|
|
SSG Series Appliances |
| Juniper Networks Secure Services Gateway 350M
with Base Memory (512MB), 5 PIM Slots, AC Power Supply,
ScreenOS, 19" Rack Mount |
#SSG-350M-SB
List Price: $4,500.00
Our Price: $3,465.00 |
|
Juniper Networks Secure Services Gateway 350M
with High Memory (1GB), 5 PIM Slots, AC Power Supply,
ScreenOS, 19" Rack Mount
Note: This Model is required
to run Anti-Virus or Deep Inspection Services |
#SSG-350M-SH
List Price: $5,000.00
Our Price: $3,850.00 |
|
More pricing below,
click here
SSG350M Overview:
The Juniper Networks SSG350M is a purpose-built,
modular security platform that delivers 550+ Mbps of
firewall traffic and 225 Mbps of IPsec VPN for medium-size
to large branch offices, regional offices, and enterprises.
The Juniper Networks SSG300 line consists of purpose-built
security appliances that deliver the ideal blend of
performance, security, routing, and LAN/WAN connectivity
for large, regional branch offices and medium-size,
standalone businesses. Traffic flowing in and out of
a regional office or business is protected from worms,
spyware, trojans, and malware by a complete set of Unified
Threat Management security features, including stateful
firewall, IPsec VPN, intrusion prevention system (IPS),
antivirus (includes anti-spyware, anti-adware, anti-phishing),
anti-spam, and Web filtering. The SSG300 line comprises
the SSG350M and the SSG320M Secure Services Gateways.
The Juniper Networks SSG300 line of secure services
gateways comprises high-performance security platforms
that help businesses stop internal and external attacks,
prevent unauthorized access, and achieve regulatory
compliance. The Juniper Networks SSG350M Secure Services
Gateway provides 500 Mbps of stateful firewall performance
and 225 Mbps of IPsec VPN performance, while the Juniper
Networks SSG320M Secure Services Gateway provides 400
Mbps of stateful firewall performance and 175 Mbps of
IPsec VPN performance.
These products focus on three key disciplines:
Security: Protection against worms, viruses,
trojans, spam, and emerging malware is delivered by
proven Unified Threat Management (UTM) security features
that are backed by best-in-class partners. To address
internal security requirements and facilitate regulatory
compliance, the SSG300 line supports an advanced set
of network protection features such as security zones,
virtual routers, and VLANs that allow administrators
to divide the network into distinct, secure domains,
each with their own unique security policy. Policies
protecting each security zone can include access control
rules and inspection by any of the supported UTM security
features.
The SSG350M deployed at a branch
office for secure Internet connectivity and site-to-site
VPN to corporate headquarters. Internal branch office
resources are protected with unique security policies
applied to each security zone.
Connectivity and Routing: The SSG300 line
provides four onboard 10/100/1000 interfaces complemented
by I/O expansion slots that can house a mix of LAN or
WAN interfaces, making the SSG300 line an extremely
flexible platform. The broad array of I/O options coupled
with WAN protocol and encapsulation support makes the
SSG300 line of gateways easily deployable as traditional
branch office routers or as consolidated security and
routing devices, which can help reduce CapEx and OpEx.
Access Control Enforcement: The SSG300 line
of gateways can act as enforcement points in a Juniper
Networks Unified Access Control deployment with the
simple addition of the Juniper Networks IC Series UAC
Appliances. The IC Series functions as a central policy
management engine by interacting with the SSG300 line
to augment or replace the firewall-based access control.
It grants/denies access based on more granular criteria,
including endpoint state and user identity in order
to accommodate the dramatic shifts in attack landscape
and user characteristics
In addition, Juniper Networks Professional Services
will collaborate with your team to identify goals, define
the deployment process, create or validate the network
design, and manage the deployment to its successful
conclusion. Whether it involves simple lab testing or
a major network implementation, Juniper Networks Professional
Services is there to help you ensure success.
