Spec Sheet

ManualsBrandsJuniper ManualsEthernet SwitchSRX300 Network Switch

Data SheetSRX300 Line of Services Gateways for the Branch

SRX300 Speciﬁcations

Soware Speciﬁcations

Routing Protocols

• IPv4, IPv6, ISO, Connectionless Network Service (CLNS)

• Static routes

• RIP v1/v2

• OSPF/OSPF v3

• BGP with Route Reflector

• IS-IS

• Multicast: Internet Group Management Protocol (IGMP)

v1/v2, Protocol Independent Multicast (PIM) sparse mode

(SM)/dense mode (DM)/source-specific multicast (SSM),

Session Description Protocol (SDP), Distance Vector

Multicast Routing Protocol (DVMRP), Multicast Source

Discovery Protocol (MSDP), Reverse Path Forwarding (RPF)

• Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame

Relay, High-Level Data Link Control (HDLC), serial, Multilink

Point-to-Point Protocol (MLPPP), Multilink Frame Relay

(MLFR), and Point-to-Point Protocol over Ethernet (PPPoE)

• Virtual routers

• Policy-based routing, source-based routing

• Equal-cost multipath (ECMP)

QoS Features

• Support for 802.1p, DiffServ code point (DSCP), EXP

• Classification based on VLAN, data-link connection

identifier (DLCI), interface, bundles, or multifield filters

• Marking, policing, and shaping

• Classification and scheduling

• Weighted random early detection (WRED)

• Guaranteed and maximum bandwidth

• Ingress traffic policing

• Virtual channels

Switching Features

• ASIC-based Layer 2 Forwarding

• MAC address learning

• VLAN addressing and integrated routing and bridging (IRB)

support

Firewall Services

• Stateful and stateless firewall

• Zone-based firewall

• Screens and distributed denial of service (DDoS) protection

• Protection from protocol and traffic anomaly

• Unified Access Control (UAC)

• Network Address Translation (NAT)

• Source NAT with Port Address Translation (PAT)

• Bidirectional 1:1 static NAT

• Destination NAT with PAT

• Persistent NAT

• IPv6 address translation

• User role-based firewall

VPN Features

• Tunnels: Generic routing encapsulation (GRE), IP-IP, IPsec

• Site-site IPsec VPN, auto VPN, group VPN

• IPsec crypto algorithms: Data Encryption Standard (DES),

triple DES (3DES), Advanced Encryption Standard (AES-256)

• IPsec authentication algorithms: MD5, SHA-1, SHA-128,

SHA-256

• Pre-shared key and public key infrastructure (PKI) (X.509)

• Perfect forward secrecy, anti-reply

• IPv4 and IPv6 IPsec VPN

• Multi-proxy ID for site-site VPN

• Internet Key Exchange (IKEv1, IKEv2), NAT-T

• Virtual router and quality-of-service (QoS) aware

• Standard-based dead peer detection (DPD) support

Network Services

• Dynamic Host Configuration Protocol (DHCP) client/server/

relay

• Domain Name System (DNS) proxy, dynamic DNS (DDNS)

• Juniper real-time performance monitoring (RPM) and IP-

monitoring

• Juniper flow monitoring (J-Flow)

High Availability Features

• Virtual Router Redundancy Protocol (VRRP)

• Stateful high availability

- Dual box clustering

- Active/passive

- Active/active

- Configuration synchronization

- Firewall session synchronization

- Device/link detection

• Dial on-demand backup interfaces

• IP monitoring with route and interface failover

Management, Automation, Logging, and Reporting

• SSH, Telnet, SNMP

• Smart image download

• Juniper CLI and Web UI

• Junos Space and Security Director

• Python

• Junos OS event, commit, and OP script

• Application and bandwidth usage reporting

• Auto installation

• Debug and troubleshooting tools

Advanced Routing Services

• MPLS (RSVP, LDP)

• Circuit cross-connect (CCC), translational cross-connect

(TCC)

• L2/L3 MPLS VPN, pseudowires

• Virtual private LAN service (VPLS), next-generation

multicast VPN (NG-MVPN)

• MPLS traffic engineering and MPLS fast reroute

Available as part of Juniper Secure Edge (JSE) software package.