Datasheet

ManualsBrandsJuniper ManualsNetworkingSRX600-SRE6H

Speciﬁcations

Protocols

• IPv4, IPv6, ISO Connectionless Network Service (CLNS)

Routing and Multicast

• Static routes

• RIPv2 +v1

• OSPF/OSPFv3

• BGP

• BGP Router Reﬂector

• IS-IS

• Multicast (Internet Group Management Protocol (IGMPv1/2/3),

PIM-SM/DM/SSM, Session Description Protocol (SDP), Distance

Vector Multicast Routing Protocol (DVMRP), source-speciﬁc,

Multicast inside IPsec tunnel), MSDP

• MPLS (RSVP, LDP, Circuit Cross-connect (CCC), Translational

Cross-connect (TCC), Layer 2 VPN (VPLS), Layer 3 VPN, VPLS,

NGMVPN)

IP Address Management

• Static

• DHCP, PPPoE client

• Internal DHCP server, DHCP Relay

Address Translation

• Source NAT with Port Address Translation (PAT)

• Static NAT

• Destination NAT with PAT

• Persistent NAT, NAT64

Encapsulations

• Ethernet (MAC and VLAN tagged)

• Point-to-Point Protocol (PPP) (synchronous)

- Multilink Point-to-Point Protocol (MLPPP)

• Frame Relay

- Multilink Frame Relay (MLFR) (FRF.15, FRF.16), FRF.12, LFI

• High-Level Data Link Control (HDLC)

• Serial (RS-232, RS-449, X.21, V.35, EIA-530)

• 802.1q VLAN support

• Point-to-Point Protocol over Ethernet (PPPoE)

L2 Switching

• 802.1D, RSTP, MSTP, 802.3ad (LACP)

• 802.1x, LLDP, 802.1ad (Q-in-Q), IGMP Snooping

• Layer 2 switching with high availability

Trac Management Quality of Service (QoS)

• 802.1p, DSCP, EXP

• Marking, policing, and shaping

• Class-based queuing with prioritization

• Weighted random early detection (WRED)

• Queuing based on VLAN, data-link connection identiﬁer (DLCI),

interface, bundles, or multi-ﬁeld (MF) ﬁlters

• Guaranteed bandwidth

• Maximum bandwidth

• Ingress trac policing

• Priority-bandwidth utilization

• DiServ marking

• Virtual channels

Security

Firewall

• Firewall, zones, screens, policies

• Stateful ﬁrewall, stateless ﬁlters

• Network attack detection

• Screens denial of service (DoS) and provides distributed denial of

service (DDoS) protection (anomaly-based)

• Prevent replay attack; Anti-Replay

• Uniﬁed Access Control

- TCP reassembly for fragmented packet protection

- Brute force attack mitigation

- SYN cookie protection

- Zone-based IP spooﬁng

- Malformed packet protection

NGFW/UTM

• Intrusion Prevention System (IPS)

- Protocol anomaly detection

- Stateful protocol signatures

- Intrusion prevention system (IPS) attack pattern obfuscation

- User role-based policies

Unified Threat Management – antivirus, antispam, Web filtering, AppSecure, and IPS require individual subscription license. UTM is not supported on the low memory version. Please see the

ordering section for options.

BGP Route Reflector supported on SRX550 and SRX650. See ordering section for more information.

SRX100

SRX220 SRX240

SRX650

SRX210SRX110

SRX550