La passerelle de services SRX3600 prend en charge un pare-feu d'un débit maximal de 30 Gb/s, un pare-feu et un IPS d'un débit maximal de 10 Gb/s ou un VPN IPsec d'un débit maximal de 10 Gb/s et jusqu'à 175 000 nouvelles connexions par seconde. Dotée d'une gamme complète de fonctions de sécurité intégrée, cette passerelle de services SRX est idéale pour la sécurisation de centres de données d'entreprise de moyenne ou grande envergure, la sécurisation des centres de données hébergés ou colocalisés et la sécurisation de services et d'applications de nouvelle génération.





Spécifications techniques

Firewall performance (max)
30 Gbps
IPS performance (NSS 4.2.1)
10 Gbps
AES256+SHA-1 / 3DES+SHA-1 VPN performance
10 Gbps
Maximum concurrent sessions
2.25/ 6 million sessions *
* Additional Extreme License required for 6M sessions
New sessions/second (sustained, TCP, 3-way)
Maximum security policies
Maximum users supported
Maximum available slots for IOCs
6 (front slots)
Fixed I/O ports
8 10/100/1000 + 4 SFP
CX111 3G Bridge support
Internal 3G Express Card Slot support
Centralized Management
Junos Space Security Design
LAN interface options
  • 16 x 1 10/100/1000 copper
  • 16 x 1 Gigabit Ethernet small form-factor pluggable transceivers (SFP)
  • 2 x 10 Gigabit Ethernet XFP


High-availability support
  • Active/Passive, Active/Active
  • Low impact chassis cluster
  • Interface aggregation groups across chassis cluster


AppSecure Services
  • Application Identification: yes
  • Application Denial of Service Protection (AppDoS): yes
  • AppTrack: yes
  • AppQoS: yes
  • AAppFW: yes


Dimensions and Power
  • Dimensions (W x H x D): 17.5 x 8.75 x 25.5 in (44.5 x 22.2 x 64.8 cm)
  • Weight: Chassis: 43.6 lb (19.8 kg), Fully Configured: 115.7 lb (52.6 kg)
  • Power supply (AC): 100 to 240 V AC
  • Power supply (DC): -40 to -72 V DC
  • Maximum power draw: 1,750 W (AC power), 1,850 W (DC power)
  • Power supply redundancy: 2 + 1 / 2 + 2


  • Network attack detection: Yes
  • DoS and DDoS protection: Yes
  • TCP reassembly for fragmented packet protection: Yes
  • Brute force attack mitigation: Yes
  • SYN cookie protection: Yes
  • Zone-based IP spoofing: Yes
  • Malformed packet protection: Yes
  • GPRS stateful inspection: Yes


Intrusion Prevention System
  • Stateful protocol signatures: Yes
  • Attack detection mechanisms: Stateful signatures, protocol anomaly detection (zero-day coverage), application identification
  • Attack response mechanisms: Drop connection, close connection, session packet log, session summary, email, custom session
  • Attack notification mechanisms: Structured syslog
  • Worm protection: Yes
  • SSL encrypted traffic inspection: Yes
  • Simplified installation through recommended policies: Yes
  • Trojan protection: Yes
  • Spyware/adware/keylogger protection: Yes
  • Other malware protection: Yes
  • Protection against attack proliferation from infected systems: Yes
  • Reconnaissance protection: Yes
  • Request and response side attack protection: Yes
  • Compound attacks — combines stateful signatures and protocol anomalies: Yes
  • Create custom attack signatures: Yes
  • Access contexts for customization: 500+
  • Attack editing (port range, other): Yes
  • Stream signatures: Yes
  • Protocol thresholds: Yes
  • Stateful protocol signatures: Yes
  • Approximate number of attacks covered: 6,000+
  • Detailed threat descriptions and remediation/patch info: Yes
  • Create and enforce appropriate application-usage policies: Yes
  • Attacker and target audit trail and reporting: Yes
  • Deployment modes: Inline or TAP