Srx product presentation
Download
1 / 34

SRX Product Presentation - PowerPoint PPT Presentation


  • 226 Views
  • Uploaded on

SRX Product Presentation. Mike Flaum Product Marketing Manager April 23, 2009.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' SRX Product Presentation ' - cedric-valenzuela


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Srx product presentation

SRX Product Presentation

Mike Flaum

Product Marketing Manager

April 23, 2009


Legal statement

This statement of product direction sets forth Juniper Networks’ current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted on this statement.

This presentation is under NDA until May 4, 2009 for all customers, Partners, Resellers, Distributors or any person or entity outside of Juniper Networks.

Legal statement


Table of contents
Table of contents Networks’ current intention and is subject to change at

Distributed Enterprise

SRX Series Services Gateways - Product


Today s news
Today’s news Networks’ current intention and is subject to change at

New Distributed Enterprise Solutions

  • Best reach for a carrier-grade network OS

    • New SRX Services Gateway Series starting at $699

    • New entry-level EX Series Gigabit access switches

  • First Secure Router with integrated content security

    • Unified Threat Management and Intrusion Prevention Services now integrated into JUNOS software

  • Only “Support Engineer in a Box” service

    • Advanced Insight Solutions now available for branch products


Multi year trends in the enterprise
Multi-year trends in the enterprise Networks’ current intention and is subject to change at

Workforce Globalization

The Distributed Enterprise

Data/App Consolidation

Clients(billions)

Global High-Performance Network

Mega Data Centers(thousands)

Mobile

Home

Branch

Campus


Distributed enterprise realities
Distributed enterprise realities Networks’ current intention and is subject to change at

Global workforce centers

Thousands of employees

Headquarters in Sunnyvale

Why Does the Distributed Enterprise Need a High-Performance Network?

  • Secure and reliable transactions

  • Responsive and private applications

  • High-quality collaboration and communications

Hundreds of employees

Design center in Bangalore

Acquisition in Boston

  • Cost

  • Complexity

  • Risk

Regional Sales Office

Tens of employees

Service office

Sales office

A handful of employees


Using high performance networking to reduce complexity
Using high-performance networking Networks’ current intention and is subject to change at to reduce complexity

High-performance network

Scalable

OS #1

OS #2

OS #3

OS #4

Fast

Firewall/VPN

Switch

Router

Voice gateway

UTM

IPS

Access Control

Dynamic Services Architecture

Firewall/VPN

Switch

Router

Voice gateway

UTM

IPS

Access Control

Reliable

Secure

Simple

Juniper High-Performance Network

Legacy Network

Learn and configure one OS

Use fewer boxes

Simplifysoftwaremanagement

9.2

9.3

9.4


Solution portfolio
Solution portfolio Networks’ current intention and is subject to change at

SRX5000 Series

EX8216

SRX3000 Series

MX Series

SERVICES GATEWAYS

SRX650

EX8208

ROUTERS

SWITCHES

SRX240

EX4200

M Series

SRX210

EX3200

J Series

SRX100

EX2200

Unified Management (NSM)


Srx series service gateways

SRX SERIES SERVICE GATEWAYS Networks’ current intention and is subject to change at


Branch srx launch
Branch SRX Launch Networks’ current intention and is subject to change at


Three key market drivers

UTM Networks’ current intention and is subject to change at

IPS

Antispam

Web filtering

Antivirus

UAC

Content Filtering

Routing

Firewall

IPSec VPN

VoIP

Fax

WLAN AP

Power Over Ethernet

Security Camera

Analog

MPLS

Metro

Internet

PSTN

3G

Three key market drivers

LICENSED

FREE

CONSOLIDATION

Voice and Data

  • Network migration to multi-service platform—“Secure Router” instead of multiple appliances

  • Secure Router =

    • Router + Firewall + VPN + Switching

    • Unified Threat Management

Ethernet

Switching

NETWORK SECURITY

CONVERGENCE

  • VoIP Gateway and VoIP handsets

  • Power over Ethernet

  • Wireless Access Points

CONNECTIVITY

  • Internet

  • Metro Ethernet

  • MPLS

  • Wireless WAN 3G

  • PSTN


New srx services gateways leveraging juniper s dynamic services architecture

Advanced Networks’ current intention and is subject to change at

FW / VPN /ROUTING

license included

Full UTM

16 X Gigabit Ethernet

20X IPS performance

Up to 80% lower price

New SRX Services GatewaysLeveraging Juniper’s Dynamic Services Architecture

  • Highly configurable

    • Fixed, semi-modular, and modular form factors

    • Choice of WAN, wireless, and LAN interfaces

    • Available voice media gateway 

  • Extensive integration

    • Full suite of JUNOS routing and switching capabilities

    • Unmatched security, including FW, VPN, UTM, UAC, and full IPS

  • Exceptional performance and availability

    • Hardware-assisted Content Security Acceleration for ExpressAV and IPS

    • Control & data plane separation, redundant processing and power

  • Priced at $699, $1099, $2999, and $16000 (list)

