|
|
SSG Series Appliances |
| Juniper Networks Secure Services Gateway 20 with 2 port Mini-PIM slots, Wireless 802.11a/b/g, 128 MB Memory |
#SSG-20-SB-W-US
List Price: $1,150.00
Our Price: $885.00 |
|
Juniper Networks Secure Services Gateway 20 with 2 port Mini-PIM slots, Wireless 802.11a/b/g, 256 MB memory
Note: This Model is required to run Anti-Virus or Deep Inspection Services |
#SSG-20-SH-W-US
List Price: $1,350.00
Our Price: $1,039.00 |
|
More pricing below,
click here
SSG20 Wireless Overview:
The Juniper Networks SSG20 Wireless is a purpose-built,
modular security platform that delivers 160 Mbps of stateful firewall traffic and 40 Mbps of IPsec VPN
throughput for small branch, teleworker, and
enterprise deployments.
The Juniper Networks SSG5 and SSG20 Secure Services Gateways are purpose-built security appliances that deliver a perfect blend of performance,
security, routing and LAN/WAN connectivity for small branch offices, fixed telecommuters and small standalone business deployments. Traffic flowing
in and out of the branch office or business is protected from worms, spyware, trojans, and malware by a complete set of Unified Threat Management
security features that include stateful firewall, IPsec VPN, intrusion prevention system (IPS), antivirus (includes anti-spyware, anti-adware,
anti-phishing), anti-spam and Web filtering.
The Juniper Networks SSG5 and SSG20 Secure Services Gateways are high-performance security platforms for small branch office and standalone businesses
that want to stop internal and external attacks, prevent unauthorized access and achieve regulatory compliance. Both the SSG5 and SSG20 deliver 160 Mbps of
stateful firewall traffic and 40 Mbps of IPsec VPN traffic.
Security: Protection against worms, viruses, trojans, spam, and emerging malware is delivered by proven unified threat management (UTM) security features
that are backed by best-in-class partners. To address internal security requirements and facilitate regulatory compliance, the SSG5 and SSG20 both support
an advanced set of network protection features such as security zones, virtual routers and VLANs that allow administrators to divide the network into distinct
secure domains, each with its own unique security policy. Policies protecting each security zone can include access control rules and inspection by any of the
supported UTM security features.
The SSG20 deployed at a branch office for secure Internet connectivity and site-to-site VPN to corporate headquarters. Internal wired and wireless
resources are protected with unique security policies applied to each security zone.
Connectivity and Routing: The SSG5 has seven on-board 10/100 interfaces with optional fixed WAN ports. The SSG20 has five 10/100 interfaces with two I/O
expansion slots for additional WAN connectivity. The broad array of I/O options coupled with WAN protocol and encapsulation support in the routing engine make
both the SSG5 and the SSG20 a solution that can easily be deployed as a traditional branch office router or as a consolidated security and routing device to reduce CapEx and OpEx. Both the SSG5 and SSG20 support 802.11 a/b/g as a factory configured option supported by a wide array of wireless specific security features.
Access Control Enforcement: The SSG5 and SSG20 can act as enforcement points in a Juniper Networks Unified Access Control deployment with the simple addition of
the IC Series UAC appliance. The IC Series functions as a central policy management engine, interacting with the SSG5 or SSG20 to augment or replace the firewall-based
access control with a solution that grants/denies access based on more granular criteria that include endpoint state and user identity in order to accommodate the
dramatic shifts in attack landscape and user characteristics.
World Class Support: From simple lab testing to major network implementations, Juniper Networks Professional Services will collaborate with your team to identify goals.