Features & Benefits:
|
Features |
Features Description |
Benefits |
|
High performance |
Purpose-built platform is assembled from
custom-built hardware, powerful processing
and a security-specific operating system. |
Delivers performance headroom required to
protect against internal and external attacks
now and into the future. |
|
Best-in-class UTM security features |
UTM security features (antivirus, anti-spam,
Web filtering, IPS) stop all manner of viruses
and malware before they damage the network. |
Ensures that the network is protected against
all manner of attacks. |
|
Integrated antivirus |
Annually licensed antivirus engine is based
on Kaspersky Lab engine. |
Stops viruses, spyware, adware and other
malware. |
|
Integrated anti-spam |
Annually licensed anti-spam offering is
based on Symantec technology. |
Blocks unwanted email from known spammers
and phishers. |
|
Integrated Web filtering |
Annually licensed Web filtering solution
is based on Websense SurfControl technology. |
Controls/blocks access to malicious Web
sites. |
|
Integrated IPS (Deep Inspection) |
Annually licensed IPS engine is available
with Juniper Networks Deep Inspection Firewall
Signature Packs. |
Prevents application-level attacks from
flooding the network. |
|
Fixed Interfaces |
Four fixed 10/100/1000 interfaces, two USB
ports, one console port and one auxiliary
port are standard on all SSG300 line models. |
Provides high-speed LAN connectivity, future
connectivity, and flexible management. |
|
Network segmentation |
Bridge groups, security zones, virtual LANs
and virtual routers allow administrators
to deploy security policies to isolate guests,
wireless networks and regional servers or
databases.* |
Powerful capabilities facilitate deploying
security for various internal, external
and DMZ sub-groups on the network, to prevent
unauthorized access. |
|
Interface modularity |
Four SSG140 interface expansion slots support
optional T1, E1, ISDN BRI S/T, ADSL2+, G.SHDSL
and serial physical interface modules (PIMs),
and 10/100/1000 and SFP universal PIMs (uPIMs).** |
Delivers LAN and WAN connectivity options
on top of unmatched security to reduce costs
and extend investment protection. |
|
Robust routing engine |
Proven routing engine supports OSPF, BGP
and RIP v1/2 along with Frame Relay, Multilink
Frame Relay, PPP, Multilink PPP and HDLC. |
Enables the deployment of consolidated security
and routing device, thereby lowering operational
and capital expenditures. |
|
Juniper Network Unified Access Control
enforcement point |
Interacts with the centralized policy management
engine (IC Series) to enforce session-specific
access control policies using criteria such
as user identity, device security state,
and network location. |
Improves security posture in a cost-effective
manner by leveraging existing customer network
infrastructure components and best-in-class
technology. |
|
Management flexibility |
Use any one of three mechanisms, command
line interface (CLI), WebUI or Juniper Networks
Network and Security Manager (NSM) to securely
deploy, monitor and manage security policies. |
Enables management access from any location,
eliminating onsite visits thereby improving
response time and reducing operational costs. |
|
Auto-Connect VPN |
Automatically sets up and takes down VPN
tunnels between spoke sites in a hub-and-spoke
topology. |
Provides a scalable VPN solution for mesh
architectures with support for latency-sensitive
applications such as VoIP and video conferencing. |
|
World-class professional services |
From simple lab testing to major network
implementations, Juniper Networks Professional
Services will collaborate with your team
to identify goals, define the deployment
process, create or validate the network
design and manage the deployment. |