 Roadmap


The srx branch portfolio 2009

NSM Networks’ current intention and is subject to change at

The SRX Branch portfolio 2009

SRX 650

+ More LAN slots, dual processors, dual P/S

SRX 240

+ 4 WAN slots, 16 x Gig E

Centrally managedby NSM

SRX 210

+ WAN slot, 2 x Gig E, PoE

SRX 100

Large Branch/Regional Office

Telecommuter/Small Office

Small to Medium Office


Typical deployment
Typical Deployment Networks’ current intention and is subject to change at


Srx series specification summary
SRX Series Specification Summary Networks’ current intention and is subject to change at

* Supported in JUNOS 9.6


Srx100

Q3 2009 Networks’ current intention and is subject to change at

SRX100

  • Ideal for micro-branch, managed telecommuters, SOHO

  • Fixed I/O—8 x 10/100 Ethernet ports

  • Full UTM features

    • IDP

    • Antivirus

    • Anti-spam

    • Web filtering

    • UAC Enforcement

    • UTM requires High Memory model (UTM, license), no CSA


Srx210

Q2 2009 Networks’ current intention and is subject to change at

SRX210

  • Ideal for Small branches

  • Full UTM features

    • IDP, Antivirus, Anti-spam, Web filtering, Content filtering

    • UAC Enforcement

    • UTM requires High Memory model

  • Available Voice version with mini-PIM options—Q3 2009

    • Factory-configured voice model (Q3 2009)


Srx240

Q2 2009 Networks’ current intention and is subject to change at

SRX240

  • Ideal for small–medium branches

  • Full UTM features

    • IDP, Antivirus, Anti-spam, Web filtering, Content filtering

    • UAC Enforcement

    • UTM requires High Memory model

  • Available Voice version with mini-PIM options—Q4 2009

    • Factory-configured voice model (Q4 2009)

* Supported in JUNOS 9.6


Srx650

Q2 2009 Networks’ current intention and is subject to change at

SRX650

  • Ideal for regional sites, large branches

  • Modular-

    • LAN switching

    • Services Routing Processors with optional redundancy (future)

    • power supplies with optional redundancy (at FRS)

    • voice configurations (field upgradable via PIMs in 2010)

  • Full UTM features

    • IDP, Antivirus, Anti-spam, Web filtering, Content filtering

    • UAC Enforcement

  • Max Gig E 52 ports (2 x 24 GE PIM + 4 integrated ports)

* Supported in JUNOS 9.6

*Supported in JUNOS 9.6


Srx210 with integrated convergence services

Q3 2009 Networks’ current intention and is subject to change at

SRX210 with Integrated Convergence Services

FXS ports – connect your analog phone or FAX machine here

E1/T1 or FXOs for carrier trunk or FXS for additional analog phones/ fax machines

FXO ports – connect to your wall phone socket

SRX Voice Elements

  • Survivable SIP server

  • SIP Media Gateway

  • SIP Security

  • Base and expandable voice ports

  • PoE Ports

  • PoE Ports scaling with EX switch


Juniper integrated convergence services stage 1 survivable media gateway

5 Networks’ current intention and is subject to change at

SIP VoIP

handset

5

X

2H 2009

X

Juniper Integrated Convergence ServicesStage 1: Survivable Media Gateway

SERVICE PROVIDERVOIP

Failover to PSTN

SIP Trunking to Corporate to PSTN (typical)

Local PSTN

Local PSTN

3

SIP

Soft Switch

SIP Trunking

“VoIP to PSTN” S.P. VoIP

Channelized

T-1 / E1/ FXO

4

CORPORATE OFFICE

INTERNET

SRX210 / SRX240

4

SIP VoIP

handset

4

SIP Server

3

3

3

WAN

MPLS

2

2

2

SIP VoIP handset to digital or analog phone

1

SIP Trunking

“Toll bypass”, “extension”

1

PBX,

Key System

Analog

FAX

Soft Phones

Digital

  • SIP Server and SIP Soft switch

Enterprise choice and flexibility

  • SIP standards

  • Choice of sip phones, call servers and applications


3g wireless wan
3G Wireless WAN Networks’ current intention and is subject to change at

Deployments-

Primary connection where wired broadband is not available

Back up connectivity with wired primary.

Out of band management, remote deployment.