Features & Benefits:
| Features |
Features
Description |
Benefits |
|
High performance |
Purpose-built platform is assembled from custom-built hardware, powerful processing and a security-specific operating system. |
Delivers performance headroom required to protect against internal and external attacks now and into the future. |
| Best-in-class UTM security features |
UTM security features (antivirus, anti-spam, Web filtering, IPS) stop all manner of viruses and malware before they damage the network. |
Ensures that the network is protected against all manner of attacks. |
|
Integrated antivirus |
Annually licensed antivirus engine is based on Kaspersky Lab engine. |
Stops viruses, spyware, adware and other malware. |
| Integrated anti-spam |
Annually licensed anti-spam offering is based on Symantec technology. |
Blocks unwanted email from known spammers and phishers. |
|
Integrated Web filtering |
Annually licensed Web filtering solution is based on Websense SurfControl technology. |
Controls/blocks access to malicious Web sites. |
| Integrated IPS (Deep Inspection) |
Annually licensed IPS engine. |
Prevents application-level attacks from flooding the network. |
| Fixed Interfaces |
Seven fixed 10/100 interfaces on the SSG5, and five fixed 10/100 interfaces on the SSG20. The SSG5 is factory configured with either RS232
Serial/AUX or ISDN BRI S/T or V.92 fixed WAN backup. Both models include one console port and one auxiliary port. |
Provides high-speed LAN connectivity, redundant WAN connectivity and flexible management. |
| Network segmentation |
Security zones, virtual LANs and virtual routers allow administrators to deploy security policies to isolate guests, wireless networks and regional servers or databases. |
Facilitates deployment of internal security to prevent unauthorized access, contain attacks and assist in achieving regulatory compliance. |
| Interface modularity |
Two interface expansion slots (SSG20 only) supporting optional ADSL 2+, T1, E1, ISDN BRI S/T, Serial, SFP and v.92 Mini physical interface modules (Mini-PIMs).* |
Delivers combination of LAN and WAN connectivity on top of unmatched security to reduce costs and extend investment protection. |
| Robust routing engine |
Proven routing engine supports OSPF, BGP, and
RIP v1/2. |
Enables the deployment of a consolidated security and routing device, thereby lowering operational and capital expenditures. |
| 802.11 a/b/g wireless-specific
security features |
Wireless-specific privacy and authentication features augment the UTM security capabilities to protect wireless traffic. |
Provides additional device consolidation opportunities (WLAN access point, security, routing) for small office environment. |
| Juniper Networks Unified Access
Control enforcement point |
Interacts with the centralized policy management engine (IC Series) to enforce session-specific access control policies using criteria such as user identity, device security state and network location. |
Improves security posture in a cost-effective manner by leveraging existing customer network infrastructure components and best-in-class technology. |
| Management flexibility |
Use any one of three mechanisms, command line interface (CLI), WebUI or Juniper Networks Network and Security Manager (NSM) to securely deploy, monitor and manage security policies. |
Enables management access from any location, eliminating onsite visits thereby improving response time and reducing operational costs. |
| World-class professional services |
From simple lab testing to major network implementations, Juniper Networks Professional Services will collaborate with your team to identify goals, define the deployment process, create or validate the network design and manage the deployment. |