Transforms the network infrastructure to
ensure that it is secure, flexible, scalable
and reliable. |
* Bridge groups supported
only on uPIMs in ScreenOS 6.0 and greater releases
Product Options:
|
Option |
Option Description |
Applicable Products |
|
Network Equipment Building Systems (NEBS)
compliance |
NEBS-compliant versions of the SSG350M are
available. |
SSG350M |
|
DRAM |
All models in the SSG300 line are available
with 1 GB of DRAM. The SSG320M and SSG350M
are also available in 256 MB-DRAM versions. |
SSG320M and SSG350M |
|
Unified Threat Management / Content Security
(high memory option required) |
With the addition of licensing keys, the
SSG300 line can be configured with any combination
of the following best-in-class UTM and content
security functionality: antivirus (includes
anti-spyware, anti-phishing), IPS (Deep
Inspection firewall), Web filtering and/or
anti-spam. |
SSG320M high-memory model only
SSG350M high-memory model only |
|
I/O options |
Three (SSG320M) or five (SSG350M) expansion
slots support optional T1, E1, Serial, ADSL2+,
G.SHDSL, 10/100/1000, and SFP. |
SSG320M and SSG350M |
Technical Specifications:
|
Model: |
SSG320M |
SSG350M |
 |
|
|
Dimensions and Power |
|
Size (W x H x D) |
17.5 x 1.8 x 15.1 in
(44.5 x 4.5 x 38.3 cm) |
17.5 x 2.6 x 15.1 in
(44.5 x 6.6 x 38.3 cm) |
|
Weight |
15.0 lb (no interface modules)
6.8 kg |
25.0 lb (no interface modules + one power
supply) (11.34 kg) |
|
Rack mountable |
Yes, 1RU |
Yes, 1.5RU |
|
Power supply (AC) 100-240 VAC |
275 W |
300 W |
|
Average power consumption |
80 W (No PIMs) |
80 W (No PIMs) |
|
Maximum power consumption |
320 W |
350 W |
|
Input frequency |
47-63 Hz |
47-63 Hz |
|
Maximum current consumption |
100 – 240 VAC, 3.2 A – 1.3 A |
100 – 240 VAC, 3.5 A – 1.5 A |
|
Maximum Inrush current |
100 – 240 VAC, 42 A – 62 A |
100 – 240 VAC, 13 A – 75 A |
|
Average heat dissipation |
273 BTU (No PIMs) |
273 BTU (No PIMs) |
|
Maximum heat dissipation |
1091 BTU |
1195 BTU |
|
Power supply (DC) |
N/A |
-48 to -60 VDC, 300 watts |
|
Noise Level |
40.0 dB |
59.2 dB |
|
Certifications |
|
Safety Certifications |
CSA, TUV, CB |
CSA, TUV, CB |
|
Electromagnetic compatibility (EMC) certifications |
FCC class A, CE class A, C-Tick, VCCI class
A |
FCC class A, CE class A, C-Tick, VCCI class
A |
|
Network Equipment Building System (NEBS) |
No |
No |
|
Mean time between failures (MTBF) (Bellcore
model) |
7.2 years |
6.8 years |
|
Security Certification |
|
Common Criteria: EAL4 |
Future |
Future |
|
FIPS 140-2: Level 2 |
Future |
Future |
|
ICSA Firewall and VPN |
Yes |
Yes |
|
Environment |
|
Operating Temperature |
32° to 122° F (0° to 50° C) |
32° to 122° F (0° to 50° C) |
|
Non-Operating Temperature |
-4° to 158° F (-20° to 70° C) |
-4° to 158° F (-20° to 70° C) |
|
Humidity |
10% to 90% noncondensing |
10% to 90% noncondensing |
|
Model: |
SSG320M |
SSG350M |
|
|
|
|
Maximum Performance and Capacity(1) |
|
ScreenOS version tested |
ScreenOS 6.2 |
ScreenOS 6.2 |
|
Firewall performance (Large packets) |
450+ Mbps |
550+ Mbps |
|
Firewall performance (IMIX)(2) |
400 Mbps |
500 Mbps |
|
Firewall packets per second (64 byte) |
175,000 PPS |
225,000 PPS |
|
Advanced Encryption Standard (AES) 256+SHA-1
VPN performance |
175 Mbps |
225 Mbps |
|
3DES encryption +SHA-1 VPN performance |
175 Mbps |
225 Mbps |
|
Maximum concurrent sessions |
64,000 |
128,000 |
|
New sessions/second |
10,000 |
12,500 |
|
Maximum security policies |
2,000 |
2,000 |
|
Maximum users supported |
Unrestricted |
Unrestricted |
|
Convertible to Juniper Networks JUNOS
Software 8.0 or higher |
Yes |
Yes |
|
Network Connectivity |
|
Fixed I/O |
4 x 10/100/1000 |
4 x 10/100/1000 |
|
Physical Interface Module (PIM) slots |
3 |
5 |
|
WAN Interface options (PIMs) |