Available on SRX210

2H 2009

Datacenter

HQ

INTERNET

3G Wireless

Dynamic VPN Services

SRX210

Branch

Retail

Regional


Branch wireless ap solution

Q4 2009 Networks’ current intention and is subject to change at

Branch Wireless AP Solution

  • Juniper 802.11n indoor Solution

    • Backwards compatible to .11a/b/g

    • Dual mode radio support 300Mbps (Aggregate)

    • Single radio 200Mbps (160Mbps typical)

    • Spatial Streams: 2x2:2, 2x3:2, 3x3:2

    • UL2043 Plenum rated for over ceiling mounting.

    • 50 Meter range (indoor)

    • Unit can be mounted on ceiling or wall

    • Virtual AP technology – Support of up to 16 simultaneous SSIDs

    • 802.11e WMM capable

  • 1 Gigabit Ethernet POE support

  • Optional External Power Supply

  • Serial Consol Support

  • L2 Managed by SRX Branch Products

  • Additional licensing cost for Branch SRX to manage multiple access points – Clusters of 4,8,16 APs.


Ethernet switching
Ethernet Switching Networks’ current intention and is subject to change at

SRX100

SRX210

SRX240

SRX650

Hardware (Onboard Ethernet)

  • SRX100

    • 8 Fixed 10/100 (Switched or Routed)

  • SRX210

    • Fixed 2 10/100/1000 + 6 10/100 (Switched or Routed)

    • 802.3af optional POE (2FE + 2GE)

  • SRX240

    • Fixed 16 Ports 10/100/1000 (Switched or Routed)

    • Power over Ethernet (optional all ports)

    • 802.3af, 802.3at

  • SRX650

    • Fixed 4 ports 10/100/1000 (Routed)

Software Features

  • 802.1Q VLAN support

    • Up to 4,096 VLAN support (platform dependent)

    • Routed VLAN Interface (RVI)

    • GARP VLAN Registration Protocol (GVRP)

    • QOS on VLAN interface

      • L3 Strict priority queuing (LLQ)

      • L3 Smoothed Deficit Weighted Round Robin (SDWRR)

      • L3 Weighted Random Early Discard (WRED)

      • L3 Per port and per queue shaping

  • 802.1x Port based Authentication

  • 802.3ad (AX) link aggregation*

  • STP, Spanning Tree Protocol

    • 802.1D Spanning Tree Protocol

    • 802.1S Multiple STP

    • 802.1w Rapid STP

  • Jumbo Frame Support (9,216 Byte)*

Hardware Ethernet PIMs

  • SRX Mini-PIM (SRX210/SRX240)

    • 1 Port SFP

  • 16 port GigE XPIM for SRX650

    • Double-high

    • Full-duplex 20 Gbps backplane

    • 16 port GE and optional PoE

  • 24 port GigE including 4 SFP slots XPIM for SRX650

    • Double-high - double-wide

    • Optional POE - 24 port GE with PoE incl 4 SFP slots

    • Full-duplex 20 Gbps backplane

  • Optics

    • SRX GE SFP LH | SRX GE SFP LX | SRX GE SFP SX |SRX GE SFP 1000 Base-T | SRX FE FX SFP

* Not supported on SRX100


Srx series firewall zones and policies
SRX Series—Firewall, Zones, and Policies Networks’ current intention and is subject to change at

ZONE “UNTRUST”

Originating Zone

INTERNET

Default Policy—Deny All

Default Policy—Allow All

SRX

Originating Zone

ZONE “TRUST”

ZONE “TRUST”


Unified threat management utm features
Unified Threat Management (UTM) Features Networks’ current intention and is subject to change at

External Threats

Internal Threats

INTERNET

IPS

Juniper IDP detects/stops Worms, Trojans, DoS (L4 & L7), Scans

Juniper IDP detects/stops Worms, Trojans, DoS (L4 & L7), Scans

Websense to block to unapproved site access

Web Filtering

Antivirus

Kaspersky Lab AV stops viruses, file-based trojans or spread of spyware, adware, keyloggers

Kaspersky Lab AV stops Viruses, file-based Trojans, Spyware, Adware, Keyloggers

Anti-spam

Symantec stops Spam / Phishing

SRX Series blocks transmission of files for Data Loss Prevention

Content Filtering

Core Security

Firewall, VPN, Unified Access Control

Firewall, VPN, Unified Access Control


Juniper networks unified access control uac

ISG Networks’ current intention and is subject to change at

SSG

NS

SRX

Juniper Networks Unified Access Control (UAC)

POLICY SERVER

Comprehensive, vendor-agnostic, standards-based access control across heterogeneous environments delivering investment protection

