Juniper Networks SRX300 Services Gateway
Secure Connectivity Services Gateways for The Cloud-Enabled Enterprise
- 8GbE, 4G RAM, 8G Flash, power adapter and cable. RMK not included.
Our Price: Request a Quote
More pricing below, click here!
Please Note: All Prices are Inclusive of GST
SRX300 Overview:
The SRX300 line of services gateways combines security, routing, switching, and WAN interfaces with next-generation firewall and advanced threat mitigation capabilities for costeffective, secure connectivity across distributed enterprise locations. By consolidating fast, highly available switching, routing, security, and next-generation firewall capabilities in a single device, enterprises can remove network complexity, protect and prioritize their resources, and improve user and application experience while lowering total cost of ownership (TCO).
Product Description
Juniper Networks SRX300 line of services gateways delivers a next-generation networking and security solution that supports the changing needs of cloud-enabled enterprise networks. Whether rolling out new services and applications across locations, connecting to the cloud, or trying to achieve operational efficiency, the SRX300 line helps organizations realize their business objectives while providing scalable, easy to manage, secure connectivity and advanced threat mitigation capabilities. Next-generation firewall and unified threat management (UTM) capabilities also make it easier to detect and proactively mitigate threats to improve the user and application experience.
The SRX300 line consists of four models:
- SRX300: Securing small branch or retail offices, the SRX300 Services Gateway consolidates security, routing, switching, and WAN connectivity in a small desktop device. The SRX300 supports up to 1 Gbps firewall and 300 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
- SRX320: Securely connecting small distributed enterprise branch offices, the SRX320 Services Gateway consolidates security, routing, switching, and WAN connectivity in a small desktop device. The SRX320 supports up to 1 Gbps firewall and 300 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
- SRX340: Securely connecting midsize distributed enterprise branch offices, the SRX340 Services Gateway consolidates security, routing, switching, and WAN connectivity in a 1 U form factor. The SRX340 supports up to 3 Gbps firewall and 600 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
- SRX345: Best suited for midsize to large distributed enterprise branch offices, the SRX345 Services Gateway consolidates security, routing, switching, and WAN connectivity in a 1 U form factor. The SRX345 supports up to 5 Gbps firewall and 800 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
- SRX380: A high-performance and secure SD-WAN gateway, the SRX380 offers superior and reliable WAN connectivity while consolidating security, routing, and switching for distributed enterprise offices. The SRX380 features greater port density than other SRX300 models, with 16x1GbE PoE+ and 4x10GbE ports, and includes redundant dual power supplies, all in a 1 U form factor.
Highlights
The SRX300 line of services gateways consists of secure SD-WAN routers that bring high performance and proven deployment capabilities to enterprises that need to build a worldwide network of thousands of remote sites. WAN or Internet connectivity and Wi-Fi module options include:
- Ethernet, T1/E1, ADSL2/2+, and VDSL
- 3G/4G LTE wireless
- 802.11ac Wave 2 Wi-Fi
Mist AI
WAN Assurance
Mist WAN Assurance is a cloud service that brings AI-powered automation and service levels to Juniper SRX Series Services Gateways, complementing the Juniper Secure SD-WAN solution. Mist WAN Assurance transforms IT operations from reactive troubleshooting to proactive remediation, turning insights into actions and delivering operational simplicity with seamless integration into existing deployments.
- SRX Series firewalls, deployed as secure SD-WAN edge devices, deliver the rich Junos streaming telemetry that provides the insights needed for WAN health metrics and anomaly detection. This data is leveraged within the Mist Cloud and AI engine, driving simpler operations, reducing mean time to repair (MTTR) and providing greater visibility into end-user experiences.
- Insights derived from SRX Series SD-WAN gateway telemetry data allows WAN Assurance to compute unique “User Minutes” that indicate whether users are having a good experience.
- The Marvis assistant for WAN allows you to ask direct questions like “Why is my Zoom call bad?” and provides complete insights, correlation, and actions.