Serial, T1, E1, ADSL/ADSL2/ADSL2+, G.SHDSL |
Serial, T1, E1, ADSL/ADSL2/ADSL2+, G.SHDSL |
|
LAN Interface options (uPIMs) |
8x10/100/1000, 16x10/100/1000, and 6xSFP |
8x10/100/1000, 16x10/100/1000, and 6xSFP |
|
Firewall |
|
Network attack detection |
Yes |
Yes |
|
DoS and DDoS protection |
Yes |
Yes |
|
TCP reassembly for fragmented packet
protection |
Yes |
Yes |
|
Brute force attack mitigation |
Yes |
Yes |
|
SYN cookie protection |
Yes |
Yes |
|
Zone-based IP spoofing |
Yes |
Yes |
|
Malformed packet protection |
Yes |
Yes |
|
Unified Threat Management(3) |
|
IPS (Deep Inspection firewall) |
Yes |
Yes |
|
Protocol anomaly detection |
Yes |
Yes |
|
Stateful protocol signatures |
Yes |
Yes |
|
IPS/DI attack pattern obfuscation |
Yes |
Yes |
|
Antivirus |
Yes |
Yes |
|
Signature database |
200,000+ |
200,000+ |
|
Protocols scanned |
POP3, HTTP, SMTP, IMAP, FTP, IM |
POP3, HTTP, SMTP, IMAP, FTP, IM |
|
Anti-spyware |
Yes |
Yes |
|
Anti-adware |
Yes |
Yes |
|
Anti-keylogger |
Yes |
Yes |
|
Instant message AV |
Yes |
Yes |
|
Anti-spam |
Yes |
Yes |
|
Integrated URL filtering |
Yes |
Yes |
|
External filtering(4) |
Yes |
Yes |
|
VoIP Security |
|
H.323. Application-level gateway (ALG) |
Yes |
Yes |
|
SIP ALG |
Yes |
Yes |
|
MGCP ALG |
Yes |
Yes |
|
SCCP ALG |
Yes |
Yes |
|
Network Address Translation (NAT) for
VoIP protocols |
Yes |
Yes |
|
IPsec VPN |
|
Concurrent VPN tunnels |
500 |
500 |
|
Tunnel interfaces |
300 |
300 |
|
DES encryption (56-bit), 3DES encryption
(168-bit) and Advanced Encryption Standard
(AES) (256-bit) |
Yes |
Yes |
|
MD-5 and SHA-1 authentication |
Yes |
Yes |
|
Manual key, Internet Key Exchange (IKE),
IKEv2 with EAP public key infrastructure
(PKI) (X.509) |
Yes |
Yes |
|
Perfect forward secrecy (DH Groups) |
1,2,5 |
1,2,5 |
|
Prevent replay attack |
Yes |
Yes |
|
Remote access VPN |
Yes |
Yes |
|
Layer2 Tunneling Protocol (L2TP) within
IPsec |
Yes |
Yes |
|
IPsec Network Address Translation (NAT)
traversal |
Yes |
Yes |
|
Auto-Connect VPN |
Yes |
Yes |
|
Redundant VPN gateways |
Yes |
Yes |
|
User Authentication and Access Control |
|
Built-in (internal) database - user limit |
500 |
500 |
|
Third-party user authentication |
RADIUS, RSA SecureID, LDAP |
RADIUS, RSA SecureID, LDAP |
|
RADIUS Accounting |
Yes - start/stop |
Yes - start/stop |
|
XAUTH VPN authentication |
Yes |
Yes |
|
Web-based authentication |
Yes |
Yes |
|
802.1X authentication |
Yes |
Yes |
|
Unified Access Control (UAC) enforcement
point |
Yes |
Yes |
|
PKI Support |
|
PKI Certificate requests (PKCS 7 and
PKCS 10) |
Yes |
Yes |
|
Automated certificate enrollment (SCEP) |
Yes |
Yes |
|
Online Status Protocol (OCSP) |
Yes |
Yes |
|
Certificate Authorities supported |
VeriSign, Entrust, Microsoft, RSA Keon,
iPlanet (Netscape) Baltimore, DoD PKI |
VeriSign, Entrust, Microsoft, RSA Keon,
iPlanet (Netscape) Baltimore, DoD PKI |
|
Self-signed certificates |
Yes |
Yes |
|
Virtualization |
|
Maximum number of security zones |
40 |
40 |
|
Maximum number of virtual routers |
5 |
8 |
|
Bridge groups* |
Yes |
Yes |
|
Maximum number of VLANs |
125 |
125 |
|
Routing |
|
BGP instances |
8 |
8 |
|
BGP peers |
36 |
48 |
|
BGP routes |
10,000 |
10,000 |
|
OSPF instances |
3 |
3 |
|
OSPF routes |
10,000 |
10,000 |
|
RIP v1/v2 instances |
128 |
128 |
|
RIP v2 routes |
10,000 |
10,000 |
|
Static routes |
10,000 |
10,000 |
|
Source-based routing |
Yes |
Yes |
|
Policy-based routing |
Yes |
Yes |
|
Equal-cost multipath (ECMP) |
Yes |
Yes |
|
Multicast |
Yes |
Yes |
|
Reverse Path Forwarding (RPF) |
Yes |
Yes |
|
Internet Group Management Protocol (IGMP)
(v1,v2) |
Yes |
Yes |
|
IGMP Proxy |
Yes |
Yes |
|
PIM single mode |
Yes |
Yes |
|
PIM source-specific multicast |
Yes |
Yes |
|
Multicast inside IPsec tunnel |
Yes |
Yes |
|
Encapsulations |
|
Point-to-Point Protocol (PPP) |
Yes |
Yes |
|
Multilink Point-to-Point Protocol (MLPPP) |
Yes |
Yes |
|
MLPPP max physical interfaces |
6 |
10 |
|
Frame Relay |
Yes |
Yes |
|
Multilink Frame (MLFR) (FRF 15, FRF 16) |
Yes |
Yes |
|
MLFR max physical interfaces |
6 |
10 |
|
HDLC |
Yes |
Yes |
|
IPv6 |
|
Dual stack IPv4/IPv6 firewall and VPN |
Yes |
Yes |
|
IPv4 to/from IPv6 translations and encapsulations |
Yes |
Yes |
|
Syn-Cookie and Syn-Proxy DoS Attack Detection |
Yes |
Yes |
|
SIP, RTSP, Sun-RPC, and MS-RPC ALG’s |
Yes |
Yes |
|
RIPng |
Yes |
Yes |
|
BGP |
Yes |
Yes |
|
Transparent mode |
Yes |
Yes |
|
NSRP |
Yes |
Yes |
|
DHCPv6 Relay |
Yes |
Yes |
|
Mode of Operation |
|
Layer 2 (transparent) mode(5) |
Yes |
Yes |
|
Layer 3 (route and/or NAT) mode |
Yes |
Yes |
|
Address Translation |
|
Network Address Translation (NAT) |
Yes |
Yes |
|
Port Translation (PAT) |
Yes |
Yes |
|
Policy-based NAT/PAT (L2 and L3 mode) |
Yes |
Yes |
|
Mapped IP (MIP) (L3 mode) |
4,000 |
4,000 |
|
Virtual IP (VIP) (L3 mode) |
32 |
32 |
|
MIP/VIP Grouping (L3 mode) |
Yes |
Yes |
|
IP Address Assignment |
|
Static |
Yes |
Yes |
|
DHCP, PPPoE client |
Yes |
Yes |
|
Internal DHCP server |
Yes |
Yes |
|
DHCP relay |
Yes |
Yes |
|
Traffic Management Quality of Service
(QoS) |
|
Guaranteed bandwidth |
Yes - per policy |
Yes - per policy |
|
Maximum bandwidth |
Yes - per policy |
Yes - per policy |
|
Ingress traffic policing |
Yes |
Yes |
|
Priority-bandwidth utilization |
Yes |
Yes |
|
Differentiated Services stamping |
Yes - per policy |
Yes - per policy |
|
High Availability (HA)(7) |
|
Active/Active - L3 mode |
Yes |
Yes |
|
Active/Passive -Transparent & mode |
Yes |
Yes |
|
Configuration synchronization |
Yes |
Yes |
|
Session synchronization for firewall
and VPN |
Yes |
Yes |
|
VRRP |
Yes |
Yes |
|
Session failover for routing change |
Yes |
Yes |
|
Device failure detection |
Yes |
Yes |
|
Link failure detection |
Yes |
Yes |
|
Authentication for new HA members |
Yes |
Yes |
|
Encryption of HA traffic |
Yes |
Yes |
|
System Management |
|
WebUI (HTTP and HTTPS) |
Yes |
Yes |
|
Command line interface (console) |
Yes |
Yes |
|
Command line interface (telnet) |
Yes |
Yes |
|
Command line interface (SSH) |
Yes v1.5 and v2.0 compatible |
Yes v1.5 and v2.0 compatible |
|
Network and Security Manager (NSM) |
Yes |
Yes |
|
All management via VPN tunnel on any
interface |
Yes |
Yes |
|
Rapid deployment |
No |
No |
|
Administration |
|
Local administrator database size |
20 |
20 |
|
External administrator database support |
RADIUS, RSA SecurID, LDAP |
RADIUS, RSA SecurID, LDAP |
|
Restricted administrative networks |
50 |
50 |
|
Root Admin, Admin and Read Only user
levels |
Yes |
Yes |
|
Software upgrades |
TFTP, WebUL, NSM, SCP, USB |
TFTP, WebUL, NSM, SCP, USB |
|
Configuration rollback |
Yes |
Yes |
|
Logging/Monitoring |
|
Syslog (multiple servers) |
Yes - up to 4 servers |
Yes - up to 4 servers |
|
Email (two addresses) |
Yes |
Yes |
|
NetIQ WebTrends |
Yes |
Yes |
|
SNMP (v2) |
Yes |
Yes |
|
SNMP full custom MIB |
Yes |
Yes |
|
Traceroute |
Yes |
Yes |
|
VPN tunnel monitor |
Yes |
Yes |
|
External Flash |
|
Additional log storage |
USB 1.1 |
USB 1.1 |
|
Event logs and alarms |
Yes |
Yes |
|
System configuration script |
Yes |
Yes |
|
ScreenOS Software |
Yes |
Yes |
*Bridge groups supported
only on uPIMs in ScreenOS 6.0 and greater releases
(1) Performance, capacity and features listed are based
upon systems running ScreenOS 6.2 and are the measured
maximums under ideal testing conditions unless otherwise
noted. Actual results may vary based on ScreenOS release
and deployment. For a complete list of supported ScreenOS
versions for SSG Series gateways, please visit the Juniper
Customer Support Center (www.juniper.net/customers/support/)
and click on ScreenOS Software Downloads.
(2) IMIX stands for Internet mix and is more demanding
than a single packet size as it represents a traffic
mix that is more typical of a customer’s network. The
IMIX traffic used is made up of 58.33% 64 byte packets
+ 33.33% 570 byte packets + 8.33% 1518 byte packets
of UDP traffic.
(3) UTM Security features (IPS/Deep Inspection, antivirus,
anti-spam and Web filtering) are delivered by annual
subscriptions purchased separately from Juniper Networks.
Annual subscriptions provide signature updates and associated
support. The high memory option is required for UTM
Security features.
(4) Redirect Web filtering sends traffic from the firewall
to a secondary server. The redirect feature is free,
however it does require the purchase of a separate Web
filtering license from either Websense or SurfControl.
(5) NAT, PAT, policy-based NAT, virtual IP, mapped IP,
virtual systems, virtual routers, VLANs, OSPF, BGP,
RIPv2, active/active HA and IP address assignment are
not available in layer 2 transparent mode.
SSG Series Comparison Matrix:
|
Model: |
SSG5 Wired / Wireless |
SSG20 Wired / Wireless |
SSG140 |
SSG320M |
SSG350M |
SSG520M |
SSG550M |
 |
 |
 |
 |
 |
 |
 |
|
Interfaces |
7 10/100 with Factory Configured V.92 or
ISDN BRI S/T or RS232 Serial/AUX. Optional
802.11a/b/g |
5 10/100 + 2 I/O slots supporting T1, E1,
V.92, ISDN BRI S/T, SFP, Serial, or ADSL2+,
Optional 802.11a/b/g |
8 10/100 + 2 10/100/1000 + 4 I/O slots supporting
T1, E1, ISDN BRI S/T, Serial, ADSL2+, G.SHDSL,
10/100/1000, SFP |
4 10/100/1000 and 3 I/O slots supporting
Serial, T1, E1, ADSL, ADSL2, ADSL2+, G.SHDSL |
4 10/100/1000 and 5 I/O slots supporting
Serial, T1, E1, ADSL, ADSL2, ADSL2+, G.SHDSL |
4 10/100/1000 and 6 I/O slots, supporting
SFP, FE, Serial, T1, E1, DS3, E3, ADSL2+,
G.SHDSL, 10/100/1000 |
4 10/100/1000 and 6 I/O slots, supporting
SFP, FE, Serial, T1, E1, DS3, E3, ADSL2+,
G.SHDSL, 10/100/1000 |
|
Max Throughput |
160 Mb firewall 40 Mb 3DES VPN |
160 Mb firewall 40 Mb 3DES VPN |
350+ Mb firewall 100 Mb 3DES VPN |
450+ Mb firewall 175 Mb 3DES VPN 175,000
packets per second |
550+ Mb firewall 225 Mb 3DES VPN 225,000
packets per second |
650+ Mb firewall 300 Mb 3DES VPN 300,000
packets per second |
1+ Gb firewall 500 Mb 3DES VPN 600,000 packets
per second |
|
Max Sessions |
8,000/1,600 |
8,000/1,600 |
48,000 |
64,000 |
128,000 |
128,000 |
256,000 |
|
Max VPN Tunnels |
25/40 |
25/40 |
500 |
500 |
500 |
500 |
1,000 |
|
Max Policies |
200 |
200 |
1,000 |
2,000 |
2,000 |
4,000 |
4,000 |
|
Virtual Systems |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
|
Virtual LANs |
10/50 |
10/50 |
100 |
125 |
125 |
125 |
150 |
|
Security Zones |
8 |
8 |
40 |
40 |
40 |
60 |
60 |
|
Virtual Routers |
3 |
3 |
6 |
5 |
8 |
11 |
16 |
|
High Availability |
Dial Backup, A/P, A/A |
Dial Backup, A/P, A/A |
A/P, A/A |
A/P, A/A |
A/P, A/A |
A/P, A/A |
A/P, A/A |
|
Routing |
OSPF, BGP, RIPv1/v2, along with Frame Relay,
Multilink Frame Relay, PPP, HDLC |
OSPF, BGP, RIPv1/v2, along with Frame Relay,
Multilink Frame Relay, PPP, Multilink PPP,
HDLC |