Transforms the network infrastructure to ensure that it is secure, flexible, scalable and reliable. |
*Serial and SFP Mini-PIMs only supported in ScreenOS 6.0 or greater releases
Product Options:
|
Option |
Option
Description |
Applicable
Products |
|
DRAM |
The SSG5 and SSG20 are available with either
128 MB or 256 MB of DRAM. |
SSG5 and SSG20 |
|
Unified Threat Management /
Content Security (high memory option
required) |
The SSG5 and SSG20 can be configured with any combination of the following best-in-class UTM and content security functionality: antivirus
(includes anti-spyware, anti-phishing), IPS (Deep Inspection), Web filtering and/or anti-spam. |
High memory SSG5 or SSG20 only |
|
I/O options |
Two interface expansion slots supporting optional ADSL 2+, T1, E1, ISDN BRI S/T, Serial, SFP and v.92 Mini physical interface modules (Mini-PIMs). |
SSG20 only |
|
802.11 a/b/g connectivity |
The SSG5 and SSG20 can be factory configured for 802.11 a/b/g wireless LAN connectivity. |
SSG5 and SSG20 |
|
Extended license |
Key capacities can be increased (sessions, VPN tunnels, VLANs) and stateful high availability (HA) support for firewall and VPN can be added. |
SSG5 and SSG20 |
Technical Specifications:
| Model: |
SSG5 Base/Extended |
SSG20 Base/Extended |
|
 |
 |
|
Dimensions and Power |
|
Size (W x H x D) |
8.8 x 1.6 x 5.6 in (22.2 x 4.1 x 14.3 cm) |
11.6 x 1.8 x 7.4 in (29.5 x 4.5 x 18.7 cm) |
|
Weight |
2.1 lb (0.95 kg) |
3.3 lb (1.5 kg) |
|
Rack mountable |
Yes |
Yes |
|
A/C power supply |
100-240 VAC |
100-240 VAC |
|
Maximum Thermal Output |
122.8 BTU/Hour |
122.8 BTU/Hour |
|
Certifications |
|
Safety Certifications |
CSA, CB |
CSA, CB |
|
Emissions Certifications |
FCC class B, CE class B, A-Tick, VCCI class B |
FCC class B, CE class B, A-Tick, VCCI class B |
|
Mean Time Between Failure (MTBF) |
|
Non-wireless |
40.5 years |
35.8 years |
|
Wireless |
22.8 years |
28.9 years |
|
Security Certification |
|
Common Criteria: EAL4 |
Yes |
Yes |
|
FIPS 140-2: Level 2 |
Yes |
Yes |
|
ICSA Firewall and VPN |
Yes |
Yes |
|
Environment |
|
Operating Temperature |
32° to 104° F (0° to 40° C) |
32° to 104° F (0° to 40° C) |
|
Non-Operating Temperature |
-4° to 149° F (-20° to 65° C) |
-4° to 149° F (-20° to 65° C) |
|
Humidity |
10% to 90% noncondensing |
10% to 90% noncondensing |
|
Wireless Radio Specifications |
|
Transmit Power |
Up to 200 mW |
Up to 200 mW |
|
Wireless Standards Supported |
Dual Radio 802.11a + 802.11b/g |
Dual Radio 802.11a + 802.11b/g |
|
Site Survey |
Yes |
Yes |
|
Maximum Configured SSIDs |
16 |
16 |
|
Maximum Active SSIDs |
4 |
4 |
|
Atheros SuperG |
Yes |
Yes |
|
Atheros eXtended Range (XR) |
Yes |
Yes |
|
Wi-Fi Certified |
Yes |
Yes |
|
Wireless Security |
|
Wireless Privacy |
WPA, WPA2 (AES or TKIP), IPsec VPN, WEP |
WPA, WPA2 (AES or TKIP), IPsec VPN, WEP |
|
Wireless Authentication |
PSK, EAP-PEAP, EAP-TLS, EAP-TTLS over 802.1x |
PSK, EAP-PEAP, EAP-TLS, EAP-TTLS over 802.1x |
|
MAC Access Controls |
Permit or Deny |
Permit or Deny |
|
Client Isolation |
Yes |
Yes |
|
Antenna Option |
|
Diversity Antenna |
Included |
Included |
|
Directional Antenna |
Optional |
Optional |
|
Omni-Directional Antenna |
Optional |
Optional |
| Model: |
SSG5 Base/Extended |
SSG20 Base/Extended |
|
|
|
|
Maximum Performance and Capacity(2) |
|
ScreenOS® version tested |
ScreenOS 6.2 |
ScreenOS 6.2 |
|
Firewall performance (Large packets) |
160 Mbps |
160 Mbps |
|
Firewall performance (IMIX)(3) |
90 Mbps |
90 Mbps |
|
Firewall packets per second (64 byte) |
30,000 PPS |
30,000 PPS |
|
Advanced Encryption Standard (AES) 256+SHA-1 VPN performance |
40 Mbps |
40 Mbps |
|
3DES encryption +SHA-1 VPN performance |
