits ability to scale with the growth of the network infrastructure makes the SRX5600 an ideal deployment for consolidation of services in large enterprise, service provider or mobile operator environments.Service Processing CardsAs the “brains” behind the SRX5000 line, SPCs are designedto process all available services on the platform. Without the need for dedicated hardware for specific services or capabilities, there are no instances in which a piece of hardware is taxed tothe limit while other hardware is sitting idle. SPCs are designedto be pooled together, allowing the SRX5000 line to expand performance and capacities with the introduction of additional SPCs, drastically reducing management overhead and complexity. The same SPCs are supported on both SRX5600 and SRX5800 Services Gateways.Input Output CardsTo provide the most flexible solution, the SRX5000 line employ the same modular architecture for SPCs and IOCs. The SRX5000 line can be equipped with one or several IOCs, supporting the ideal mix of interfaces (either Gigabit Ethernet or 10-Gigabit Ethernet). With the flexibility to install an IOC or an SPC on any available slot, the SRX5000 line can be equipped to support the perfect blend of interfaces and processing capabilities to meet the needs of the most demanding environments.Features and BenefitsNetworking and SecurityJuniper Networks SRX5000 line has been designed from the ground up to offer robust networking and security services.Traffic Inspection MethodsJuniper Networks SRX Series Services Gateways support various detection methods to accurately identify the application and traffic flow through the network.AppSecureJuniper Networks AppSecure is a suite of next-generation security capabilities that utilize advanced application identification and classification to deliver greater visibility, enforcement, control and protection over the network.AppSecure (continued)IPS CapabilitiesJuniper Networks IPS capabilities offer several unique features that assure the highest level of network security.Centralized ManagementJuniper Networks SRX Series Services Gateways are managed by NSM, the common management solution for all Juniper Networks firewall, IDP Series, SA Series SSL VPN, UAC, and EX Series products.As of May 2010, there are 6,200 signatures with approximately 10 new signatures added every week. Subscription to signature update service is required to receive new signatures.* AppFW is targeted for 1H2011** AppQoS is targeted for 2H2011SRX5600 SERVICES GATEWAYSRX5800 SERVICES GATEWAY SpecificationsMaximum Performance and Capacity2T ested configuration to achieve performance, capacities and features listed below:SRX5600 chassis equipped with four (4) SPCs and two (2) IOCsSRX5800 chassis equipped with eight (8) SPCs and four (4) IOCsPerformance, capacity and features listed are based on systems runninng Junos OS 10.2 and are measured under ideal testing conditions. Actual results may vary based on Junos OS releases and by deployments.* SRX5000 line of gateways operating with Junos OS release 10.0 and later are compliant with the R6, R7, and R8 releases of 3GPP TS 20.060 with the following exceptions(not supported on the SRX5000 line):- Section 7.5A Multimedia Broadcast and Multicast Services (MBMS) messages- Section 7,5B Mobile Station (MS) info change messages- Section 7.3.12 Initiate secondary PDP context from GGSNJuniper Networks Services and SupportJuniper Networks is the leader in performance-enabling services and support, which are designed to accelerate, extend, and optimize your high-performance network. Our services allow you to bring revenue-generating capabilities online faster so you can realize bigger productivity gains and faster rollouts of new business models and ventures. At the same time, Juniper Networks ensures operational excellence by optimizing your network to maintain required levels of performance, reliability, and availability. For more details, please visit /us/en/products-services/.Ordering InformationSRX5600BASE-AC AC SRX5600 chassis, includes RE, SCB, 2 ACIPS SubscriptionSRX5K-IDP One year IPS signature subscription About Juniper NetworksJuniper Networks, Inc. is the leader in high-performance networking. Juniper offers a high-performance networkinfrastructure that creates a responsive and trusted environment for accelerating the deployment of services and applications over a single network. This fuels high-performance businesses. Additional information can be found at .Notes11121000254-009-EN Aug 2010Copyright 2010 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen, andScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.EMEA Headquarters Juniper Networks Ireland Airside Business Park Swords, County Dublin, Ireland Phone: 35.31.8903.600 EMEA Sales: 00800.4586.4737 Fax: 35.31.8903.601APAC Headquarters Juniper Networks (Hong Kong) 26/F, Cityplaza One 1111 King’s Road Taikoo Shing, Hong Kong Phone: 852.2332.3636 Fax: 852.2574.7803Corporate and Sales HeadquartersJuniper Networks, Inc.1194 North Mathilda AvenueSunnyvale, CA 94089 USAPhone: 888.JUNIPER (888.586.4737)or 408.745.2000Fax: 408.745.2100 To purchase Juniper Networks solutions, please contact your Juniper Networks representative at 1-866-298-6428 or authorized reseller.Printed on recycled paper。