Product Description. Product Overview DATASHEET

Similar documents
LN2600 Rugged Secure Router

QUICKSTART GUIDE FOR BRANCH SRX SERIES SERVICES GATEWAYS

JUNOS SPACE ROUTE INSIGHT

Cisco 5921 Embedded Services Router

Cisco 5921 Embedded Services Router

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch

JUNOS SCOPE SOFTWARE IP SERVICE MANAGER

System Architecture Overview for THE Juniper Networks SSG500 Line

CONFIGURING THE CX111 FOR THE SSG SERIES

Technical Specification of the proposed components :

EX2500 ETHERNET SWITCHES

GS-2610G L2+ Managed GbE Switch

Cluster Upgrade. SRX Series Services Gateways for the Branch Upgrade Junos OS with Minimal Traffic Disruption and a Single Command APPLICATION NOTE

Product Description. Product Overview. Architecture and Key Components of the MAG Series Junos Pulse Gateways

FGS-2616X L2+ Managed GbE Fiber Switches

PSGS-2610F L2+ Managed GbE PoE Switch

Juniper Networks M Series and J Series Routers

Product Description. Architecture and Key Components of the MAG Series Junos Pulse Gateways. Product Overview DATASHEET

Juniper Networks NetScreen-5000 Series

M120 Class-of-Service Behavior Analysis

Switch shall have 4 SFP 1000 Mb/s ports (2 Port dual-personality ports; 10/100/1000BASE-T or SFP and 2 Fixed 1G SFP port)

Product Description. Product Overview. Architecture and Key Components of the MAG Series Junos Pulse Gateways

Product Description. Product Overview DATASHEET

Cisco 921J Gigabit Ethernet security router with external power supply for Japan only

24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP)

GS-1626G Web Smart+ GbE Switch

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES

IMPLEMENTING A LAYER 2 ENTERPRISE INFRASTRUCTURE WITH VIRTUAL CHASSIS TECHNOLOGY

Quidway NetEngine 20E/20 Series Router Product Specification

Network Configuration Example

MULTISERVICE INTERFACE MICS FOR MX SERIES

Juniper Sky Enterprise

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )

VPN Routers DSR-150/250/500/1000AC. Product Highlights. Features. Overview. Comprehensive Management Capabilities. Web Authentication Capabilities

WX CENTRAL MANAGEMENT SYSTEM

WHITE PAPER. Copyright 2010, Juniper Networks, Inc. 1

Network Configuration Example

Technology Overview. Frequently Asked Questions: MX Series 3D Universal Edge Routers Quality of Service. Published:

SOLUTION BROCHURE. Mobility Changes Everything

Juniper Networks Certification Program

Secure Remote Access with Comprehensive Client Certificate Management

Juniper Networks IDP 75/250/800/8200

Coordinated Threat Control

1 Mojo S-2000 Series Managed PoE Switches

Unified Services Routers

ZyWALL VPN2S VPN Firewall

J-series Advanced Switching Configuration

Product Description. Product Overview DATASHEET

Gigabit SSL VPN Security Router

14-port Gigabit Managed Industrial POE Switch

1U Rack-mounted or Wall Mounting 12-port 100M/Gigabit Layer 3 Managed Rail Transit Dedicated Industrial Ethernet Switch

Datasheet. 8-Port 10G SFP+ Router. Model: ER-8-XG. 80 Gbps Aggregate Throughput. 10G Ethernet SFP+ Ports. Hot-Swappable Modular Power Supplies

Junos Security. Chapter 3: Zones Juniper Networks, Inc. All rights reserved. Worldwide Education Services

J-Care Agility Services Advanced Options

AXILSPOT 48-Port 10-Gigabit L3 Managed Switch AS-MT48-L3

Implementing AutoVPN Network Design Using the SRX Series with ibgp as the Dynamic Routing Protocol

OP-MEN 99216B 2 Port (1G/10G) + 12 Port GbE (100M/1G) SFP + 2 RJ45 (100M/1G) Combo L2 Managed Switch

NSG100 Nebula Cloud Managed Security Gateway

IDP SERIES INTRUSION DETECTION AND PREVENTION APPLIANCES

SAE-PE QSFP-NMS

ES Port Managed Gigabit Switch with 4 SFP ports

Network Configuration Example

ASIT-33018PFM. 18-Port Full Gigabit Managed PoE Switch (ASIT-33018PFM) 18-Port Full Gigabit Managed PoE Switch.