40 Mbps |
40 Mbps |
|
Maximum concurrent sessions |
8,000/16,000 |
8,000/16,000 |
|
New sessions/second |
2,800 |
2,800 |
|
Maximum security policies |
200 |
200 |
|
Maximum users supported |
Unrestricted |
Unrestricted |
|
Network Connectivity |
|
Fixed I/O |
7 x 10/100 |
5 x 10/100 |
|
Mini-Physical Interface Module (Mini-PIM) slots |
0 |
2 |
|
WAN interface options |
Factory configured: RS232 Serial AUX or ISDN BRI S/T or V.92 |
Mini-PIMs: 1xADSL 2+, 1xT1, 1xE1, V.92, ISDN BRI S/T, 1xSFP, 1xSerial |
|
Firewall |
|
Network attack detection |
Yes |
Yes |
|
DoS and DDoS protection |
Yes |
Yes |
|
TCP reassembly for fragmented packet protection |
Yes |
Yes |
|
Brute force attack mitigation |
Yes |
Yes |
|
SYN cookie protection |
Yes |
Yes |
|
Zone-based IP spoofing |
Yes |
Yes |
|
Malformed packet protection |
Yes |
Yes |
|
Unified Threat Management(4) |
|
IPS (Deep Inspection firewall) |
Yes |
Yes |
|
Protocol anomaly detection |
Yes |
Yes |
|
Stateful protocol signatures |
Yes |
Yes |
|
IPS/DI attack pattern obfuscation |
Yes |
Yes |
|
Antivirus |
Yes |
Yes |
|
Instant message AV |
Yes |
Yes |
|
Signature database |
200,000+ |
200,000+ |
|
Protocols scanned |
POP3, HTTP, SMTP, IMAP, FTP, IM |
POP3, HTTP, SMTP, IMAP, FTP, IM |
|
Anti-spyware |
Yes |
Yes |
|
Anti-adware |
Yes |
Yes |
|
Anti-keylogger |
Yes |
Yes |
|
Anti-spam |
Yes |
Yes |
|
Integrated URL filtering |
Yes |
Yes |
|
External filtering(5) |
Yes |
Yes |
|
VoIP Security |
|
H.323. Application-level gateway (ALG) |
Yes |
Yes |
|
SIP ALG |
Yes |
Yes |
|
MGCP ALG |
Yes |
Yes |
|
SCCP ALG |
Yes |
Yes |
|
Network Address Translation (NAT) for VoIP protocols |
Yes |
Yes |
|
IPsec VPN |
|
Auto-Connect VPN |
Yes |
Yes |
|
Concurrent VPN tunnels |
25/40 |
25/40 |
|
Tunnel interfaces |
10 |
10 |
|
DES encryption (56-bit), 3DES encryption (168-bit) and Advanced Encryption Standard (AES) (256-bit) |
Yes |
Yes |
|
MD-5 and SHA-1 authentication |
Yes |
Yes |
|
Manual key, Internet Key Exchange (IKE), IKEv2 with EAP public key infrastructure (PKI) (X.509) |
Yes |
Yes |
|
Perfect forward secrecy (DH Groups) |
1,2,5 |
1,2,5 |
|
Prevent replay attack |
Yes |
Yes |
|
Remote access VPN |
Yes |
Yes |
|
Layer2 Tunneling Protocol (L2TP) within IPsec |
Yes |
Yes |
|
IPsec Network Address Translation (NAT) traversal |
Yes |
Yes |
|
Redundant VPN gateways |
Yes |
Yes |
|
User Authentication and Access Control |
|
Built-in (internal) database - user limit |
100 |
100 |
|
Third-party user authentication |
RADIUS, RSA SecureID, LDAP |
RADIUS, RSA SecureID, LDAP |
|
RADIUS Accounting |
Yes |
Yes |
|
XAUTH VPN authentication |
Yes |
Yes |
|
Web-based authentication |
Yes |
Yes |
|
802.1X authentication |
Yes |
Yes |
|
Unified Access Control (UAC) enforcement point |
Yes |
Yes |
|
PKI Support |
|
PKI Certificate requests (PKCS 7 and PKCS 10) |
Yes |
Yes |
|
Automated certificate enrollment (SCEP) |
Yes |
Yes |
|
Online Status Protocol (OCSP) |
Yes |
Yes |
|
Certificate Authorities supported |
VeriSign, Entrust, Microsoft, RSA Keon, iPlanet (Netscape) Baltimore, DoD PKI |
VeriSign, Entrust, Microsoft, RSA Keon, iPlanet (Netscape) Baltimore, DoD PKI |
|
Self-signed certificates |
Yes |
Yes |
|
Virtualization |
|
Maximum number of security zones |
8 |
8 |
|
Maximum number of virtual routers |
3/4 |
3/4 |
|
Maximum number of VLANs |
10/50 |
10/50 |
|
Routing |
|
BGP instances |
3/4 |
3/4 |
|
BGP peers |
10/16 |
10/16 |
|
BGP routes |
1,024 |
1,024 |
|
OSPF instances |
3 |
3 |
|
OSPF routes |
1,024 |
1,024 |
|
RIP v1/v2 instances |
16 |
16 |
|
RIP v2 routes |
1,024 |
1,024 |
|
Static routes |
1,024 |
1,024 |
|
Source-based routing |
Yes |
Yes |
|
Policy-based routing |
Yes |
Yes |
|
Equal-cost multipath (ECMP) |
Yes |
Yes |