- Marvis Actions identifies and summarizes issues such as application latency conditions, congested WAN circuits, or negotiation mismatches.
Simplifying Branch Deployments (Secure Connectivity/SD-WAN)
The SRX300 line delivers fully automated SD-WAN to both enterprises and service providers.
- A Zero-Touch Provisioning (ZTP) feature simplifies branch network connectivity for initial deployment and ongoing management.
- SRX300 firewalls offer best-in-class secure connectivity.
- The SRX300 firewalls efficiently utilize multiple links and load balance traffic across the enterprise WAN, blending traditional MPLS with other connectivity options such as broadband internet, leased lines, 4G/LTE, and more.
- Policy- and application-based forwarding capabilities enforce business rules created by the enterprise to steer application traffic towards a preferred path.
Comprehensive Security Suite
The SRX300 line offers a comprehensive suite of application security services, threat defenses, and intelligence services. The services consist of intrusion prevention system (IPS), application security user role-based firewall controls and cloud-based antivirus, anti-spam, and enhanced Web filtering, protecting networks from the latest content-borne threats. Integrated threat intelligence via Juniper Networks SecIntel offers adaptive threat protection against Command and Control (C&C)-related botnets and policy enforcement based on GeoIP. Customers can also leverage their own custom and third-party feeds for protection from advanced malware and other threats. Integrating the Juniper Networks Advanced Threat Protection solution, the SRX300 line detects and enforces automated protection against known malware and zero-day threats with a very high degree of accuracy.
Industry-Certified Junos Operating System
SRX300 Services Gateways run the Junos operating system, a proven, carrier-hardened OS that powers the top 100 service provider networks in the world.
The rigorously tested, carrier-class, rich routing features such as IPv4/IPv6, OSPF, BGP, and multicast have been proven over 15 years of worldwide deployments.
The SRX300 line also enables agile SecOps through automation capabilities that support Zero Touch Deployment, Python scripts for orchestration, and event scripting for operational management.
Features & Benefits:
Business Requirement | Feature/Solution | SRX300 Advantages |
---|---|---|
High performance | Up to 5 Gbps of routing and firewall performance |
|
Business continuity | Stateful high availability (HA), IP monitoring |
|
SD-WAN | Better end-user application and cloud experience and lower operational costs |
|
End-user experience | WAN assurance |
|
Highly secure | IPsec VPN, Remote Access/SSL VPN, Media Access Control Security (MACsec) |
|
Threat protection | IPS, antivirus, anti-spam, enhanced web filtering, Juniper Advanced Threat Prevention Cloud, Encrypted Traffic Insights, and Threat Intelligence Feeds |
|
Application visibility | On-box GUI, Security Director |
|
Easy to manage and scale | On-box GUI, Security Director |
|
Minimize TCO | Junos OS |
|
Technical Specifications:
Model: | SRX300 | SRX320 | SRX340 | SRX345 | SRX380 |
---|---|---|---|---|---|
Connectivity | |||||
Total onboard ports | 8x1GbE | 8x1GbE | 16x1GbE | 16x1GbE | 20 (16x1GbE, 4x10GbE) |