Datasheet. 10G 16-Port Managed Aggregation Switch. Model: ES-16-XG. Non-Blocking Throughput Switching. Maximum Performance and Low Latency

Datasheet. Managed Gigabit Fiber Switch. Model: ES-12F. Non-Blocking Throughput Switching. High Performance and Low Latency

Datasheet. Managed Gigabit Switches with SFP. Models: ES-24-Lite, ES-48-Lite. Non-Blocking Throughput Switching Performance

Datasheet. Gigabit Router with SFP. Models: ER-4. Sophisticated Routing Features. Next-Generation Price/Performance Value. SFP Port for Fiber Uplink

Network Configuration Example

Datasheet. Gigabit Routers with SFP. Models: ER-4, ER-6P. Sophisticated Routing Features. Next-Generation Price/Performance Value

IDP SERIES INTRUSION DETECTION AND PREVENTION APPLIANCES (IDP75, IDP250, IDP800, IDP8200)

QuickSpecs. Models. Features and Benefits Industry-leading warranty. HP ProCurve Threat Management Services zl Module

NSG50/100/200 Nebula Cloud Managed Security Gateway

HYC-TNS5310-C2 Industrial L2 Managed GbE Switch

Avaya Secure Router 3120

Ruijie RG-RSR20-X Multi-Service Router Series Datasheet

Juniper Networks EX-Series Ethernet Switches

CONFIGURING THE CX111 FOR THE SSG SERIES

Product features. Applications

PSGS-1526F. Web Smart+ Managed GbE PoE+ Switch

Network Configuration Example

DATASHEET Managed PoE+ Gigabit Ethernet Swithes with SFP/SFP+ Models: S1130-8T2F, S1250-8T2F, S T4F, S T4F, S T4S

EP Port Managed Gigabit Switch with 4 x IEEE 802.3at + 20 x IEEE 802.3af PoE

Network Configuration Example

Cisco RV 120W Wireless-N VPN Firewall

Cisco RV180 VPN Router

Advanced Network Routers. Datasheet. Model: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

Datasheet. Managed PoE+ Gigabit Switches with SFP. Tel: (0) Fax: +44 (0)

GBE MANAGED SWITCHES

Datasheet. Managed PoE+ Gigabit Switches with SFP. Models: ES W, ES W, ES W, ES W

Integrated Security Gateways

26-Port Full Gigabit Managed PoE Switch

Cisco SGE Port Gigabit Switch Cisco Small Business Managed Switches

SRX1500 Services Gateway

Network Configuration Example

Datasheet. Advanced Gigabit Ethernet Routers. Models: ER-X, ER-X-SFP. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

XS26DS. L2/L3 10 G Optic Fiber Aggregation Switches. Features. Overview. XS26DS L3 10 G Optic Fiber Aggregation Switches

WX Client. Product Description. Product Overview DATASHEET

14 Port AMC Managed Layer Two Switch

Transcription:

DATASHEET LN1000 Mobile Secure Router Product Overview Military organizations, first responders, and transportation providers are not immune to the growing global demand for secure and mobile access to a highperformance network that provides intelligent voice, video, and data transport. This demand for highperformance, secure networking also exists in networks that support unmanned surveillance aircraft, exploration (oil, gas, and mining) equipment, and energy utility networks for power monitoring. The Juniper Networks LN1000 is a secure, high-performance router delivered in a small form factor energy efficient package that can be embedded in a customer chassis for portable and transportable router markets, making it the perfect solution for even the most demanding mobile network applications. Product Description The Juniper Networks LN1000 Mobile Secure Router is an edge access router that delivers a high-performance routing firewall and intrusion detection service (IDS). Packaged in the standard 4 x 6 x.85 inches VPX form factor, it consumes 35 watts of power or less and weighs less than 1.5 lbs. The Space, Weight, and Power (SWAP) characteristics of the LN1000 make it ideal for customers who require a secure and rugged network access router with a small footprint in a transportable package. The LN1000 provides the power of Juniper s hardware and Junos OS routing functionality across its 8 x 1GbE interfaces. The LN1000 addresses the growing demand for a network access presence in military, first responder and transportation vehicles, mining and exploration equipment, unmanned aircraft, and power grids. Until now, many of these networks were forced to leverage traditional routing and security boxes that were designed for equipment rack installations requiring forced air or fans for cooling. These designs did not consider the SWAP requirements of mobile secure networks. These mobile, and in some instances remote network endpoints, have a unique set of requirements that only the LN1000 can provide in a VPX form factor. The high-performance routing capability of the LN1000 not only provides industry-leading routing and forwarding performance, but it also solves communications issues associated with mobile network access devices. A mesh network of LN1000s is able to determine the most efficient and effective path for network communications across radio networks. It constantly monitors bandwidth between network hops to ensure that traffic is managed appropriately and always gets through even in networks where available bandwidth from one point to another can be extremely dynamic due to radio signal interference. As an edge access device, the LN1000 can be at risk of network attacks. Whether on the battlefield, on a local public transit bus, or located at a local power substation, the threat of unwanted network access, network sabotage, and denial-of-service (DoS) attacks exists. With its integrated firewall and intrusion detection system, the LN1000 ensures that the network is always up and securely running by denying malicious threats and unauthorized access or control. The LN1000 VPX packaging provides a conduction cooling system that allows it to run in harsh environmental conditions without the need for external fans or forced air cooling systems. 1