|
Multicast |
Yes |
Yes |
|
Reverse Path Forwarding (RPF) |
Yes |
Yes |
|
Internet Group Management Protocol (IGMP)
(v1,v2) |
Yes |
Yes |
|
IGMP Proxy |
Yes |
Yes |
|
PIM single mode |
Yes |
Yes |
|
PIM source-specific multicast |
Yes |
Yes |
|
Multicast inside IPsec tunnel |
Yes |
Yes |
|
ICMP Router Discovery Protocol (IRDP) |
Yes |
Yes |
|
Encapsulations |
|
Point-to-Point Protocol (PPP) |
Yes |
Yes |
|
Multilink Point-to-Point Protocol (MLPPP) |
N/A |
Yes |
|
Frame Relay |
Yes |
Yes |
|
Multilink Frame (MLFR) (FRF 15, FRF 16) |
Yes |
Yes |
|
HDLC |
Yes |
Yes |
|
IPv6 |
|
Dual stack IPv4/IPv6 firewall and VPN |
Yes |
Yes |
|
IPv4 to/from IPv6 translations and encapsulations |
Yes |
Yes |
|
Syn-Cookie and Syn-Proxy DoS Attack Detection |
Yes |
Yes |
|
SIP, RTSP, Sun-RPC, and MS-RPC ALG’s |
Yes |
Yes |
|
RIPng |
Yes |
Yes |
|
BGP |
Yes |
Yes |
|
Transparent mode |
Yes |
Yes |
|
NSRP |
Yes |
Yes |
|
DHCPv6 Relay |
Yes |
Yes |
|
Mode of Operation |
|
Layer 2 (transparent) mode(6) |
Yes |
Yes |
|
Layer 3 (route and/or NAT) mode |
Yes |
Yes |
|
Address Translation |
|
Network Address Translation (NAT) |
Yes |
Yes |
|
Port Translation (PAT) |
Yes |
Yes |
|
Policy-based NAT/PAT (L2 and L3 mode) |
Yes |
Yes |
|
Mapped IP (MIP) (mode) |
300 |
300 |
|
Virtual IP (VIP) (mode) |
4/5 |
4/5 |
|
MIP/VIP Grouping (L3 mode) |
Yes |
Yes |
|
Dual untrust |
Yes |
Yes |
|
Bridge groups |
Yes |
Yes |
|
IP Address Assignment |
|
Static |
Yes |
Yes |
|
DHCP, PPPoE client |
Yes |
Yes |
|
Internal DHCP server |
Yes |
Yes |
|
DHCP relay |
Yes |
Yes |
|
Traffic Management Quality of Service (QoS) |
|
Guaranteed bandwidth |
Yes - per policy |
Yes - per policy |
|
Maximum bandwidth |
Yes - per policy |
Yes - per policy |
|
Ingress traffic policing |
Yes |
Yes |
|
Priority-bandwidth utilization |
Yes |
Yes |
|
Differentiated Services stamping |
Yes - per policy |
Yes - per policy |
|
High Availability (HA)(7) |
|
Active/Active - L3 mode |
Yes |
Yes |
|
Active/Passive -Transparent & mode |
Yes |
Yes |
|
Configuration synchronization |
Yes |
Yes |
|
Session synchronization for firewall and VPN |
Yes |
Yes |
|
Session failover for routing change |
Yes |
Yes |
|
VRRP |
Yes |
Yes |
|
Device failure detection |
Yes |
Yes |
|
Link failure detection |
Yes |
Yes |
|
Authentication for new HA members |
Yes |
Yes |
|
Encryption of HA traffic |
Yes |
Yes |
|
System Management |
|
WebUI (HTTP and HTTPS) |
Yes |
Yes |
|
Command line interface (console) |
Yes |
Yes |
|
Command line interface (telnet) |
Yes |
Yes |
|
Command line interface (SSH) |
Yes v1.5 and v2.0 compatible |
Yes v1.5 and v2.0 compatible |
|
Network and Security Manager (NSM) |
Yes |
Yes |
|
All management via VPN tunnel on any interface |
Yes |
Yes |
|
Rapid deployment |
Yes |
Yes |
|
Administration |
|
Local administrator database size |
20 |
20 |
|
External administrator database support |
RADIUS, RSA SecurID, LDAP |
RADIUS, RSA SecurID, LDAP |
|
Restricted administrative networks |
6 |
6 |
|
Root Admin, Admin and Read Only user levels |
Yes |
Yes |
|
Software upgrades |
TFTP, WebUL, NSM, SCP, USB |
TFTP, WebUL, NSM, SCP, USB |
|
Configuration rollback |
Yes |
Yes |
|
Logging/Monitoring |
|
Syslog (multiple servers) |
Yes - up to 4 servers |
Yes - up to 4 servers |
|
Email (two addresses) |
Yes |
Yes |
|
NetIQ WebTrends |
Yes |
Yes |
|
SNMP (v2) |
Yes |
Yes |
|
SNMP full custom MIB |
Yes |
Yes |
|
Traceroute |
Yes |
Yes |
|
VPN tunnel monitor |
Yes |
Yes |
|
External Flash |
|
Additional log storage |
USB 1.1 |
USB 1.1 |
|
Event logs and alarms |
Yes |
Yes |
|
System configuration script |
Yes |
Yes |
|
ScreenOS Software |
Yes |
Yes |
(1) Some features and functionality only supported in releases greater than ScreenOS 5.4.
