| Specifications | |
| Software Specifications |
| Routing Protocols | • IPv4, IPv6, ISO, Connectionless Network Service (CLNS)
• Static routes
• RIP v1/v2
• OSPF/OSPF v3
• BGP with Route Reflector
• IS-IS
• Multicast: Internet Group Management Protocol (IGMP) v1/v2,
Protocol Independent Multicast (PIM) sparse mode (SM)/dense
mode (DM)/source-specific multicast (SSM), Session
Description Protocol (SDP), Distance Vector Multicast Routing
Protocol (DVMRP), Multicast Source Discovery Protocol
(MSDP), Reverse Path Forwarding (RPF)
• Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame
Relay, High-Level Data Link Control (HDLC), serial, Multilink
Point-to-Point Protocol (MLPPP), Multilink Frame Relay
(MLFR), and Point-to-Point Protocol over Ethernet (PPPoE)
• Virtual routers
• Policy-based routing, source-based routing
• Equal-cost multipath (ECMP) |
| QoS Features | • Support for 802.1p, DiffServ code point (DSCP), EXP
• Classification based on VLAN, data-link connection identifier
(DLCI), interface, bundles, or multifield filters
• Marking, policing, and shaping
• Classification and scheduling
• Weighted random early detection (WRED)
• Guaranteed and maximum bandwidth
• Ingress traffic policing
• Virtual channels
• Hierarchical shaping and policing |
| Switching Features | • ASIC-based Layer 2 Forwarding
• MAC address learning
• VLAN addressing and integrated routing and bridging (IRB)
support
• Link aggregation and LACP
• LLDP and LLDP-MED
• STP, RSTP, MSTP
• MVRP
• 802.1X authentication |
| Firewall Services | • Stateful and stateless firewall
• Zone-based firewall
• Screens and distributed denial of service (DDoS) protection
• Protection from protocol and traffic anomaly
• Integration with Pulse Unified Access Control (UAC)
• Integration with Aruba Clear Pass Policy Manager
• User role-based firewall
• SSL Inspection (Forward-proxy) |
| Network Address Translation (NAT) | • Source NAT with Port Address Translation (PAT)
• Bidirectional 1:1 static NAT
• Destination NAT with PAT
• Persistent NAT
• IPv6 address translation |
| VPN Features | • Tunnels: Site-to-Site, Hub and Spoke, Dynamic Endpoint,
AutoVPN, ADVPN, Group VPN (IPv4/ IPv6/ Dual Stack)
• Juniper Secure Connect: Remote access / SSL VPN
• Configuration payload: Yes
• IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AECCBC, AES-GCM, SuiteB
• IKE authentication algorithms: MD5, SHA-1, SHA-128,
SHA-256, SHA-384
• Authentication: Pre-shared key and public key infrastructure
(PKI) (X.509)
• IPsec (Internet Protocol Security): Authentication Header
(AH) / Encapsulating Security Payload (ESP) protocol
• IPsec Authentication Algorithms: hmac-md5, hmac-sha-196,
hmac-sha-256
• IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC,
AEC-CBC, AES-GCM, SuiteB
• Perfect forward secrecy, anti-reply
• Internet Key Exchange: IKEv1, IKEv2
• Monitoring: Standard-based dead peer detection (DPD)
support, VPN monitoring
• VPNs GRE, IP-in-IP, and MPLS
• Application and bandwidth usage reporting
• Auto installation
• Debug and troubleshooting tools
• Zero-Touch Provisioning with Contrail Service Orchestration |
| Network Services | • Dynamic Host Configuration Protocol (DHCP) client/server/
relay
• Domain Name System (DNS) proxy, dynamic DNS (DDNS)
• Juniper real-time performance monitoring (RPM) and IPmonitoring
• Juniper flow monitoring (J-Flow)1
• Bidirectional Forwarding Detection (BFD)
• Two-Way Active Measurement Protocol (TWAMP)
• IEEE 802.3ah Link Fault Management (LFM)
• IEEE 802.1ag Connectivity Fault Management (CFM) |
| High Availability Features | • Virtual Router Redundancy Protocol (VRRP)
• Stateful high availability
• Dual box clustering
• Active/passive
• Active/active
• Configuration synchronization
• Firewall session synchronization
• Device/link detection
• In-Band Cluster Upgrade (ICU)
• Dial on-demand backup interfaces
• IP monitoring with route and interface failover |
| Management, Automation, Logging, and Reporting | • SSH, Telnet, SNMP
