Juniper Junos Pulse Gateway 6610 MAG6610 数据表
产品代码
MAG6610
3
mobile and computing devices to access the enterprise network,
cloud, applications, and data, making this challenge even more
difficult. Juniper Networks Junos Pulse Secure Access Service is
a simple, intuitive service that provides secure, authenticated
network and application access for remote and mobile users via
SSL VPN from virtually any web-enabled device. Junos Pulse
Secure Access Service uses SSL, the security protocol supported
by all standard Web browsers. The use of SSL eliminates the need
for preinstalled client software, changes to internal servers, and
costly ongoing maintenance and desktop support.
cloud, applications, and data, making this challenge even more
difficult. Juniper Networks Junos Pulse Secure Access Service is
a simple, intuitive service that provides secure, authenticated
network and application access for remote and mobile users via
SSL VPN from virtually any web-enabled device. Junos Pulse
Secure Access Service uses SSL, the security protocol supported
by all standard Web browsers. The use of SSL eliminates the need
for preinstalled client software, changes to internal servers, and
costly ongoing maintenance and desktop support.
Junos Pulse Secure Access Service includes Junos Pulse, a
dynamic, integrated, multiservice network enabling user interface
for mobile and nonmobile devices. Junos Pulse enables optimized
anytime, anywhere access to corporate networks, clouds, and
data. it enables secure SSL VPN access from a wide range of
mobile and nonmobile devices such as smartphones, tablets,
laptops, desktop PCs, Wi-Fi, or 3G/4G/Long Term Evolution
(LTE)-enabled devices. Junos Pulse Secure Access Service also
enhances users’ remote access experience and productivity
through seamless and transparent single sign-on (SSO) to third-
party Web applications, including cloud-based Software-as-a-
Service (SaaS) applications, while enforcing uniform device and
user compliance before granting access. And, with the Junos Pulse
Collaboration feature license, users are able to participate in
meetings and collaborate anytime, anywhere.
dynamic, integrated, multiservice network enabling user interface
for mobile and nonmobile devices. Junos Pulse enables optimized
anytime, anywhere access to corporate networks, clouds, and
data. it enables secure SSL VPN access from a wide range of
mobile and nonmobile devices such as smartphones, tablets,
laptops, desktop PCs, Wi-Fi, or 3G/4G/Long Term Evolution
(LTE)-enabled devices. Junos Pulse Secure Access Service also
enhances users’ remote access experience and productivity
through seamless and transparent single sign-on (SSO) to third-
party Web applications, including cloud-based Software-as-a-
Service (SaaS) applications, while enforcing uniform device and
user compliance before granting access. And, with the Junos Pulse
Collaboration feature license, users are able to participate in
meetings and collaborate anytime, anywhere.
For more details on Junos Pulse, please visit www.juniper.net/us/
en/products-services/software/junos-platform/junos-pulse. For
further details about the features and license options of Junos
Pulse Secure Access Service, please view the Junos Pulse Secure
Access Service datasheet on the MAG Series webpage.
en/products-services/software/junos-platform/junos-pulse. For
further details about the features and license options of Junos
Pulse Secure Access Service, please view the Junos Pulse Secure
Access Service datasheet on the MAG Series webpage.
Junos Pulse Access Control Service
Junos Pulse Access Control Service enables NAC for any
connected device, regardless if it is remote or local. it delivers
Juniper Networks Unified Access Control services across the
extended enterprise, providing a standards-based, comprehensive,
network and application access control solution. The Junos Pulse
Access Control Service delivers identity-based, location- and
device-aware, granular access control with robust endpoint
security and integrity checks. When deployed with MAG Series
gateways, Junos Pulse, Junos Pulse Access Control Service and
Junos Pulse Secure Access Service combine to deliver fast, secure
network and application access, with the ability to automatically
migrate from one access type (such as secure remote access) to
another (local network and application access control) based on
the user location, and through SSO. in addition, highly granular
endpoint device assessment capabilities allow administrators to
grant full or differentiated network and application access—or
even deny access—based on a device’s security state and status,
i.e., if Google Android and Apple iOS mobile devices are jail-broken
or rooted, compromised, infected, or running an unsecure OS
version, or if Microsoft Windows and Apple Mac OS devices are
running outdated antivirus, anti-malware, endpoint firewall or
patches, or custom checks.
connected device, regardless if it is remote or local. it delivers
Juniper Networks Unified Access Control services across the
extended enterprise, providing a standards-based, comprehensive,
network and application access control solution. The Junos Pulse
Access Control Service delivers identity-based, location- and
device-aware, granular access control with robust endpoint
security and integrity checks. When deployed with MAG Series
gateways, Junos Pulse, Junos Pulse Access Control Service and
Junos Pulse Secure Access Service combine to deliver fast, secure
network and application access, with the ability to automatically
migrate from one access type (such as secure remote access) to
another (local network and application access control) based on
the user location, and through SSO. in addition, highly granular
endpoint device assessment capabilities allow administrators to
grant full or differentiated network and application access—or
even deny access—based on a device’s security state and status,
i.e., if Google Android and Apple iOS mobile devices are jail-broken
or rooted, compromised, infected, or running an unsecure OS
version, or if Microsoft Windows and Apple Mac OS devices are
running outdated antivirus, anti-malware, endpoint firewall or
patches, or custom checks.
