Spec Sheet
2
Data SheetSRX1500 Services Gateway
For the perimeter, the SRX1500 Services Gateway oers a
comprehensive suite of application security services, threat
defenses, and intelligence services to protect networks from
the latest content-borne threats. Integrated threat intelligence
via Juniper Networks Spotlight Secure oers adaptive threat
protection against command and control (C&C)-related botnets
and policy enforcement based on GeoIP. Integrating the Juniper
Networks Sky Advanced Threat Protection solution, the SRX1500
detects and enforces automated protection against known
malware and zero-day threats with a very high degree of accuracy.
The SRX1500 enables agile SecOps through automation
capabilities that support Zero Touch Deployment, Python scripts
for orchestration, and event scripting for operational management.
The SRX1500 Services Gateway runs Juniper Networks Junos
®
operating system, a proven, carrier-hardened network OS that
powers the top 100 service provider networks around the world.
The rigorously tested carrier-class routing features of IPv4/IPv6,
OSPF, BGP, and multicast have been proven in over 15 years of
worldwide deployments.
Features and Benefits
Business Requirement Feature/Solution SRX1500 Advantages
High performance Up to 9 Gbps of firewall
performance
• Best suited for enterprise campus and data center edge deployments
• Addresses future needs for scale and feature capacity
High quality end-user
experience
Application visibility and
control
• Detects 3,500+ Layer 3-7 applications, including Web 2.0
• Controls and prioritizes trac based on application and use role
• Inspects and detects applications inside the SSL encrypted trac
Threat protection Intrusion prevention system
(IPS), antivirus, anti-spam,
Spotlight Secure, Sky
Advanced Threat Prevention
• Provides real-time updates to IPS signatures and protects against exploits
• Implements industry-leading antivirus and URL filtering
• Delivers open threat intelligence platform that integrates with third-party feeds
• Protects against zero-day attacks
Professional-grade
networking services
Routing, switching, and secure
wire
• Supports carrier-class advanced routing, quality of service (QoS), and services
• Oers flexible deployment modes (L1/L2/L3)
Highly secure IPsec VPN, secure boot • Provides high-performance IPsec VPN with dedicated crypto engine
• Simplifies large VPN deployments with auto VPN and group VPN
• Verifies binaries that execute on the hardware with secure boot
High reliability Chassis cluster,
redundant power supply
• Provides stateful configuration and session synchronization
• Supports active/active and active/backup deployment scenarios
• Oers highly available hardware with dual PSU, dual boot storage
Easy to manage and scale On-box GUI, Security Director • Enables centralized management for auto provisioning, firewall policy
management, Network Address Translation (NAT), and IPsec VPN
deployments
• Includes simple easy-to-use on-box GUI for local management
Lower TCO Junos OS • Integrates routing, switching, and security in a single device
• Reduces OpEx with Junos OS automation capabilities
SRX1500
SRX1500 Services Gateway Specifications
Soware Specifications
Firewall Services
• Stateful and stateless firewall
• Zone-based firewall
• Screens and distributed denial of service (DDoS) protection
• Protection from protocol and traffic anomalies
• Unified Access Control (UAC)
Network Address Translation (NAT)
• Source NAT with Port Address Translation (PAT)
• Bidirectional 1:1 static NAT
• Destination NAT with PAT
• Persistent NAT
• IPv6 address translation
VPN Features
• Tunnels: Generic routing encapsulation (GRE), IP-IP, IPsec
• Site-site IPsec VPN, auto VPN, group VPN
• IPsec crypto algorithms: Data Encryption Standard (DES),
triple DES (3DES), Advanced Encryption Standard (AES-
256)
• IPsec authentication algorithms: MD5, SHA-1, SHA-128,
SHA-256
• Pre-shared key and public key infrastructure (PKI) (X.509)
• Perfect forward secrecy, anti-reply
• IPv4 and IPv6 IPsec VPN
• Multi-proxy ID for site-site VPN