Architecture and Key Components The key components of the LN1000 are high-performance routing for mobile networks, security features that include a firewall and IDS, a small footprint, a conduction cooled packaging system, and the powerful Juniper Networks Junos operating system. Routing As a Juniper router, the LN1000 is deployed with Juniper routing hardware, ensuring industry-leading forwarding and routing support even under the harshest network traffic loads. Unlike traditionally fixed-line or wireless backhaul networks, the communication path for mobile networks, whether terrestrial, air, or sea, is through radio links. These communication links have limited bandwidth, are typically bursty in nature, and are subject to dynamic changes to available bandwidth due to Line of Sight (LOS), weather or environmental interference that affects transmission. The high-performance routing capabilities of the LN1000 include radio router protocol support that enables the LN1000 to overcome these difficult mobile networking issues. The radio router protocols in the LN1000 enable it to establish a mesh network configuration using extensions to OSPFv3 routing protocol to include other mobile devices as well as land-based receivers. The radio router protocols provide real-time monitoring of radio hop efficiency and effective available bandwidth. This information is then leveraged by the routing capabilities within the LN1000 to appropriate direct traffic across the most effective hop sequence, and when necessary to regulate traffic flow so that traffic quality of service (QoS) can be maintained. The LN1000 has hardware-based QoS support, which provides consistent routing performance across all 8 x 1 Gbps network interfaces. This hardware-based QoS will support a QoS hierarchy that provides up to 8 queues of 4 precedence levels, delivering classification for up to 32 unique DiffServ code point (DSCP) values. QoS hierarchy support can be used in military and first responder networks to establish a network communications hierarchy as well as message importance and urgency preference. QoS hierarchy in the LN1000 can also be used to provide differentiated classifications of service based on network traffic type in commercial applications. Security The LN1000 provides a hardware assisted stateful firewall and IDS solution that is based on the capabilities provided in the industry-leading Juniper Networks SRX Series Services Gateways. As a network edge device, the security capabilities within the LN1000 provide network access protection whether on the battlefield, in a first responder network, in energy management systems, or in remote sensor data networks. The firewall and IDS systems in the LN1000 provide DoS attack and network disruption protection in various environments. The memory sanitization capability within the LN1000 erases all information stored in memory upon system reboot. This capability ensures that all confidential communications traffic is removed, and it can be used to ensure that hackers are not able to store information in the memory banks of the LN1000 for future use, or even worse for an attempted attack at a future point in time. Firewall Network attack detection DoS and DDos protection TCP reassembly for fragmented packet protection Brute force attack mitigation SYN cookie protection Zone-based IP spoofing Malformed packet protection Intrusion Prevention System (IPS) Protocol anomaly detection Stateful protocol signatures IPS attack pattern obfuscation Customer signatures creation Frequency of updates (daily and emergency) Packaging The LN1000 packaging complies with the VPX standard and consists of a single 3 U card with a VITA 46 interface weighing less than 1.5 lbs. The router is approximately the size of a 4 x 6 in index card. Populated with military grade components, having a unique thermal conductive design, and shrunk by Juniper s innovative package design, the LN1000 will operate in harsh environments while consuming less that 35 watts of power. And it can achieve excellent routing performance capability because of Juniper hardware assisted security and routing features. Junos Operating System All of the routing, security, and control features leverage the functionality and quality of Junos OS. In addition to Juniper s superior routing software, the LN1000 also can support neighbor discovery and PPPoE extensions to radio router protocol to enable unicast and multicast IP broadcast in a mobile environment. 2