• Smart image download
• Juniper CLI and Web UI
• Mist AI
– Simplified management
– WAN Assurance
• Security Director
• Security Director Cloud
• Juniper Secure Edge
• Python
• Junos OS event, commit, and OP script |
| Advanced Routing Services | • Packet mode
• MPLS (RSVP, LDP)
• Circuit cross-connect (CCC), translational cross-connect (TCC)
• L2/L3 MPLS VPN, pseudowires
• Virtual private LAN service (VPLS), next-generation multicast
VPN (NG-MVPN)
• MPLS traffic engineering and MPLS fast reroute |
| Application Security Services (Offered as advanced security services subscription licenses. ) | • Application visibility and control
• Application-based advanced policy-based routing
• Application-based advanced policy-based routing (APBR)
• Application-based link monitoring and switchover with
Application quality of experience (AppQoE) |
| Threat Defense and Intelligence Services | • Intrusion prevention
• Antivirus
• Antispam
• Category/reputation-based URL filtering
• Protection from botnets (command and control)
• Adaptive enforcement based on GeoIP
• Juniper Advanced Threat Prevention to detect and block zeroday attacks
• Adaptive Threat Profiling
• Encrypted Traffic Insights
• SecIntel to provide threat intelligence |
| Hardware Specifications |
| Connectivity | |
| Total onboard ports | 8x1GbE |
| Onboard RJ-45 ports | 6x1GbE |
| Onboard small form-factor pluggable (SFP) transceiver ports | 2x1GbE |
| MACsec-capable ports | 2x1GbE |
| Out-of-band (OOB) management ports | 0 |
| Mini PIM (WAN) slots | 0 |
| Console (RJ-45 + miniUSB) | 1 |
| USB 3.0 ports (type A) | 1 |
| PoE+ ports | N/A |
| Memory and Storage |
| System memory (RAM) | 4 GB |
| Storage | 8 GB |
| SSD slots | 0 |
| Dimensions and Power |
| Form factor | Desktop |
| Size (WxHxD) | 12.63 x 1.37 x 7.52 in.
(32.08 x 3.47 x 19.10 cm) |
| Weight (device and PSU) | 4.38 lb (1.98 kg) |
| Redundant PSU | No |
| Power supply | AC (external) |
| Rated DC voltage range | N/A |
| Rated DC operating voltage range | N/A |
| Maximum PoE power | N/A |
| Average power consumption | 24.9 W |
| Average heat dissipation | 85 BTU/h |
| Maximum current consumption | 0.346 A |
| Acoustic noise level | 0dB (fanless) |
| Airflow/cooling | Fanless |
| Environmental, Compliance, and Safety Certification |
| Operational temperature | (-4° to 140° F)
(-20° to 60° C) |
| Nonoperational temperature | (-4° to 158° F (-20° to 70° C) |
| Operating humidity | 10% to 90% noncondensing |
| Nonoperating humidity | 5% to 95% non-condensing |
| Meantime between failures (MTBF) | 44.5 years |
| FCC classification | Class A |
| RoHS compliance | RoHS 2 |
| FIPS 140-2 | Level 2 (Junos 19.2R1) |
| Common Criteria certification | NDPP, VPNEP, FWEP, IPSEP (based on Junos 19.2R1) |
| Performance and Scale |
| Parameter | |
| Routing with packet mode (64 B packet size) in Mbps | 300 |
| Routing with packet mode (IMIX packet size) in Mbps | 800 |
| Routing with packet mode (1,518 B packet size in Mbps | 1,500 |
| Stateful firewall (64 B packet size) in Kpps | 200 |
| Stateful firewall (IMIX packet size) in Mbps | 600 |
| Stateful firewall (1,518 B packet size) in Mbps | 1,900 |
| IPsec VPN (IMIX packet size) in Mbps | 116 |
| IPsec VPN (1,400 B packet size) in Mbps | 336 |
| Application visibility and control in Mbps | 500 |
| Recommended IPS in Mbps | 200 |
| Next-generation firewall in Mbps | 226 |
| Secure Web Access firewall in Mbps | 171 |
| Route table size (RIB/FIB) (IPv4 or IPv6) | 256,000/256,000 |
| Maximum concurrent sessions (IPv4 or IPv6) | 64,000 |
| Maximum security policies | 1,000 |
| Connections per second | 5,000 |
| NAT rules | 1,000 |
| MAC table size | 15,000 |
| IPsec VPN tunnels | 256 |
| Number of remote access/SSL VPN (concurrent) users | 25 |
| GRE tunnels | 256 |
| Maximum number of security zones | 16 |
| Maximum number of virtual routers | 32 |
| Maximum number of VLANs | 1,000 |
| AppID sessions | 16,000 |
| IPS sessions | 16,000 |
| URLF sessions | 16,000 |