Onboard RJ-45 ports | 6x1GbE | 6x1GbE | 8x1GbE | 8x1GbE | 16x1GbE |
Onboard small form-factor pluggable (SFP) transceiver ports | 2x1GbE | 2x1GbE | 8x1GbE | 8x1GbE | 4x10GbE SFP+ |
MACsec-capable ports | 2x1GbE | 2x1GbE | 16x1GbE | 16x1GbE | 16x1GbE 4x10GbE |
Out-of-Band (OOB) management ports | 0 | 0 | 1x1GbE | 1x1GbE | 1x1GbE |
Mini PIM (WAN) slots | 0 | 2 | 4 | 4 | 4 |
Console (RJ-45 + miniUSB) | 1 | 1 | 1 | 1 | 1 |
USB 3.0 ports (type A) | 1 | 1 | 1 | 1 | 1 |
Optional PoE+ ports | N/A | 61 | 0 | 0 | 16 |
Memory and Storage | |||||
System memory (RAM) | 4 GB | 4 GB | 4 GB | 4 GB | 4GB |
Storage (flash) | 8 GB | 8 GB | 8 GB | 8 GB | 100GB SSD |
SSD slots | 0 | 0 | 1 | 1 | 1 |
Dimensions and Power | SRX300 | SRX320 | SRX340 | SRX345 | SRX380 |
Form factor | Desktop | Desktop | 1U | 1U | 1U |
Size (WxHxD) | 12.63 x 1.37 x 7.52 in. (32.08 x 3.47 x 19.10 cm) |
11.81 x 1.73 x 7.52 in. (29.99 x 4.39 x 19.10 cm) |
17.36 x 1.72 x 14.57 in. (44.09 x 4.36 x 37.01 cm) |
17.36 x 1.72 x 14.57 in. (44.09 x 4.36 x 37.01 cm) / 17.36 x 1.72 x 18.7 in. (44.09 x 4.36 x 47.5 cm)2 |
17.36 x 1.72 x 18.7 in. (44.09 x 4.37 x 47.5 cm) / 17.36 x 1.72 x 20.47 in. (44.09 x 4.37 x 52 cm) |
Weight (device and PSU) | 4.38 lb (1.98 kg) | 3.28 lb (1.51 kg)3 / 3.4 lb (1.55 kb)4 |
10.80 lb (4.90 kg) | 10.80 lb (4.90 kg) /
11.02 lb (5 kg)5 |
15 lb (6.8 kg) with 1xPSU / 16.76 lb (7.6 kg) with 2xPSU |
Redundant PSU | No | No | No | Yes | Yes |
Power supply | AC (external) | AC (external) | AC (external) | AC (internal) / DC (internal)5 |
1+1 hot-swappable AC PSU |
DC Input | N/A | N/A | N/A | -40.8 VDC to -72 VDC5 | N/A |
Maximum PoE power | N/A | 180 W4 | N/A | N/A | 480W |
Average power consumption | 15.4 W | 27 W3 / 112 W4 | 122 W | 122 W | 150 W (without PoE) 510 W (with PoE) |
Average heat dissipation | 85 BTU/h | 157 BTU/h3 / 755 BTU/h4 | 420 BTU/h | 420 BTU/h | 511.5 BTU/hr (without PoE) |
Maximum current consumption | 0.346 A | 0.634 A3 / 2.755 A4 | 1.496 A | 1.496 A / 6A @ -48 VDC5 | 1.79A/7.32A |
Acoustic noise level | 0dB (fanless) | 37 dBA3 / 40 dBA4 | 45.5 dBA | 45.5 dBA | < 50dBA @ room temperature 27C |
Airflow/cooling | Fanless | Front to back | Front to back | Front to back | Front to back |
Environmental, Compliance, and Safety Certification | SRX300 | SRX320 | SRX340 | SRX345 | SRX380 |
Operating temperature | 32° to 104° F (0° to 40° C) | 32° to 104° F (0° to 40° C) -22° to 131° F (-30° to 55° C) for SRX345-DC |
32° to 104° F (0° to 40° C) with MPIMs 32° to 122° F (0° to 50° C) without MPIMs |
||
Nonoperating temperature | 4° to 158° F (-20° to 70° C) | -4° to 158° F (-20° to 70° C) -22° to 158° F (-30° to 70° C) for SRX345-DC |
-4° to 158° F (-20° to 70° C) | ||
Operating humidity | 10% to 90% noncondensing | ||||
Nonoperating humidity | 5% to 95% noncondensing | ||||
Meantime between failures (MTBF) | 44.5 years | 32.5 years3 / 26 years4 | 27 years | 27.4 years | 28.1 years |
FCC classification | Class A | Class A | Class A | Class A | Class A |
RoHS compliance | RoHS 2 | RoHS 2 | RoHS 2 | RoHS 2 | RoHS 2 |
FIPS 140-2 | Level 2 (Junos 15.1X49-D60) | Level 1 (Junos 15.1X49-D60) | Level 2 (Junos 15.1X49-D60) | Level 2 (Junos 15.1X49-D60) | N/A |
Common Criteria certification | NDPP, VPNEP, FWEP, IPSEP (based on Junos 15.1X49-D60) | N/A | |||
