Spec Sheet

ManualsBrandsJuniper ManualsEthernet SwitchEX3400 Network Switch

Data SheetEX3400 Ethernet Switch

• ACL counter for permitted packets

• Ability to add/remove/change ACL entries in middle of list

(ACL editing)

• L2-L4 ACL

• Trusted Network Connect (TNC) certified

• Static MAC authentication

• MAC-RADIUS

• Control plane denial-of-service (DoS) protection

• Firewall filter on me0 interface (control plane protection)

• Captive portal—Layer 2 interfaces

• Fallback authentication

• Media Access Control Security (MACsec)

Access Security

• MAC limiting

• Allowed MAC addresses, configurable per port

• Dynamic ARP inspection (DAI)

• Proxy ARP

• Static ARP support

• DHCP snooping

• 802.1X port-based

• 802.1X multiple supplicants

• 802.1X with VLAN assignment

• 802.1X with authentication bypass access (based on host

MAC address)

• 802.1X with VoIP VLAN support

• 802.1X dynamic access control list (ACL) based on RADIUS

attributes

• 802.1X supported EAP types: MD5, Transport Layer Security

(TLS), Tunneled Transport Layer Security (TTLS), Protected

Extensible Authentication Protocol (PEAP)

• IPv6 RA Guard

• IPv6 Neighbor Discovery Inspection

• Media Access Control security (MACsec)

High Availability

• Link aggregation:

• 802.3ad (LACP) support

• Number of link aggregation groups (LAGs) supported: 128

• Maximum number of ports per LAG: 16

• Tagged ports support in LAG

• Graceful Route Engine switchover (GRES) for IGMP v1/v2/

v3 snooping

• Nonstop routing (OSPF v1/v2/v3, RIP/RIPng, PIM)

• Nonstop software upgrade (NSSU)

Quality of Service (QoS)

• Layer 2 QoS

• Layer 3 QoS

• Ingress policing: two-rate three-color

• Hardware queues per port: 12 (8 unicast, 4 multicast)

• Scheduling methods (egress): Strict Priority (SP), SDWRR

• 802.1p, DiffServ code point (DSCP/IP) precedence trust and

marking

• L2-L4 classification criteria, including Interface, MAC

address, EtherType, 802.1p, VLAN, IP address, DSCP/IP

precedence, and TCP/UDP port numbers

• Congestion avoidance capabilities: Tail drop

Multicast

• IGMP snooping entries: 1000

• IGMP snooping

• IGMP v1/v2/v3

• PIM SM, PIM SSM, PIM DM

• VRF-Lite support for PIM and IBMP

• MLD v1/v2 snooping

• IGMP filter

• Multicast Source Discovery Protocol (MSDP)

• PIM for IPv6 multicast

Services and Manageability

• Junos OS CLI

• Web interface: Junos Web support

• Out-of-band management: Serial, 10/100BASE-T Ethernet

• ASCII configuration

• Rescue configuration

• Configuration rollback

• Image rollback

• Element management tools: Junos Space Network

Management Platform

• Real-time performance monitoring (RPM)

• SNMP: v1, v2c, v3

• Remote monitoring (RMON) (RFC 2819) Groups 1, 2, 3, 9

• Network Time Protocol (NTP)

• DHCP server

• DHCP client and DHCP proxy

• DHCP relay and helper

• VR-aware DHCP

• RADIUS authentication

• TACACS+ authentication

• SSHv2

• Secure copy

• HTTP/HTTPs

• DNS resolver

• System logging

• Temperature sensor

• Configuration backup via FTP/secure copy

• sFlow

• Interface range

• Port profile associations

• Uplink failure detection

• Zero Touch Provisioning using DHCP