(2) Performance, capacity and features listed are based upon systems running ScreenOS 6.2 and are the measured maximums under ideal testing conditions
unless otherwise noted. Actual results may vary based on ScreenOS release and deployment. For a complete list of supported ScreenOS versions for SSG Series
gateways, please visit the Juniper Customer Support Center (www.juniper.net/customers/support/) and click on ScreenOS Software Downloads
(3) IMIX stands for Internet mix and is more demanding than a single packet size as it represents a traffic mix that is more typical of a customer’s network.
The IMIX traffic used is made up of 58.33% 64 byte packets + 33.33% 570 byte packets + 8.33% 1518 byte packets of UDP traffic.
(4) UTM Security features (IPS/Deep Inspection, antivirus, anti-spam and Web filtering) are delivered by annual subscriptions purchased separately from Juniper
Networks. Annual subscriptions provide signature updates and associated support. The high memory option is required for UTM Security features.
(5) Redirect Web filtering sends traffic from the firewall to a secondary server. The redirect feature is free, however it does require the purchase of a separate
Web filtering license from either Websense or SurfControl.
(6) NAT, PAT, policy-based NAT, virtual IP, mapped IP, virtual systems, virtual routers, VLANs, OSPF, BGP, RIPv2, active/active HA and IP address assignment are
not available in layer 2 transparent mode.
(7) Active/passive and active/active HA requires the purchase of an Extended License. In addition to the HA features, an Extended License key increases a subset of
the capacities as outlined below. Active/active HA is only supported in ScreenOS 6.0 or greater releases.
SSG Series Comparison Matrix:
| Model: |
SSG5 Wired /
Wireless |
SSG20 Wired /
Wireless |
SSG140 |
SSG320M |
SSG350M |
SSG520M |
SSG550M |
 |
 |
 |
 |
 |
 |
 |
|
Interfaces |
7 10/100 with Factory
Configured V.92 or ISDN
BRI S/T or RS232
Serial/AUX. Optional
802.11a/b/g |
5 10/100 + 2 I/O slots
supporting T1, E1, V.92,
ISDN BRI S/T, SFP, Serial, or ADSL2+, Optional 802.11a/b/g |
8 10/100 + 2 10/100/1000 +
4 I/O slots supporting T1,
E1, ISDN BRI S/T, Serial, ADSL2+, G.SHDSL, 10/100/1000, SFP |
4 10/100/1000 and 3 I/O slots
supporting Serial, T1, E1, ADSL, ADSL2, ADSL2+, G.SHDSL |
4 10/100/1000 and 5 I/O slots
supporting Serial, T1, E1, ADSL, ADSL2, ADSL2+, G.SHDSL |
4 10/100/1000 and 6 I/O slots,
supporting SFP, FE, Serial, T1, E1, DS3, E3, ADSL2+, G.SHDSL, 10/100/1000 |
4 10/100/1000 and 6 I/O slots,
supporting SFP, FE, Serial, T1, E1, DS3, E3, ADSL2+, G.SHDSL, 10/100/1000 |
|
Max Throughput |
160 Mb firewall
40 Mb 3DES VPN |
160
Mb firewall 40 Mb 3DES VPN |
350+ Mb firewall 100 Mb 3DES VPN |
450+ Mb firewall 175 Mb 3DES VPN 175,000
packets per second |
550+ Mb firewall 225 Mb 3DES VPN 225,000
packets per second |
650+ Mb firewall 300 Mb 3DES VPN 300,000
packets per second |
1+
Gb firewall 500 Mb 3DES VPN 600,000
packets per second |
|
Max Sessions |
8,000/1,600 |
8,000/1,600 |
48,000 |