Performance and Scale | SRX300 | SRX320 | SRX340 | SRX345 | SRX380 |
Routing with packet mode (64 B packet size) in Kpps7 | 300 | 300 | 550 | 750 | 1,700 |
Routing with packet mode (IMIX packet size) in Mbps7 | 800 | 800 | 1,600 | 2,300 | 5,000 |
Routing with packet mode (1,518 B packet size in Mbps7 | 1,500 | 1,500 | 3,000 | 5,500 | 10,000 |
Stateful firewall (64 B packet size) in Kpps7 | 200 | 200 | 350 | 550 | 1,700 |
Stateful firewall (IMIX packet size) in Mbps7 | 500 | 500 | 1,100 | 1,700 | 4,000 |
Stateful firewall (1,518 B packet size) in Mbps7 | 1,000 | 1,000 | 3,000 | 5,000 | 10,000 |
IPsec VPN (IMIX packet size) in Mbps7 | 100 | 100 | 200 | 300 | 1,000 |
IPsec VPN (1,400 B packet size) in Mbps7 | 300 | 300 | 600 | 800 | 3,500 |
Application visibility and control in Mbps8 | 500 | 500 | 1,000 | 1,700 | 6,000 |
Recommended IPS in Mbps8 | 200 | 200 | 400 | 600 | 2,000 |
Next-generation firewall in Mbps8 | 100 | 100 | 200 | 300 | 1,000 |
Route table size (RIB/FIB) (IPv4 or IPv6) | 256,000/256,000 | 256,000/256,000 | 1 million/600,0009 | 1 million/600,0009 | 1 million/600,0009 |
Maximum concurrent sessions (IPv4 or IPv6) | 64,000 | 64,000 | 256,000 | 375,000 | 380,000 |
Maximum security policies | 1,000 | 1,000 | 2,000 | 4,000 | 4,000 |
Connections per second | 5,000 | 5,000 | 10,000 | 15,000 | 50,000 |
NAT rules | 1,000 | 1,000 | 2,000 | 2,000 | 3,000 |
MAC table size | 15,000 | 15,000 | 15,000 | 15,000 | 16,000 |
IPsec VPN tunnels | 256 | 256 | 1,024 | 2,048 | 2,048 |
Number of remote access uses | 25 | 50 | 150 | 250 | 500 |
GRE tunnels | 256 | 256 | 512 | 1,024 | 2,048 |
Maximum number of security zones | 16 | 16 | 64 | 64 | 128 |
Maximum number of virtual routers | 32 | 32 | 64 | 128 | 128 |
Maximum number of VLANs | 1,000 | 1,000 | 2,000 | 3,000 | 3,000 |
AppID sessions | 16,000 | 16,000 | 64,000 | 64,000 | 64,000 |
IPS sessions | 16,000 | 16,000 | 64,000 | 64,000 | 64,000 |
URLF sessions | 16,000 | 16,000 | 64,000 | 64,000 | 64,000 |
WAN Interface | SRX300 | SRX320 | SRX340 | SRX345 | SRX380 |
1 port T1/E1 MPIM (SRX-MP-1T1E1-R) | No | Yes | Yes | Yes | Yes |
1 port VDSL2 Annex A/M MPIM (SRX-MP-1VDSL2-R) | No | Yes | Yes | Yes | Yes |
1 port serial MPIM (SRX-MP-1SERIAL-R) | No | Yes | Yes | Yes | Yes |
4G / LTE MPIM (SRX-MP-LTE-AA & SRX-MP-LTE-AE) | No | Yes | Yes | Yes | Yes |
Additional Specification Features:
Routing Protocols
- IPv4, IPv6, ISO, Connectionless Network Service (CLNS)
- Static routes
- RIP v1/v2
- OSPF/OSPF v3
- BGP with Route Reflector
- IS-IS
- Multicast: Internet Group Management Protocol (IGMP) v1/v2, Protocol Independent Multicast (PIM) sparse mode (SM)/dense mode (DM)/source-specific multicast (SSM), Session Description Protocol (SDP), Distance Vector Multicast Routing Protocol (DVMRP), Multicast Source Discovery Protocol (MSDP), Reverse Path Forwarding (RPF)
- Encapsulation: VLAN, Point-to-Point Protocol (PPP), Frame Relay, High-Level Data Link Control (HDLC), serial, Multilink Point-to-Point Protocol (MLPPP), Multilink Frame Relay (MLFR), and Point-to-Point Protocol over Ethernet (PPPoE)
- Virtual routers
- Policy-based routing, source-based routing
- Equal-cost multipath (ECMP)
QoS Features
- Support for 802.1p, DiffServ code point (DSCP), EXP
