Juniper Networks 710008-001 User Manual

FW/IPSec VPN Buyer’s Guide

   

        

 

Copyright © 2004, Juniper Networks, Inc.                                                                                                               13 

Device, itself, provides 
redundancy: 

o  Solid-state 
o  Redundant 

components 
(fans/power supplies) 

o  Port Density 

 
 

Yes 
Yes 

 
 

Yes 

 

 

Supports dynamic routing 
protocols: 

o  OSPF 
o  BGP 
o  RIP 

 
 

Yes 
Yes 
Yes 

 

Enables the survival of 
failures at the transport level 
–needed for other 
components of resiliency 

High Availability (HA) 
Configurations to reduce single 
point of failure:  

o  Stateful (sharing 

session information) to 
maintain connections 

o  VPN sync (sharing 

VPN information to 
maintain security 
association in the 
event of a failure) 

o  Active-passive HA 

(one device 
processing traffic, with 
the second device as a 
back-up) 

o  Active-active HA (both 

devices processing 
traffic) 

o  Active-active, full-

mesh HA to survive a 
failure up or 
downstream from 
device 

 
 
 

Yes 

 
 

Yes 

 
 
 
 

Yes 

 
 
 
 

Yes 

 
 

Yes 

 

 

 
 
 
 
 
 

Redundant physical 
connections (e.g. connections 
to different service providers) 

 
 

Yes 

 

 
Note: need to support 
dynamic routing to do this 

Alternate transport options, 
such as:  

o  DSL  
o  Dial back-up 

 
 

Yes 
Yes 

 

 

A high Mean Time Before 
Failure (MTBF) expectancy  

Yes, using Bellcore 

MTBF calculations 

 

 

VPN Specific 
Ability to run dynamic routing 
through its tunnels to 
automatically learn the network 
and route around failures 

 

Yes, Dynamic Route-

based VPNs (Best 

Path VPNs) 

 

 

Product’s HA performs VPN 
sync (sharing VPN state 
information) to maintain the 
VPN connection in the event of 
a failure 

 
 
 

Yes  

 

Note: most routers cannot 
offer this functionality