The Juniper Networks Secure Services Gateway 140 (SSG 140) is a purpose-built security appliance that delivers a perfect blend of performance, security, routing, and LAN\WAN connectivity for medium sized branch offices and business deployments. Traffic flowing in and out of the branch office is protected from worms, Spyware, Trojans, and malware by a complete set of Unified Threat Management (UTM) security features including Stateful firewall, IPSec VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering.
The rich set of UTM security features allows the SSG 140 to be deployed as a stand alone network protection device. With its robust routing engine, the SSG 140 can also be deployed as a traditional branch office router or as a combination security and routing device to help reduce IT capital and operational expenditures.
SSG 140: The SSG 140 is a modular platform that delivers more than 350 Mbps of firewall traffic and 100 Mbps of IPSec VPN. The SSG 140 supports 8 on-board 10/100 + 2 10/100/1000 interfaces and four I/O expansion slots.
The SSG 140 is ideally suited for branch offices, small to medium businesses and service providers that want a security platform to protect their WAN and high speed internal networks while extending the platform return on investment through high levels of system and interface modularity.
Features:Key features and benefits of the Juniper Networks SSG 140 include:
– Purpose-built, high performance platform that delivers LAN and WAN connectivity and security, plus the muscle to protect the high-speed LAN against internal network and application-level attacks
– Proven security and LAN/WAN routing functionality that provides the ability to consolidate devices and reduce IT expenditures
– Comprehensive set of Unified Threat Management (UTM) security features to protect against network and application level attacks while simultaneously stopping content-based attacks. UTM security features include:
- Stateful inspection firewall to perform access control and stop network level attacks
- IPS (Deep Inspection firewall) to stop application level attacks
- Best-in-class antivirus based on the Kaspersky Lab scanning engine that includes Anti-Phishing, Anti-Spyware, Anti-Adware protection to stop viruses, Trojans and other malware before they damage the network
- Anti-Spam via a partnership with Symantec to block known spammers and phishers
- Web filtering using SurfControl to block access to known malicious download sites or other inappropriate web content
- Site-to-site IPSec VPN to establish secure communications between offices
- Denial of service (DoS) mitigation capabilities
- Application Layer Gateways for H.323, SIP, SCCP and MGCP to inspect and protect VoIP traffic
– Variety of modular LAN and WAN interface options
– Auto-Configure VPN (AC VPN) allows for automatic set-up and take-down of VPN tunnels between remote offices in hub-and-spoke topologies
– Multiple high availability options with sub-second failover between interfaces or devices
– Customizable security zones to increase interface density without additional hardware expenditures, lower policy creation costs, contain unauthorized users and attacks, and simplify management of firewall/VPNs
– Management through graphical Web UI, CLI, or the NetScreen-Security Manager central management system
– Policy-based management to allow centralized, end-to-end life-cycle management
Specifications:Interfaces/Ports – 8 x RJ-45 10/100Base-TX LAN
– 2 x RJ-45 10/100/1000Base-T LAN
– 1 x RJ-45 Console Management
– 1 x RJ-45 Auxiliary Management
– 1 x USB
Data Transfer Rate – 10Mbps Ethernet
– 100Mbps Fast Ethernet
– 1Gbps Gigabit Ethernet
Data Throughput – 350 Mbps Firewall Throughput
Performance – 100 Mbps 3DES+SHA-1 Performance
– 100 Mbps AES VPN Performance
Virtualization – 32000 Concurrent Sessions Maximum
– 8000 New Sessions/second
– 500 Security Policies Tenants Maximum
– 125 Concurrent VPN tunnels
– 50 Tunnel Interfaces
Stateful Packet Filtering – NAT
– PAT
– IPSec NAT-Traversal
– Virtual IP (VIP)
Firewall Protection – Backdoor Detection
– Worm Scanning
– Trojan Horse
– Network Attack Detection
– Denial of Service (DoS)
– Brute Force Attack Mitigation
– SYNflood Protection
– Malformed Packet Protections
– Distributed Denial of Service (DDoS)
Encryption – AES (256-bit)
– DES (56-bit)
– 3DES (168-bit)
Authentication – MD5
– SHA-1
– LDAP
– RSA SecurID
– RADIUS
– XAUTH
VPN Support – All management via VPN tunnel on any interface
– Redundant VPN gateways
– Remote access VPN
– VPN tunnel monitor
– Auto-Connect VPN
Expansion Slots – (4 Total) Expansion Slot
Management – CLI
– Telnet
– SNMP v2
– Web-based Management
– Networks NetScreen-Security Manager
Memory – 512MB DRAM
Input Voltage – 100 V AC to 240 V AC Power Supply
Form Factor – 1U Rack-mountable