1

IC Series

Identity Stores

Authenticate User,

Profile Endpoint, Determine Location

1

2

Dynamically Provision Policy Enforcement

2

APPLICATIONS

3

Control Access to Protected Resources

Data

App

Internet

UAC Agent

EX Series

L2 Switch

Juniper Firewall Platforms

802.1X Switches & Access Points

UAC Enforcement Points


Remote access
Remote Access Networks’ current intention and is subject to change at

Dynamic VPN Service – Access Manager Client

A dynamic IPSEC Client that is automatically downloaded

5-user, 10-user, 25-user, 50-user (SRX240) license option with simultaneous tunnel enforcement

Supported on the SRX100, SRX210, and SRX240

Not supported on SRX650

Automatic client upgrade capabilities

Self-provisioning from SRX210, SRX240

IPSec with TCP-based fallback for NAT traversal

Initial release to support Windows platforms—XP, Vista, Win 2000

Q2 2009

Wireless

Wired

3G Wireless

INTERNET

Dynamic VPN Services

SRX210


Juniper unified management

ONE Networks’ current intention and is subject to change at

Web UI

J-Web

ONE

JUNOS

CLI, JUNOScript

Juniper Unified Management

  • Unified management across Juniper’s network infrastructure

  • Network lifecycle management—Provision, Monitor, and Troubleshoot

  • Consistent and Open standards NBI for easy integration with 3rd party NMS

SNMP, Syslog, XML

SNMP, Syslog

EMS

NMS

Visibility

Diagnostics

JUNOScope

Network & Security Manager (NSM)

Security Threat Response Manager

Advanced Insight Manager

NETWORK MANAGEMENT

NetConf, DMI, Syslog, Sflow

HTTP / HTTPS XML

Telnet, SSH, XML

ISG/IDP

SSL VPN

M Series

MX Series

Infranet Controller

SRX5600

Routing

Security

Switching


Network security manager
Network Security Manager Networks’ current intention and is subject to change at

  • Along with SRX, NSM Manages Juniper’s entire enterprise portfolio*

  • NSM is a great way to port ScreenOS customers over to a JUNOS solution and to help manage a mixed environment

  • Common Management also offers huge up-sell opportunity


Security threat response manager
Security Threat Response Manager Networks’ current intention and is subject to change at

  • STRM supports SRX Series

    • Intrusion Prevention System (IPS)

    • 220+ out-of-the box report templates

    • Fully customizable reporting engine: creating, branding and scheduling delivery of reports

    • Compliance reporting packages for PCI, SOX, FISMA, GLBA, and HIPAA

    • Reports based on control frameworks: NIST, ISO and CoBIT


Rapid deployment

Q4 2009 Networks’ current intention and is subject to change at

Rapid Deployment

  • Simplified deployment-

    • Eliminate need for-

      • Pre-staging device

      • IT at point of installation

  • Reduce -

    • Provisioning time

    • Installation cost

    • No “truck roll”

  • USB Loads startup config

  • Validation of start up config

  • Secure communication to NSM

SRX 210

6. SRX In Service

5. Download Running Config

1. Generate and export startup config to USB

  • A Unique ID for tracking purposes

  • Untrust Interface configuration

  • Configuration parameters to enable “registration” of device to management server

  • User/Password

  • Management Server IP Address/Domain Name

  • One time password

Network Security Manager


Juniper branch products ssg srx and j series products

SRX Networks’ current intention and is subject to change at

  • Unified Threat Management

    • Full IDP—Juniper

    • Antivirus—Kaspersky

    • Web filtering—Websense

    • Anti-spam—Symantec

  • VoIP

    • Juniper OpenCommunications

    • Power over Ethernet

  • FW, VPN, NAT, UAC

SSG140

J Series

  • FW, VPN, NAT, UAC

  • Routing, Switching, QOS, MPLS

  • WX—ISM 200 Application Acceleration

  • VoIP—Avaya Integ. Gway

  • Unified Threat Management

    • Full IDP—Juniper

    • Antivirus—Kaspersky

    • Web filtering—Websense

    • Anti-spam—Symantec

SSG Family

  • FW, VPN, NAT, UAC

  • IPv6 Security

  • Wireless (WLAN)

  • Unified Threat Management

    • Intrusion Prevention: DI

    • Antivirus—Kaspersky

    • Web filtering—Websense

    • Anti-spam—Symantec

SRX 100

SRX 210

SRX 240

SRX 650

ScreenOS

Juniper Branch ProductsSSG, SRX, and J Series Products

SSG20 Wireless

J2320

SSG5 Wireless

J2350

SSG320M

SSG520

SSG520M

J4350

SSG350M

SSG550

SSG550M

J6350


THANK Networks’ current intention and is subject to change at YOU


ad