Features and Benefits LN1000 Mobile Secure Router Features and Benefits Feature VPX 3 U form factor VITA 46 Interface Low power requirement SWAP qualities IPMI RS232 console port IPv4 and IPv6 support Junos OS functionality Protocol (4938bis) QoS Hot swap Performance Benefit Small, single board size makes the LN1000 easily configurable in the customer chassis using an industrystandard VITA 46 backplane. Running with full functionality at less than 35 W, the LN1000-V is easily embedded in a moving vehicle, whether terrestrial, airborne, or at sea, where power is often limited. The exceptional Space, Weight, and Power (SWAP) characteristics (< 1.5 lb, < 35 W, 3 RU x 6.3 in deep) make the LN1000-V a unique product for vehicular, airborne, or seaborne units where size, weight, and power must be kept to a minimum. The clear advantage for the LN1000-V is to be able to deliver full routing functionality, 8 x 1GbE outputs, as well as firewall and IPS security functions in a small package designed to be easily embedded in a customer chassis that conforms to the VITA 46 standard. The LN1000-V is designed with an Intelligent Platform Management Interface for external commands such as reset, remote power on and off, onboard temperature and voltage sensing, and status information. IPMI provides an external control capability for a router that is typically embedded in a constrained space. One RS232 console at the front end of the card via RJ45 connector and also mirrored to the backplane. The RS232 console port can be used to externally monitor operational status as well as to run the Junos OS CLI while the router is in operation. Includes support for forwarding of IPv4/IPv6 packets, IPv4/IPv6 firewall, and intrusion prevention system (IPS) to ensure scalability on the world s largest networks. The LN1000 supports the rich routing and networking functionality of the Junos OS, enabling it to be easily configured to WAN and LAN routers all running the same OS. Allows the LN1000-V to communicate to a radio card for uplink using a PPPoE extension (RFC 4938bis). Support for the protocol enables the LN1000 to monitor available bandwidth on a per-hop basis, and adjust routing tables and message queues to ensure that traffic is transported effectively and efficiently. The LN1000-V will support 8 queues per virtual, logical, or physical interface. Each queue can have four random early detection (RED) classes applied to it. The hardware-based QoS capability ensures consistent routing performance across all 8 x 1 Gbps Ethernet ports whether QoS is enabled or not. Supports VITA 46.13 Hot Remove/Insert Specification. The LN1000-V can be removed from or inserted into the backplane while power is applied without damage to either the backplane or to the LN1000. 500,000 packets/sec at 64 byte packet size without services enabled 200,000 packets/sec at 64 byte packet size with all services enabled (multicast, QoS, firewall, IDS) 3

Product Capabilities Additional security capabilities for the LN1000 include: Firewall, zones, screens, policies Stateful firewall, access control list (ACL) filters DoS and distributed denial-of-service (DDoS) protection (anomaly-based) Replay attack; anti-replay protection Content filtering VPN Tunnels Generic Routing Encapsulation (GRE) IP-in-IP IPsec IPsec Data Encryption Standard (DES) (56-bit), triple Data Encryption Standard (3DES) (168-bit), and Advanced Encryption Standard (AES) (256-bit) Message Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA1) authentication IPsec Network Address Translation (NAT) traversal User Authentication and Access Control Third-party user authentication (RADIUS) RADIUS accounting XAUTH VPN, web-based, 802.X authentication PKI certificate requests (PKCS 12) Certificate authorities supported: VeriSign, Entrust, Microsoft, RSA Keon, iplanet, (Netscape), Baltimore, DoD PKI Address Translation Source NAT with Port Address Translation (PAT) Static NAT Destination NAT with PAT IP Address Assignment Static Dynamic Host Configuration Protocol (DHCP), Point-to-Point over Ethernet (PPPoE) client Internal DHCP server DHCP relay Traffic Management Quality of Service (QoS) Guaranteed bandwidth Maximum bandwidth Ingress traffic policing Priority bandwidth utilization DiffServ code point marking High Availability Virtual Router Redundancy Protocol (VRRP) The Junos OS provides: Routing IPv4 and IPv6 support Static routes RIPv2 OSPFv2/v3 OSPFv3 address family support BGP IS-IS Source-based routing Policy-based routing Equal-cost multipath (ECMP) Reverse path forwarding (RPF) MPLS Layer 2 VPN (VPLS) Layer 3 VPN LDP RSVP Circuit cross-connect (CCC) Translational cross-connect (TCC) Multicast Internet Group Management Protocol (IGMP v1, v2, and v3) IGMP Multicast Listener Discovery (MLD) proxy Protocol Independent Multicast (PIM) sparse mode (SM) PIM dense mode (DM) PIM source-specific multicast (SSM) Distance Vector Multicast Routing Protocol (DVMRP) Source specific Multicast inside IPsec tunnel Encapsulations Generic routing encapsulation (GRE) Point-to-Point Protocol (PPP) PPPoE Ethernet (media access control and tagged) Quality of Service Packet classification based on IP precedence, DSCP, 802.1p 8 queues per logical entity 4 drop profiles per queue using Tail RED 32 queues per interface Weighted round-robin (WRR) scheduling 4 priority levels with strict order Packet marking by precedence, DSCP Radio Router Protocols RFC 4938 RFC 4938 BIS (using rate information to control flows) UDP-based radio router protocol (ground to satellite radio) Command-Line Interface Junos OS CLI 4