OSPF, BGP, RIPv1/v2, along with Frame Relay,
Multilink Frame Relay, PPP, Multilink PPP,
HDLC |
OSPF, BGP, RIPv1/v2, along with Frame Relay,
Multilink Frame Relay, PPP, Multilink PPP,
HDLC |
OSPF, BGP, RIPv1/v2, along with Frame Relay,
Multilink Frame Relay, PPP, Multilink PPP,
HDLC |
OSPF, BGP, RIPv1/v2, along with Frame Relay,
Multilink Frame Relay, PPP, Multilink PPP,
HDLC |
OSPF, BGP, RIPv1/v2, along with Frame Relay,
Multilink Frame Relay, PPP, Multilink PPP,
HDLC |
|
Deep Inspection/IPS |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
Yes/No |
|
Integrated Antivirus |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
Integrated Anti-Spam |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Web Filtering
(Integrated/ External) |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
Yes/Yes |
|
SSG Series Appliances |
| Juniper Networks Secure Services Gateway 350M
with Base Memory (512MB), 5 PIM Slots, AC Power Supply,
ScreenOS, 19" Rack Mount |
#SSG-350M-SB
List Price: $4,500.00
Our Price: $3,465.00 |
|
Juniper Networks Secure Services Gateway 350M
with High Memory (1GB), 5 PIM Slots, AC Power Supply,
ScreenOS, 19" Rack Mount
Note: This Model is required
to run Anti-Virus or Deep Inspection Services |
#SSG-350M-SH
List Price: $5,000.00
Our Price: $3,850.00 |
|
|
First Year Subscriptions Main Office Content Security |
One Year Security Subscription for SMB on SSG350M
- Includes Antivirus, Web
Filtering, Antispam and IDP |
#NS-SMB-CS-SSG350
List Price: $3,080.00 |
|
Two Year Security Subscription for SMB on SSG350M
- Includes Antivirus, Web
Filtering, Antispam and IDP |
#NS-SMB-CS-SSG350-2
List Price: $4,928.00 |
|
Three Year Security Subscription for SMB on SSG350M
- Includes Antivirus, Web
Filtering, Antispam and IDP |
#NS-SMB-CS-SSG350-3
List Price: $7,084.00 |
|
|
Renewal Subscriptions Main Office Content Security |
One Year Renewal Security Subscription for SMB
on SSG350M
- Includes Antivirus, Web
Filtering, Antispam and IDP |
#NS-SMB-CS-SSG350-R
List Price: $3,080.00 |
|
Two Year Renewal Subscription for SMB on SSG350M
- Includes Antivirus, Web
Filtering, Antispam and IDP |
#NS-SMB-CS-SSG350-2-R
List Price: $4,928.00 |
|
Three Year Renewal Subscription for SMB on SSG350M
- Includes Antivirus, Web
Filtering, Antispam and IDP |
#NS-SMB-CS-SSG350-3-R
List Price: $7,084.00 |
|
|
First Year Subscriptions Remote and Branch Office
Integrated Content Security |
One Year Security Subscription for Remote Branch
Office on SSG350M
- Includes Antivirus, Web
Filtering, and Deep Inspection |
#NS-RBO-CS-SSG350
List Price: $2,450.00 |
|
Two Year Security Subscription for Remote Branch
Office on SSG350M
- Includes Antivirus, Web
Filtering, and Deep Inspection |
#NS-RBO-CS-SSG350-2
List Price: $3,920.00 |
|
Three Year Security Subscription for Remote Branch
Office on SSG350M
- Includes Antivirus, Web
Filtering, and Deep Inspection |
#NS-RBO-CS-SSG350-3
List Price: $5,635.00 |
|
|
Renewal Subscriptions Remote and Branch Office Integrated
Content Security |
One Year Renewal Security Subscription for Remote
Branch Office on SSG350M