Junos Pulse and the Junos Pulse Access Control Service combine
to deliver identity-aware networking, complete with security
and access control policies that follow users around the globe—
regardless of how, from where, or from what device (smartphones,
tablets, or similar mobile devices) they are attempting network
to deliver identity-aware networking, complete with security
and access control policies that follow users around the globe—
regardless of how, from where, or from what device (smartphones,
tablets, or similar mobile devices) they are attempting network
and application access. All user session data is shared in MAG
Series gateways and service modules via the Trusted Network
Connect (TNC) interface for Metadata Access Point (iF-MAP)
standard, enabling a seamless authentication and session data
flow. For further details about the features and license options of
Junos Pulse Access Control Service, please view the Junos Pulse
Access Control Service datasheet on the MAG Series webpage.
Series gateways and service modules via the Trusted Network
Connect (TNC) interface for Metadata Access Point (iF-MAP)
standard, enabling a seamless authentication and session data
flow. For further details about the features and license options of
Junos Pulse Access Control Service, please view the Junos Pulse
Access Control Service datasheet on the MAG Series webpage.
Licensing
User License (Common Access License)
With the MAG Series Junos Pulse Gateways, common access
licenses are available as user licenses. With common access
licensing, licenses can either be used for SSL VPN user sessions
or NAC user sessions. Please refer to the Ordering information
section below for more details.
licenses are available as user licenses. With common access
licensing, licenses can either be used for SSL VPN user sessions
or NAC user sessions. Please refer to the Ordering information
section below for more details.
For administrative ease of use when it comes to license counts,
each license enables as many users as specified, and the licenses
are additive. For example, if a 100 user license was originally
purchased and the concurrent user count grows over the next year
to exceed that amount, simply adding another 100 user license to
the system will allow support for up to 200 concurrent users. See
the Architecture and Key Components section of this datasheet
for the maximum number of common access licenses for SSL VPN
and UAC supported per MAG Series gateway and service module.
each license enables as many users as specified, and the licenses
are additive. For example, if a 100 user license was originally
purchased and the concurrent user count grows over the next year
to exceed that amount, simply adding another 100 user license to
the system will allow support for up to 200 concurrent users. See
the Architecture and Key Components section of this datasheet
for the maximum number of common access licenses for SSL VPN
and UAC supported per MAG Series gateway and service module.
High Availability Clustering Capability (No Additional
License Required)
License Required)
With the MAG Series, customers have the ability to build clusters
without buying any additional licenses. The clustering method can
be explained in two simple steps:
without buying any additional licenses. The clustering method can
be explained in two simple steps:
1. Simply place an equal number of user licenses (“-ADD”) on
each box.
2. When they are joined together to form a cluster, all of the user
licenses add up so that the cluster can now support all of the
licensed users. For example, building a 1,000-user cluster is
accomplished by bringing together two MAG Series gateways
with 500 user licenses on each of the units.
licensed users. For example, building a 1,000-user cluster is
accomplished by bringing together two MAG Series gateways
with 500 user licenses on each of the units.
Clustering features stateful peering and failover across the LAN,
so in the unlikely event that one unit fails, system configurations
(such as authentication server, authorization groups, and
bookmarks), user profile settings (such as user defined bookmarks
and cookies), and user sessions are preserved. Failover is
seamless, so there is no interruption to user or enterprise
productivity, no need for users to log in again, and no downtime.
so in the unlikely event that one unit fails, system configurations
(such as authentication server, authorization groups, and
bookmarks), user profile settings (such as user defined bookmarks
and cookies), and user sessions are preserved. Failover is
seamless, so there is no interruption to user or enterprise
productivity, no need for users to log in again, and no downtime.
Here are the clustering options for the MAG Series gateways:
1. MAG2600 gateways can be clustered in a pair.
2. MAG4610 gateways can be clustered in a pair.
3. For MAG6610 gateways, you may cluster two service modules
in a pair (assuming any two MAG-SM160 or MAG-SM360
service modules are installed in the chassis).
service modules are installed in the chassis).
4. For MAG6611 gateways, you may cluster two service modules in
a pair, either using the MAG-SM160 or MAG-SM360. To cluster
three or four service modules will require all MAG-SM360
service modules in the chassis.
three or four service modules will require all MAG-SM360
service modules in the chassis.
Please note that WAN clustering is not supported on the MAG
Series. Multisite clustering is supported, however, provided the
sites are on a campus network with LAN-like connectivity.
Series. Multisite clustering is supported, however, provided the
sites are on a campus network with LAN-like connectivity.