Juniper SRX 3600 SRX3600BASE-AC Manual De Usuario
Los códigos de productos
SRX3600BASE-AC
3
Product Line Highlights:
• appSecure is a suite of next-generation security capabilities that utilize advanced
application identification and classification to deliver greater visibility, enforcement,
control, and protection over the network.
control, and protection over the network.
• vGw virtual Gateway, a comprehensive virtualization security solution that includes
integrated stateful inspection firewalling, intrusion detection, compliance monitoring
and enforcement, as well as on-access and on-demand antivirus scanning.
and enforcement, as well as on-access and on-demand antivirus scanning.
• complete set of unified threat Management (utM) security features—including
stateful firewall, application security, intrusion prevention, antivirus, antispyware, anti-
adware, and antiphishing), antispam, and web filtering—stops worms, spyware, trojans,
malware, and other emerging attacks.
adware, and antiphishing), antispam, and web filtering—stops worms, spyware, trojans,
malware, and other emerging attacks.
• centralized, policy-based management minimizes the chance of overlooking security
holes by simplifying rollout and network-wide updates.
• technologies make it easy for administrators to divide the network into secure
segments.
• various high availability (Ha) options offer the best redundant capabilities for any
given network.
• rapid-deployment features, including auto connect vPN and Dynamic vPN
services, help minimize the administrative burden associated with widespread iPsec
deployments.
deployments.
Perimeter Defense Begins with Network-Level
Protection
to protect against network-level attacks, Juniper Networks devices use a dynamic packet
filtering method known as stateful inspection to unmask malicious traffic. with this
method, firewalls collect information on various components in a packet header, including
source and destination iP addresses, source and destination port numbers, and packet
sequence numbers. when a responding packet arrives, the firewall will compare the
information reported in its header with the state of its associated session. if they do not
match, the firewall will execute the actions specified in the security policy, which typically
involves dropping the packet and logging the action.
filtering method known as stateful inspection to unmask malicious traffic. with this
method, firewalls collect information on various components in a packet header, including
source and destination iP addresses, source and destination port numbers, and packet
sequence numbers. when a responding packet arrives, the firewall will compare the
information reported in its header with the state of its associated session. if they do not
match, the firewall will execute the actions specified in the security policy, which typically
involves dropping the packet and logging the action.
Stateful inspection provides more security than other firewall technology such as packet
filtering because the traffic is examined under the context of the connection and not as
a collection of various packets. By default, the Juniper Networks firewall denies all traffic
in all directions. then, by using centralized, policy-based management, enterprises can
create security policies that define the parameters of traffic that is permitted to pass from
specified sources to specified destinations.
filtering because the traffic is examined under the context of the connection and not as
a collection of various packets. By default, the Juniper Networks firewall denies all traffic
in all directions. then, by using centralized, policy-based management, enterprises can
create security policies that define the parameters of traffic that is permitted to pass from
specified sources to specified destinations.
Secure, reliable waN connectivity also plays an important role in network-level protection.
By deploying robust virtual private networks (vPNs), remote sites can be securely
connected to other remote sites and to centralized data and applications using high-
bandwidth shared media such as the internet. Features such as auto connect vPN,
available on select models, can help ease the administration and management of vPNs,
particularly in hub-and-spoke topologies, allowing secure connections to be automatically
set up and taken down without manual configuration.
By deploying robust virtual private networks (vPNs), remote sites can be securely
connected to other remote sites and to centralized data and applications using high-
bandwidth shared media such as the internet. Features such as auto connect vPN,
available on select models, can help ease the administration and management of vPNs,
particularly in hub-and-spoke topologies, allowing secure connections to be automatically
set up and taken down without manual configuration.
Security platformS
• SRX100
• SRX110
• SRX210
• SRX220
• SRX240
• SRX550
• SRX650
• SRX1400
• SRX3400
• SRX3600
• SRX5600
• SRX5800
• SRX110
• SRX210
• SRX220
• SRX240
• SRX550
• SRX650
• SRX1400
• SRX3400
• SRX3600
• SRX5600
• SRX5800