Juniper SSG-5-SH-BTW-TW Fiche De Données
Datasheet
Page
SSG 20
SSG 5
Virtualization
Maximum number of configurable security zones 8
8
Maximum number of virtual routers
3
3
Maximum number of 802.1q VLANs
10
10
High Availability (HA)
(6)
Active/Passive
Yes
Yes
Configuration synchronization
Yes
Yes
Session synchronization for firewall and VPN
Yes
Yes
Session failover for routing change
Yes
Yes
Device failure detection
Yes
Yes
Link failure detection
Yes
Yes
Authentication for new HA members
Yes
Yes
Encryption of HA traffic
Yes
Yes
IP Address Assignment
Static
Yes
Yes
DHCP, PPPoE client
Yes
Yes
Internal DHCP server
Yes
Yes
DHCP relay
Yes
Yes
PKI Support
PKI Certificate requests (PKCS 7 and PKCS 10)
Yes
Yes
Automated certificate enrollment (SCEP)
Yes
Yes
Online Certificate Status Protocol (OCSP)
Yes
Yes
Certificate Authorities Supported
Verisign, Entrust, Microsoft, RSA Keon,
iPlanet (Netscape), Baltimore, DOD PKI
Administration
Local administrators database size
20
20
External administrator database
RADIUS/LDAP/SecurID
Root Admin, Admin, and
Yes
Yes
Read Only user levels
Software upgrades
Software upgrades
TFTP / WebUI / NSM / SCP / USB
Configuration Roll-back
Yes
Yes
External Flash
Additional log storage
via USB
Event logs and alarms
Yes
Yes
System config script
Yes
Yes
ScreenOS Software
Yes
Yes
Dimensions and Power
Dimensions (W/L/H)
11 5/8” x 7 3/8” x 1 3/4”
8 3/4” x 5 5/8” x 1 5/8”
29.5cm x 18.7cm x 4.5cm 22.2cm x 14.3cm x 4.1cm
Weight
3.3 lbs (1.5 kg)
2.1 lbs (0.95 kg)
Rack mountable
Yes
Yes
Power Supply (AC)
100-240 VAC
100-240 VAC
Certifications
Safety Certifications
CSA, CB
CSA, CB
EMC Certifications
FCC Class B, CE Class B,
FCC Class B, CE Class B,
A-Tick, VCCI class B
A-Tick, VCCI class B
Environment
Temp and Humidity
Operating Temp
Operating Temp
0 to 40 Deg C
0 to 40 Deg C
( 32 to 104 Deg F)
( 32 to 104 Deg F)
Non-Operating Temp
-20 to 65 Deg C
-20 to 65 Deg C
(-4 to 149 Deg F)
(-4 to 149 Deg F)
Humidity
10 to 90%
10 to 90%
non-condensing
non-condensing
MTBF (Bellcore model)
Non-Wireless
Non-Wireless
35.8 Yrs
40.5 Yrs
Wireless
28.9 Yrs
22.8 Yrs
SSG 20
SSG 5
Wireless Radio Specifications (Wireless Models Only)
Transmit Power
Up to 200mW
Wireless Standards supported
Dual Radio 802.11 a + 802.11b/g
Site Survey
Yes
Maximum Configured SSIDs
16
Maximum Active SSIDs
4
Atheros SuperG
Yes
Atheros eXtended Range (XR)
Yes
Wi-Fi CERTIFIED®
Yes
Wireless Security (Wireless Models Only)
Wireless Privacy
WPA, WPA2 (AES or TKIP), IPSEC VPN, WEP
Wireless Authentication
PSK, EAP-PEAP, EAP-TLS, EAP-TTLS over 802.1x
MAC Access Controls
Permit or Deny
Client Isolation
Yes
Antenna Option (Wireless Models Only)
Diversity Antenna
Included
Directional Antenna
Future
Omni-directional Antenna
Future
() Performance, capacity and features listed are based upon systems running ScreenOS 5.4 and are the measured maximums under ideal testing conditions
unless otherwise noted. Actual results may vary based on ScreenOS release and by deployment.
() IMIX stands for Internet mix and is more demanding than a single packet size as it represents a traffic mix that is more typical of a customer’s network. The
IMIX traffic used is made up of 58.% 64 byte packets + .% 570 byte packets + 8.% 58 byte packets of UDP traffic.
() UTM Security features (IPS/Deep Inspection, Antivirus, Anti-Spam and Web filtering) are delivered by annual subscriptions purchased separately from Juniper
Networks. Annual subscriptions provide signature updates and associated support. The high memory option is required for UTM Security features.
(4) Redirect Web filtering sends traffic to a secondary server and therefore entails purchasing a separate Web filtering license from either Websense or
SurfControl.
(5) NAT, PAT, policy based NAT, virtual IP, mapped IP, virtual systems, virtual routers, VLANs, OSPF, BGP, RIPv, Active/Active HA, and IP address assignment are
not available in layer transparent mode.
(6) Active Passive and HA Lite require the purchase of an Extended License. In addition to the HA features, an Extended License key increases a subset of the
capacities as outlined below.
Extended License Feature
SSG 20 and SSG 5
Sessions
Increases max from 4000 to 8000
VPN Tunnels
Increases max from 25 to 40
VLANS
Increases max from 10 to 50
VoIP Calls
Increases max from 32 to 48
High Availability
Adds support for Stateful Active/Passive and/or HA Lite
IPS (Deep Inspection FW) Signature Packs
Signature Packs provide the ability to tailor the attack protection to the specific deployment
and/or attack type. The following Signature packs are available for the SSG 5 and SG 20.
and/or attack type. The following Signature packs are available for the SSG 5 and SG 20.
Signature Pack
Target Deployment
Defense Type
Type of Attack
Object
Object
Base
Branch Offices, small
medium businesses
medium businesses
Client/Server and
worm protection
worm protection
Range of signa-
tures and protocol
anomalies
tures and protocol
anomalies
Client
Remote/Branch
Offices
Offices
Perimeter defense,
compliance for hosts
(desktops, etc)
compliance for hosts
(desktops, etc)
Attacks in the server-
to-client direction
to-client direction
Server
Small/Medium
Businesses
Businesses
Perimeter defense,
compliance for
server infrastructure
compliance for
server infrastructure
Attacks in the client-
to-server direction
to-server direction
Worm Mitigation
Remote/Branch
Offices of Large
enterprises
Offices of Large
enterprises
Most comprehensive
defense against
worm attacks
defense against
worm attacks
Worms, Trojans,
backdoor attacks
backdoor attacks