Межсетевой экран Juniper NS-ISG-2000-DC

Технические характеристики Juniper NS-ISG-2000-DC: NetScreen-ISG 2000 Chassis, Advanced System, fan module, Dual DC Power Supplies, No I/O Modules, ScreenOS, 0 VSYS General Information Manufacturer: Juniper Product ID: NS-ISG-2000-DC Product Description: NetScreen-ISG 2000 Chassis, Advanced System, fan module, Dual DC Power Supplies, No I/O Modules, ScreenOS, 0 VSYS Product Type: Network Security/Firewall Appliance Marketing Information The Juniper Networks Integrated Security Gateway 2000 is purpose-built security solution that leverage a fourth generation security ASIC, the GigaScreen, along with high speed microprocessors to deliver unmatched firewall and VPN performance. The Juniper Networks ISG 2000 is ideally suited for securing enterprise, carrier and data center environments where advanced applications such as VoIP and streaming media dictate consistent, scalable performance. Integrating best-in-class Deep Inspection firewall, VPN and DoS solutions, the ISG 2000 enable secure, reliable connectivity along with network and application-level protection for critical, high traffic network segments. Technical Information Virtualization: 512000 x Concurrent Session 29000 x Concurrent Session 30000 x Policies 10000 x Concurrent VPN Tunnel 1024 x Tunnel Interface 26 x Security Zone Firewall Protection: Network Attack Detection Distributed Denial of Service (DDoS) Denial of Service (DoS) TCP Reassembly for Fragmented Packet Protection Malformed Packet Attack Deep Inspection Firewall Stateful Protocol Signature Web Filtering Replay Attack Prevention VPN Authentication Brute Force Attack Mitigation Cookie Blocking IP Spoofing Encryption Standard: DES 3DES (168-bit) AES Physical Characteristics Form Factor: Rack-mountable Height: 5.3" Width: 17.5" Depth: 23" Weight (Approximate): 52 lb Miscellaneous Additional Information: Up to four I/O modules and three security modules for IDP integration Rack mountable: 23" optional MTBF (Bellcore model): 7.6 years Deep Inspection attack pattern obfuscation CPU protection NAT for H.323/SIP Interfaces: Up to 8 Mini GBIC(SX or LX), up to 8 10/100/1000, up to 28 10/100 ports Mode of Operation: Layer 2 mode (transparent mode) Layer 3 mode (route and/or NAT mode) Policy-based NAT Mapped IP: 8192 Virtual IP: 8 Routing: OSPF/BGP dynamic routing: Up to 8 instances each RIP v1, RIP v2 dynamic routing: Up to 50 instances supported BGP dynamic routing: 64 instances, 128 peers Static routes: 20000 Source-based routing ECMP flow based routing High Availability: Active/Active Active/Passive Redundant interfaces Configuration synchronization Session synchronization for firewall and VPN Session failover for routing change Device failure detection Link failure detection Authentication for new HA members Encryption of HA traffic IP Address Assignment: Static DHCP relay Certificate Authorities Supported: Verisign Entrust Microsoft RSA Keon iPlanet (Netscape) Baltimore DOD PKI External Flash: CompactFlash: Supports 128 or 512 MB Industrial-Grade SanDisk System config script Certifications & Standards: Safety Certifications: UL CUL CSA CB EMC Certifications: FCC class A CE class A C-Tick VCCI class A IEEE: IEEE 802.3 IEEE 802.3u IEEE 802.3ab IEEE 802.3z IEEE 802.1Q Шлюз Juniper ISG2000 является полностью интегрированной системой для решения задач межсетевого экранирования, VPN-туннелирования и предотвращения вторжений. Его отличительными чертами являются поддержка мультигигабитных скоростей, модульная архитектура и широкие возможности для виртуализации. Пропускная способность шлюза для межсетевого экранирования составляет до 4 Гбит/с, а для дополнительной функции интегрированного обнаружения и предотвращения вторжений - до 2 Гбит/с. Базовая система для межсетевого экранирования/VPN-туннелирования поддерживает до 4 модулей ввода/вывода и трех модулей безопасности для интеграции функции обнаружения и предотвращения вторжений.