SSG-140-SH

Juniper Networks SSG 140 Secure Services Gateway SSG-140-SH Security Appliance

SSG-140-SH

Unlimited number of users

In Good Condition And Full Working Order

Includes Rack Mount Ears

Included:

• 1 x Juniper Networks SSG 140 Secure Services Gateway SSG-140-SH Security Appliance

Specification:

Maximum Performance and Capacity

• ScreenOS version tested: ScreenOS 6.2
• Firewall throughput (large packets): 350+ Mbps
• Firewall throughput (IMIX): 300 Mbps
• Firewall packets per second (64 byte): 90,000 PPS
• Advanced Encryption Standard (AES) 256+SHA-1 VPN throughput: 100 Mbps
• 3DES encryption +SHA-1 VPN throughput: 100 Mbps
• Maximum concurrent sessions: 48,000
• New sessions/second: 8,000
• Maximum security policies: 1,000
• Maximum users supported: Unrestricted

Network Connectivity

• Fixed I/O: 8x10/100, 2x10/100/1000
• Physical Interface Module (PIM) slots: 4
• Modular WAN/LAN interface options (PIMs/uPIMs): 2xT1, 2xE1, 2xSerial, 1xISDN BRI S/T SFP, 10/100/1000

Firewall

• Network attack detection: Yes
• DoS and DDoS protection: Yes
• TCP reassembly for fragmented packet protection: Yes
• Brute force attack mitigation: Yes
• SYN cookie protection: Yes
• Zone-based IP spoofing: Yes
• Malformed packet protection: Yes

Unified Threat Management

• IPS (Deep Inspection firewall): Yes
• Protocol anomaly detection: Yes
• Stateful protocol signatures: Yes
• IPS/DI attack pattern obfuscation: Yes
• Antivirus: Yes
• Signature database: 200,000+
• Protocols scanned: POP3, HTTP, SMTP, IMAP, FTP, IM
• Antispyware: Yes
• Antiadware: Yes
• Anti-keylogger: Yes
• Instant message AV: Yes
• Antispam: Yes
• Integrated URL filtering: Yes
• External URL filtering: Yes

VoIP Security

• H.323. Application-level gateway (ALG): Yes
• SIP ALG: Yes
• MGCP ALG: Yes
• SCCP ALG: Yes
• Network Address Translation (NAT) for VoIP protocols: Yes

IPsec VPN

• Concurrent VPN tunnels: 500
• Tunnel interfaces: 50
• DES encryption (56-bit), 3DES encryption (168-bit) and AES (256-bit): Yes
• MD-5 and SHA-1 authentication: Yes
• Manual key, Internet Key Exchange (IKE), IKEv2 with EAP public key infrastructure (PKI) (X.509): Yes
• Perfect forward secrecy (DH Groups): 1,2,5
• Prevent replay attack: Yes
• Remote access VPN: Yes
• Layer 2 Tunneling Protocol (L2TP) within IPsec: Yes
• IPsec Network Address Translation (NAT) traversal: Yes
• Auto-Connect VPN: Yes
• Redundant VPN gateways: Yes

User Authentication and Access Control

• Built-in (internal) database user limit: 250
• Third-party user authentication: RADIUS, RSA SecureID,LDAP
• RADIUS Accounting: Yes - start/stop
• XAUTH VPN authentication: Yes
• Web-based authentication: Yes
• 802.1X authentication: Yes
• Unified Access Control (UAC) enforcement point: Yes

PKI Support

• PKI certificate requests (PKCS 7 and PKCS 10): Yes
• Automated certificate enrollment (SCEP): Yes
• Online Certificate Status Protocol (OCSP): Yes
• Certificate Authorities supported: Verisign, Entrust, Microsoft, RSA Keon, iPlanet (Netscape) Baltimore, DOD PKI
• Self signed certificates: Yes

Virtualization

• Maximum number of security zones: 30
• Maximum number of virtual routers: 6
• Bridge groups*: Yes
• Maximum number of VLANs: 100

Routing

• BGP instances: 6
• BGP peers: 24
• BGP routes: 2,048
• OSPF instances: 3
• OSPF routes: 2,048
• RIPv1/v2 instances: 64
• RIP v2 routes: 2,048
• Static routes: 2,048
• Source-based routing: Yes
• Policy-based routing: Yes
• Equal-cost multipath (ECMP): Yes
• Multicast: Yes
• Reverse Forwarding Path (RFP): Yes
• Internet Group Management Protocol (IGMP) (v1, v2): Yes
• IGMP Proxy: Yes
• Protocol Independent Multicast (PIM) single mode: Yes
• PIM source-specific multicast: Yes
• Multicast inside IPsec tunnel: Yes

Encapsulations

• Point-to-Point Protocol (PPP): Yes
• Multilink Point-to-Point Protocol (MLPPP): Yes
• MLPPP max physical interfaces: 4
• Frame relay: Yes
• Multilink Frame Relay (MLFR) (FRF 15, FRF 16): Yes
• MLFR max physical interfaces: 4
• HDLC: Yes

IPv6

• Dual stack IPv4/IPv6 firewall and VPN: Yes
• IPv4 to/from IPv6 translations and encapsulations: Yes
• Syn-Cookie and Syn-Proxy DoS Attack Detection: Yes
• SIP, RTSP, Sun-RPC, and MS-RPC ALG's: Yes
• RIPng: Yes
• BGP: Yes
• Transparent mode: Yes
• NSRP: Yes
• DHCPv6 Relay: Yes

Mode of Operation

• Layer 2 (transparent) mode: Yes
• Layer 3 (route and/or NAT) mode: Yes
• Address Translation Network Address Translation (NAT): Yes
• Port Address Translation (PAT): Yes
• Policy-based NAT/PAT (L2 and L3 mode): Yes
• Mapped IP (MIP) (L3 mode): 1,500
• Virtual IP (VIP) (L3 mode): 16
• MIP/VIP Grouping (L3 mode): Yes

IP Address Assignment

• Static: Yes
• Dynamic Host Configuration Protocol (DHCP),Point-to-Point Protocol over Ethernet (PPPoE) client: Yes
• Internal DHCP server: Yes
• DHCP relay: Yes
• Traffic Management Quality of Service (QoS) Guaranteed bandwidth: Yes - per policy
• Maximum bandwidth: Yes - per policy
• Ingress traffic policing: Yes
• Priority-bandwidth utilization: Yes
• Differentiated Services marking: Yes - per policy

High Availability (HA)

• Active/active - L3 mode: Yes
• Active/passive - Transparent & L3 mode: Yes
• Configuration synchronization: Yes
• Session synchronization for firewall and VPN: Yes
• Session failover for routing change: Yes
• VRRP: Yes
• Device failure detection: Yes
• Link failure detection: Yes
• Authentication for new HA members: Yes
• Encryption of HA traffic: Yes

For more config and details , please contact customer service. Customer service 24 hours online.