- Includes Antivirus, Web
Filtering, and Deep Inspection |
#NS-RBO-CS-SSG350-R
List Price: $2,450.00 |
|
Two Year Renewal Security Subscription for Remote
Branch Office on SSG350M
- Includes Antivirus, Web
Filtering, and Deep Inspection |
#NS-RBO-CS-SSG350-2-R
List Price: $3,920.00 |
|
Three Year Renewal Security Subscription for
Remote Branch Office on SSG350M
- Includes Antivirus, Web
Filtering, and Deep Inspection |
#NS-RBO-CS-SSG350-3-R
List Price: $5,635.00 |
|
|
Use our
Quote Form to request
additional subscription pricing
|
|
SSG Interface Modules |
| 1 Port ISDN BRI - S/T Interface |
#JX-1BRI-ST-S
List Price: $500.00 |
|
1-Port ADSL2+ Annex A PIM - Supporting ADSL/ADSL2/ADSL2+
Annex A
Note: Requires ScreenOS
6.0 or later. |
#JX-1ADSL-A-S
List Price: $750.00 |
|
1-Port ADSL2+ Annex B PIM - Supporting ADSL/ADSL2/ADSL2+
Annex B
Note: Requires ScreenOS
6.0 or later. |
#JX-1ADSL-B-S
List Price: $750.00 |
|
| 2 Port E1 PIM with integrated CSU/DSU |
#JX-2E1-RJ48-S
List Price: $1,000.00 |
|
2 Port 2-wire or 1 Port 4-wire G.SDHSL PIM
Note: Requires ScreenOS
6.0 or later. |
#JX-2T1-RJ48-S
List Price: $950.00 |
|
| 2 Port T1 PIM with integrated CSU/DSU |
#JXM-1SERIAL-S
List Price: $1,000.00 |
|
SFP 100BASE-FX Optical Transceiver, LC connector
Note: This will work in
the 1-port SFP UPIM, not the 6-port SFP and not 1xSFP
EPIM |
#JX-SFP-1FE-FX
List Price: $250.00 |
|
| SFP 1000Base-LX Gigabit Optical Tranceiver SFP
Module |
#JX-SFP-1GE-LX
List Price: $995.00 |
|
| SFP 1000Base-SX Gigabit Optical Tranceiver Module |
#JX-SFP-1GE-SX
List Price: $500.00 |
|
| SFP 1000BASE-T Gigabit Copper Transceiver SFP
Module |
#JX-SFP-1GE-T
List Price: $400.00 |
|
| 16 Port Gigabit Ethernet 10/100/1000 Copper Double-height
Universal PIM |
#JXU-16GE-TX-S
List Price: $3,000.00 |
|
1 port Small Form-Factor pluggable (SFP) Universal
Physical Interface Module.
100M and 1000M SFP speeds
supported. (SFP Tranceiver purchased separately) |
#JXU-1SFP-S
List Price: $1,500.00 |
|
6 Port SFP Gigabit Ethernet Universal PIM
Note: SFPs sold separately.
Supports 1000M SFPs only |
#JXU-6GE-SFP-S
List Price: $3,000.00 |
|
| 8 Port Gigabit Ethernet 10/100/1000 Copper Universal
PIM |
#JXU-8GE-TX-S
List Price: $1,800.00 |
|
|
Accessories |
| 19" Rack mount kit for J2350 and SSG350M platforms |
#J2350-SSG350M-RMK-19
List Price: $175.00 |
|
| 23" Rack mount kit for J2350 & SSG350M |
#J2350-SSG350M-RMK-23
List Price: $200.00 |
|
1 Gigabyte RAM Memory Upgrade for the SSG500
series, SSG300 series
Note: This 1GB memory is
required to run Anti-Virus or Deep Inspection Services |
#SSG-500-MEM-1GB
List Price: $2,000.00 |
|
| Blank Spare plate for J-Series and SSG 100-300
Series |
#JX-Blank-FP-S
List Price: $30.00 |
|
| EIA530 cable (DTE) |
#JX-CBL-EIA530-DTE
List Price: $100.00 |
|
| RS232 cable (DTE) |
#JX-CBL-RS232-DTE
List Price: $100.00 |
|
| RS449 cable (DTE) |
#JX-CBL-RS449-DTE
List Price: $100.00 |
|
| V.35 cable (DTE) |
#JX-CBL-V35-DTE
List Price: $100.00 |
|
| X.21 cable (DTE) |
#JX-CBL-X21-DTE
List Price: $100.00 |
|
|
Juniper Networks SSG350M Appliance