- Classification based on VLAN, data-link connection identifier (DLCI), interface, bundles, or multifield filters
- Marking, policing, and shaping
- Classification and scheduling
- Weighted random early detection (WRED)
- Guaranteed and maximum bandwidth
- Ingress traffic policing
- Virtual channels
- Hierarchical shaping and policing
Switching Features
- ASIC-based Layer 2 Forwarding
- MAC address learning
- VLAN addressing and integrated routing and bridging (IRB) support
- Link aggregation and LACP
- LLDP and LLDP-MED
- STP, RSTP, MSTP
- MVRP
- 802.1X authentication
Firewall Services
- Stateful and stateless firewall
- Zone-based firewall
- Screens and distributed denial of service (DDoS) protection
- Protection from protocol and traffic anomaly
- Integration with Pulse Unified Access Control (UAC)
- Integration with Aruba Clear Pass Policy Manager
- User role-based firewall
- SSL Inspection (Forward-proxy)
Network Address Translation (NAT)
- Source NAT with Port Address Translation (PAT)
- Bidirectional 1:1 static NAT
- Destination NAT with PAT
- Persistent NAT
- IPv6 address translation
VPN Features
- Tunnels: Generic routing encapsulation (GRE)3, IP-IP3, IPsec
- Juniper Secure Connect: Remote access / SSL VPN
- Configuration payload: Yes
- IKE Encryption algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
- IKE authentication algorithms: MD5, SHA-1, SHA-128, SHA-256, SHA-384
- Authentication: Pre-shared key and public key infrastructure (PKI) (X.509)
- IPsec (Internet Protocol Security): Authentication Header (AH) / Encapsulating Security Payload (ESP) protocol
- IPsec Authentication Algorithms: hmac-md5, hmac-sha-196, hmac-sha-256
- IPsec Encryption Algorithms: Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB
- Perfect forward secrecy, anti-reply
- Internet Key Exchange: IKEv1, IKEv2
- Monitoring: Standard-based dead peer detection (DPD) support, VPN monitoring
- VPNs GRE, IP-in-IP, and MPLS
Network Services
- Dynamic Host Configuration Protocol (DHCP) client/server/relay
- Domain Name System (DNS) proxy, dynamic DNS (DDNS)
- Juniper real-time performance monitoring (RPM) and IP-monitoring
- Juniper flow monitoring (J-Flow)
- Bidirectional Forwarding Detection (BFD)
- Two-Way Active Measurement Protocol (TWAMP)
- IEEE 802.3ah Link Fault Management (LFM)
- IEEE 802.1ag Connectivity Fault Management (CFM)
- Virtual Router Redundancy Protocol (VRRP)10
- Stateful high availability
- Dual box clustering
- Active/passive
- Active/active
- Configuration synchronization
- Firewall session synchronization
- Device/link detection
- In-Band Cluster Upgrade (ICU)
- Dial on-demand backup interfaces
- IP monitoring with route and interface failover
- SSH, Telnet, SNMP
- Smart image download
- Juniper CLI and Web UI
- Mist AI
- Simplified management
- WAN Assurance
- Junos Space and Security Director
- Python
- Junos OS event, commit, and OP script
- Application and bandwidth usage reporting
- Auto installation
- Debug and troubleshooting tools
- Zero-Touch Provisioning with Contrail Service Orchestration
Advanced Routing Services
- Packet mode
- MPLS (RSVP, LDP)
- Circuit cross-connect (CCC), translational cross-connect (TCC)
- L2/L3 MPLS VPN, pseudowires
- Virtual private LAN service (VPLS), next-generation multicast VPN (NG-MVPN)
- MPLS traffic engineering and MPLS fast reroute
Application Security Services10
- Application visibility and control
- Application-based firewall
- Application QoS
- Application-based advanced policy-based routing
- Application quality of experience (AppQoE)
Enhanced SD-WAN Services
- Application-based advanced policy-based routing (APBR)
- Application-based link monitoring and switchover with Application quality of experience (AppQoE)
Threat Defense and Intelligence Services10
- Intrusion prevention
- Antivirus
- Antispam
- Category/reputation-based URL filtering
- Protection from botnets (command and control)
- Adaptive enforcement based on GeoIP
- Juniper Advanced Threat Prevention to detect and block zero-day attacks
- Adaptive Threat Profiling
- Encrypted Traffic Insights
- SecIntel to provide threat intelligence
1 SRX320 with PoE+ ports available as a separate SKU: SRX320-POE.
2 3SRX345 with dual AC PSU model.
3 4SRX320 non PoE model.
4 5SRX320-POE with 6 ports PoE+ model.
5 6SRX345 with DC power supply (operating temperature as per GR-63 Issue 4 2012 test criteria).
6 7As per GR63 Issue 4 (2012) test criteria.
7 Throughput numbers based on UDP packets and RFC2544 test methodology.
8 9Throughput numbers based on HTTP traffic with 44 KB transaction size.
9 10Route scaling numbers are with enhanced route-scale features turned on.
10 Offered as advanced security services subscription licenses.
Documentation:
Download the Juniper Networks SRX300 Line of Services Gateways Datasheet (PDF).
Pricing Notes:
- All Prices are Inclusive of GST
- Pricing and product availability subject to change without notice.
- 8GbE, 4G RAM, 8G Flash, power adapter and cable. RMK not included.
Our Price: Request a Quote
Includes JSE/SD-WAN, SD-WAN features App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack) and IPS
Our Price: Request a Quote
Includes JSE/SD-WAN, SD-WAN features App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack) and IPS
Our Price: Request a Quote
Includes JSE/SD-WAN, SD-WAN features App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack) and IPS
Our Price: Request a Quote
Includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Juniper ATP
Our Price: Request a Quote
Includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Juniper ATP
Our Price: Request a Quote
Includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Juniper ATP
Our Price: Request a Quote
Includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Content Security (UTM, Cloud AV, URLF and AS)
Our Price: Request a Quote
Includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Content Security (UTM, Cloud AV, URLF and AS)
Our Price: Request a Quote
Includes App+ (AppID, AppFW, AppQoS, AppRoute, AppQoE, AppTrack), IPS and Content Security (UTM, Cloud AV, URLF and AS)
Our Price: Request a Quote
(SOFTWARE SUPPORT IS NOT INCLUDED, must be purchased separately)
Our Price: Request a Quote
(SOFTWARE SUPPORT IS NOT INCLUDED, must be purchased separately)
Our Price: Request a Quote
(SOFTWARE SUPPORT IS NOT INCLUDED, must be purchased separately)
Our Price: Request a Quote
(SOFTWARE SUPPORT IS NOT INCLUDED, must be purchased separately)
Our Price: Request a Quote
(SOFTWARE SUPPORT IS NOT INCLUDED, must be purchased separately)
Our Price: Request a Quote
Our Price: Request a Quote