64,000 |
128,000 |
128,000 |
256,000 |
|
Max VPN Tunnels |
25/40 |
25/40 |
500 |
500 |
500 |
500 |
1,000 |
|
Max Policies |
200 |
200 |
1,000 |
2,000 |
2,000 |
4,000 |
4,000 |
|
Virtual Systems |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
|
Virtual LANs |
10/50 |
10/50 |
100 |
125 |
125 |
125 |
150 |
|
Security Zones |
8 |
8 |
40 |
40 |
40 |
60 |
60 |
|
Virtual Routers |
3 |
3 |
6 |
5 |
8 |
11 |
16 |
|
High Availability |
Dial Backup, A/P, A/A |
Dial Backup, A/P, A/A |
A/P, A/A |
A/P, A/A |
A/P, A/A |
A/P, A/A |
A/P, A/A |
|
Routing |
OSPF, BGP, RIPv1/v2,
along with Frame Relay, Multilink Frame Relay, PPP, HDLC |
OSPF, BGP, RIPv1/v2, along with
Frame Relay, Multilink Frame Relay, PPP, Multilink PPP, HDLC |
OSPF, BGP, RIPv1/v2, along with
Frame Relay, Multilink Frame Relay, PPP, Multilink PPP, HDLC |
OSPF, BGP, RIPv1/v2, along with
Frame Relay, Multilink Frame Relay, PPP, Multilink PPP, HDLC |
OSPF, BGP, RIPv1/v2, along with
Frame Relay, Multilink Frame Relay, PPP, Multilink PPP, HDLC |
OSPF, BGP, RIPv1/v2, along with
Frame Relay, Multilink Frame Relay, PPP, Multilink PPP, HDLC |
OSPF, BGP, RIPv1/v2, along with
Frame Relay, Multilink Frame Relay, PPP, Multilink PPP, HDLC |
|
Deep Inspection/IPS |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
|
Integrated Antivirus |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
Integrated Anti-Spam |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Web Filtering
(Integrated/ External) |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
|
SSG Series Appliances |
| Juniper Networks Secure Services Gateway 20 with 2 port Mini-PIM slots, Wireless 802.11a/b/g, 128 MB Memory |
#SSG-20-SB-W-US
List Price: $1,150.00
Our Price: $885.00 |
|
Juniper Networks Secure Services Gateway 20 with 2 port Mini-PIM slots, Wireless 802.11a/b/g, 256 MB memory
Note: This Model is required to run Anti-Virus or Deep Inspection Services |
#SSG-20-SH-W-US
List Price: $1,350.00
Our Price: $1,039.00 |
|
|
First Year Subscriptions Main Office Content Security |
One Year Security Subscription for SMB
on SSG20
- Includes Antivirus, Web Filtering, Antispam
and IDP |
#NS-SMB-CS-SSG20
List Price: $693.00 |
|
Two Year Security Subscription for SMB
on SSG20
- Includes Antivirus, Web Filtering, Antispam
and IDP |
#NS-SMB-CS-SSG20-2
List Price: $1,109.00 |
|
Three Year Security Subscription for SMB
on SSG20
- Includes Antivirus, Web Filtering, Antispam
and IDP |
#NS-SMB-CS-SSG20-3
List Price: $1,594.00 |
|
|
Renewal Subscriptions Main Office Content Security |
One Year Renewal Security Subscription for SMB
on SSG20
- Includes Antivirus, Web Filtering, Antispam
and IDP |
#NS-SMB-CS-SSG20-R
List Price: $693.00 |
|
Two Year Renewal Subscription for SMB
on SSG20
- Includes Antivirus, Web Filtering, Antispam
and IDP |
#NS-SMB-CS-SSG20-2-R
List Price: $1,109.00 |
|
Three Year Renewal Subscription for SMB
on SSG20
- Includes Antivirus, Web Filtering, Antispam
and IDP |
#NS-SMB-CS-SSG20-3-R
List Price: $1,594.00 |
|
|
First Year Subscriptions Remote and Branch Office Integrated Content Security |
