Description
JUNIPER – Pare-feu SRX240
16x ports 1Gbps Base-T
12x ports 1Gbps Base-T
1x port console
2x ports USB
2x fans
1x PSU
Oreilles de montage en rack
Features
- 16 10/100/1000 Ethernet LAN ports, 4 Mini-PIM slots
- Support for T1/E1, serial, ADSL2/2+, VDSL, G.SHDSL, and Ethernet SFP
- Content Security Accelerator hardware for faster performance of IPS and ExpressAV
- Full UTM1; antivirus1, antispam1, enhanced Web filtering1, intrusion prevention system1
- Unified Access Control and content filtering
- 1 GB/2 GB DRAM, 2 GB compact flash default
Specifications
Protocols
- IPv4, IPv6, ISO Connectionless Network Service (CLNS)
Routing and Multicast
- Static routes
- RIPv2 +v1
- OSPF/OSPFv3
- BGP
- BGP Router Reflector2
- IS-IS
- Multicast (Internet Group Management Protocol (IGMPv1/2/3), PIM-SM/DM/SSM, Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), source-specific, Multicast inside IPsec tunnel), MSDP
- MPLS (RSVP, LDP, Circuit Cross-connect (CCC), Translational Cross-connect (TCC), Layer 2 VPN (VPLS), Layer 3 VPN, VPLS, NGMVPN)
IP Address Management
- Static
- DHCP, PPPoE client
- Internal DHCP server, DHCP Relay
Address Translation
- Source NAT with Port Address Translation (PAT)
- Static NAT
- Destination NAT with PAT
- Persistent NAT, NAT64
Encapsulations
- Ethernet (MAC and VLAN tagged)
- Point-to-Point Protocol (PPP) (synchronous)
- Multilink Point-to-Point Protocol (MLPPP)
- Frame Relay
- Multilink Frame Relay (MLFR) (FRF.15, FRF.16), FRF.12, LFI
- High-Level Data Link Control (HDLC)
- Serial (RS-232, RS-449, X.21, V.35, EIA-530)
- 802.1q VLAN support
- Point-to-Point Protocol over Ethernet (PPPoE)
L2 Switching
- 802.1D, RSTP, MSTP, 802.3ad (LACP)
- 802.1x, LLDP, 802.1ad (Q-in-Q), IGMP Snooping
- Layer 2 switching with high availability
Traffic Management Quality of Service (QoS)
- 802.1p, DSCP, EXP
- Marking, policing, and shaping
- Class-based queuing with prioritization
- Weighted random early detection (WRED)
- Queuing based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multi-field (MF) filters
- Guaranteed bandwidth
- Maximum bandwidth
- Ingress traffic policing
- Priority-bandwidth utilization
- DiffServ marking
- Virtual channels
Security
- Firewall
- Firewall, zones, screens, policies
- Stateful firewall, stateless filters
- Network attack detection
- Screens denial of service (DoS) and provides distributed denial of service (DDoS) protection (anomaly-based)
- Prevent replay attack; Anti-Replay
- Unified Access Control
- TCP reassembly for fragmented packet protection
- Brute force attack mitigation
- SYN cookie protection
- Zone-based IP spoofing
- Malformed packet protection
