Datasheet
4
NetScreen-5200 NetScreen-5400
VoIP Security
H.323 ALG Yes Yes
SIP ALG Yes Yes
MGCP ALG Yes Yes
SCCP ALG Yes Yes
NAT for VoIP protocols Yes Yes
IPsec VPN
Concurrent VPN tunnels
3
Up to 25,000 Up to 25,000
Tunnel interfaces
3
Up to 8,191 Up to 8,191
DES (56-bit), 3DES (168-bit) and AES encryption Yes Yes
MD-5 and SHA-1 authentication Yes Yes
Manual key, IKE, PKI (X.509), IKEv2 with EAP Yes Yes
Perfect forward secrecy (DH Groups) 1,2,5 1,2,5
Prevent replay attack Yes Yes
Remote access VPN Yes Yes
L2TP within IPsec Yes Yes
IPsec NAT traversal Yes Yes
Redundant VPN gateways Yes Yes
User Authentication and Access Control
Built-in (internal) database - user limit
3
Up to 50,000 Up to 50,000
Third-party user authentication RADIUS, RSA SecurID, and LDAP RADIUS, RSA SecurID, and LDAP
RADIUS Accounting Yes – start/stop Yes – start/stop
XAUTH VPN authentication Yes Yes
Web-based authentication Yes Yes
802.1X authentication Yes Yes
Unified access control enforcement point Yes Yes
PKI Support
PKI Certificate requests (PKCS 7 and PKCS 10) Yes Yes
Automated certificate enrollment (SCEP) Yes Yes
Online Certificate Status Protocol (OCSP) Yes Yes
Certificate Authorities supported VeriSign, Entrust, Microso, RSA Keon, iPlanet
(Netscape) Baltimore, DoD PKI
VeriSign, Entrust, Microso, RSA Keon, iPlanet
(Netscape) Baltimore, DoD PKI
Self-signed certificates Yes Yes
Virtualization
6
Maximum number of virtual systems 0 default, upgradeable to 500 0 default, upgradeable to 500
Maximum number of security zones 23 default, upgradeable to 1,023 23 default, upgradeable to 1,023
Maximum number of virtual routers 3 default, upgradeable to 503 3 default, upgradeable to 503
Maximum number of VLANs 4,093 4,093
Inter-VSYS Communication (shared-DMZ) Yes Yes
Routing
BGP instances 128 128
BGP peers 256 256
BGP routes 30,000 30,000
OSPF instances Up to 8 Up to 8
OSPF routes 30,000 30,000
Specifications (continued)