One Year Security Subscription for Remote Branch Office on SSG20
- Includes Antivirus,
Web Filtering, and Deep Inspection |
#NS-RBO-CS-SSG20
List Price: $544.00 |
|
Two Year Security Subscription for Remote Branch Office on SSG20
- Includes Antivirus,
Web Filtering, and Deep Inspection |
#NS-RBO-CS-SSG20-2
List Price: $870.00 |
|
Three Year Security Subscription for Remote Branch Office on SSG20
- Includes Antivirus, Web Filtering, and Deep Inspection |
#NS-RBO-CS-SSG20-3
List Price: $1,251.00 |
|
|
Renewal Subscriptions Remote and Branch Office Integrated Content Security |
One Year Renewal Security Subscription for Remote Branch Office on SSG20
- Includes Antivirus,
Web Filtering, and Deep Inspection |
#NS-RBO-CS-SSG20-R
List Price: $544.00 |
|
Two Year Renewal Security Subscription for Remote Branch Office on SSG20
- Includes Antivirus,
Web Filtering, and Deep Inspection |
#NS-RBO-CS-SSG20-2-R
List Price: $870.00 |
|
Three Year Renewal Security Subscription for Remote Branch Office on SSG20
- Includes Antivirus, Web Filtering, and Deep Inspection |
#NS-RBO-CS-SSG20-3-R
List Price: $1,251.00 |
|
|
Use our Quote Form to request additional subscription pricing |
|
SSG Interface Modules |
| 1 port ADSL2+ Annex A Mini Physical Interface Module |
#JXM-1ADSL2-A-S
List Price: $600.00 |
|
| 1 port ADSL2+ Annex B Mini Physical Interface Module |
#JXM-1ADSL2-B-S
List Price: $600.00 |
|
| 1 port ISDN S/T BRI Mini Physical Interface Module |
#JXM-1BRI-ST-S
List Price: $400.00 |
|
| 1 port E1 Mini Physical Interface Module |
#JXM-1E1-S
List Price: $700.00 |
|
1 port Sync Serial Mini Physical Interface Module
Note: Requires ScreenOS 6.0 or later. |
#JXM-1SERIAL-S
List Price: $400.00 |
|
1 port Small Form-Factor pluggable (SFP) Mini Physical Interface Module
(Tranceiver purchased separately)
Note: Requires ScreenOS 6.0 or later. |
#JXM-1SFP-S
List Price: $1,000.00 |
|
| 1 port T1 Mini Physical Interface Module |
#JXM-1T1-S
List Price: $700.00 |
|
| 1 port v.92 Mini Physical Interface Module |
#JXM-1V92-S
List Price: $400.00 |
|
SFP 100BASE-FX Optical Transceiver, LC connector
Note: This will work in the 1-port SFP UPIM, not the 6-port SFP and not 1xSFP EPIM |
#JX-SFP-1FE-FX
List Price: $250.00 |
|
|
Accessories |
| 256MB DIMM Memory Upgrade for the SSG5 or SSG20 |
#SSG-5-20-MEM-256
List Price: $300.00 |
|
| Spare SSG5 & SSG20 Switching Power Supply, Power Cable |
#SSG-5-20-PWR-S-US
List Price: $60.00 |
|
| SSG5 and SSG20 Wireless Replacement Antenna |
#SSG-ANT
List Price: $50.00 |
|
| SSG5 and SSG20 WLAN Dual Band (2.4GHz and 5.0GHz) Directional Antenna with RP-TNC Connector, 3.5M cable Included. |
#SSG-ANT-DIR
List Price: $300.00 |
|
| SSG5 and SSG20 WLAN Dual Band (2.4GHz and 5.0GHz) Omni-Directional Antenna with RP-TNC Connector, 3.5M cable included. |
#SSG-ANT-OMNI
List Price: $250.00 |
|
| 10M (30 ft) Low Loss RF cable for SSG-ANT-DIR or SSG-ANT-OMNI with RP-TNC Connector |
#SSG-CEL-ANT-10M
List Price: $350.00 |
|
|
Juniper Networks SSG20 Wireless Appliance