Juniper SRX220 service gateway with 8 x GE ports, 1GB RAM, 1GB FLASH

SRX services gateway 220 with 8 x GE ports, 2xmini-PIM slots, and high memory (1GB RAM, 1GB FLASH). External power supply and cord included.

The SRX220 Services Gateway is a secure router that supports up to 950 Mbps firewall, 100 Mbps IPSec VPN, and 100 Mbps IPS. Additional security features include Unified Threat Management (UTM), which consists of: IPS, antispam, antivirus, and Web filtering. The SRX220 Services Gateway is ideally suited for securing small to medium distributed enterprise locations.

JUNOS Software version tested: JUNOS 10.3

Firewall performance (max): 950 Mbps

IPS performance (NSS 4.2.1): 100 Mbps

AES256+SHA-1 / 3DES+SHA-1 VPN performance: 100 Mbps

Maximum concurrent sessions: 96K (1 GB DRAM)

New sessions/second (sustained, TCP, 3-way): 2,500

Maximum security policies: 2,048

Maximum users supported: Unrestricted

Maximum available slots for IOCs: N/A

Fixed I/O ports: 8 x 10/100/1000BASE-T

CX111 3G Bridge support: Yes

Internal 3G Express Card Slot support: N/A

WAN / LAN interface options 

• T1/E1
• ADSL2 Annex A
• ADSL2 Annex B
• G.SHDSL
• VDSL2
• DOCSIS 3.0 Cable Modem
• SFP*
• Sync Serial

Note: * Supported as of Q4 2010

High-availability support: Yes*

Note: * Supported as of Q4 2010

AppSecure Services: N/A

Firewall 

• Network attack detection: Yes
• DoS and DDoS protection: Yes
• TCP reassembly for fragmented packet protection: Yes
• Brute force attack mitigation: Yes
• SYN cookie protection: Yes
• Zone-based IP spoofing: Yes
• Malformed packet protection: Yes
• Intrusion Prevention System 
• Stateful protocol signatures: Yes
• Attack detection mechanisms: Stateful signatures, protocol anomaly detection (zero-day coverage), application identification
• Attack response mechanisms: Drop connection, close connection, session packet log, session summary, email, custom session
• Attack notification mechanisms: Structured syslog
• Worm protection: Yes
• Simplified installation through recommended policies: Yes
• Trojan protection: Yes
• Spyware/adware/keylogger protection: Yes
• Other malware protection: Yes
• Protection against attack proliferation from infected systems: Yes
• Reconnaissance protection: Yes
• Request and response side attack protection: Yes
• Compound attacks — combines stateful signatures and protocol anomalies: Yes
• Create custom attack signatures: Yes
• Access contexts for customization: 500+
• Attack editing (port range, other): Yes
• Stream signatures: Yes
• Protocol thresholds: Yes
• Stateful protocol signatures: Yes
• Approximate number of attacks covered: 6,000+
• Detailed threat descriptions and remediation/patch info: Yes
• Create and enforce appropriate application-usage policies: Yes
• Attacker and target audit trail and reporting: Yes
• Deployment modes: Inline

Dimensions and Power 

• Dimensions (W x H x D): 11.02 x 1.73 x 7.04 in.(28 x 4.4 x 17.9 cm)
• Weight: Chassis: 3.43 lb (1.56 kg) Non-PoE No interface modules
• Power supply (AC) 100–240 VAC, 60 W (Non-PoE) / 200 W PoE
• Maximum power draw: 120 W
• Average power consumption: 28 W (HM)