Specifications Maximum Performance and Capacity Firewall + routing pps (64 byte): 200 Kpps AES256+SHA-1/3DES+SHA-1 VPN performance: 250 Mbps IPsec VPN tunnels: 1,000 IPS (intrusion prevention system): 250 Mbps Connections per second: 9,000 Maximum concurrent sessions: 128,000 Maximum security policies: 4,096 Maximum users supported: Unrestricted Network Connectivity Fixed I/O: 8 x 1 Gbps Routing BGP instances: 20 BGP peers: 32 BGP routes: 64K OSPF instances: 20 OSPF routes: 64K RIP v1 / v2 instances: 20 RIP v2 routes: 64K Static routes: 64K IPsec VPN Concurrent VPN tunnels: 1,000 Tunnel interfaces: 128 Virtualization Maximum number of security zones: 32 Maximum number of VLANs: 512 Physical and Mechanical Dimensions (W x H x D) Conforms to VITA 48.2 3 U Conduction Cooled Format (0.85 x 3.94 x 6.3 in; 21.6 x 100 x 160 mm) Connections VITA 46.0 specified connections: P0-56 pin Utility Connector; P1, P2-112 pin signaling connectors RJ45 RS232 front console connector Electrical Power < 35 W Input Voltage +3.3 V +5 V +3 V Aux Thermal Operating VITA ECC4: -40 to 185 F (-40 C to 85 C) Non-Operating Vita ECC3: -58 to 212 F (-50 to +100 C) Shock and Vibration Shock VITA 47 OS2; 40 g, 11 ms Vibration VITA 47 V3: 5 Hz to 100 Hz PSD increasing 3dB/octave 100 Hz to 1000 Hz PSD = 0.1g2/Hz 1000 Hz to 2000 Hz PSD decreasing at 6dB/octave Humidity VITA 47: up to 95% RH non-condensing Corrosion VITA 47; ASTM G85, Annex A4 (Salt, SO 2 spray) Altitude VITA 47: 1,500 ft below sea level to 60,000 ft above sea level ESD VITA 47: EN61000-4-2; up to 15 KV Transportation: MIL-STD-810F for air, sea, road, and rail 5

Juniper Networks Services and Support Juniper Networks is the leader in performance-enabling services that are designed to accelerate, extend, and optimize your high-performance network. Our services allow you to maximize operational efficiency while reducing costs and minimizing risk, achieving a faster time to value for your network. Juniper Networks ensures operational excellence by optimizing the network to maintain required levels of performance, reliability, and availability. For more details, please visit www.juniper.net/us/en/ products-services. About Juniper Networks Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. The company serves customers and partners worldwide. Additional information can be found at www.juniper.net. Product Options The Juniper Networks LN1000 Mobile Secure Router is currently available with the VITA 46 interface option (LN1000-V). Ordering Information Please contact your local Juniper account representative for ordering information. Corporate and Sales Headquarters APAC Headquarters EMEA Headquarters To purchase Juniper Networks solutions, Juniper Networks, Inc. 1194 North Mathilda Avenue Juniper Networks (Hong Kong) 26/F, Cityplaza One Juniper Networks Ireland Airside Business Park please contact your Juniper Networks representative at 1-866-298-6428 or Sunnyvale, CA 94089 USA 1111 King s Road Swords, County Dublin, Ireland authorized reseller. Phone: 888.JUNIPER (888.586.4737) Taikoo Shing, Hong Kong Phone: 35.31.8903.600 or 408.745.2000 Phone: 852.2332.3636 EMEA Sales: 00800.4586.4737 Fax: 408.745.2100 Fax: 852.2574.7803 Fax: 35.31.8903.601 www.juniper.net Copyright 2012 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. 1000285-004-EN Jan 2012 Printed on recycled paper 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback