| Platform Specifications |
|---|
| Appliance | SSR1500 |
| Suggested Location | Extra-large data center/campus |
| Max Throughput (Unencrypted) | 50 Gbps (max. throughput on NIC) |
| System and network services |
|---|
| Features | SNAT/DNAT, destination NAPT, shared NAT pool, IPv4/IPv6, DHCP client, DHCP relay, DHCP server, DHCP server extensions, DHCPv6 PD, DNS client, PPPoE, Proxy ARP, NAT traversal, BFD, inline flow performance monitoring, extended firewall pinhole, path MTU discovery, MSS auto adjust, DSCP based service identification for IPsec |
| Advanced services |
|---|
| Features | Secure Vector Routing (SVR), Multipoint SVR, IPv6 SVR, overlapping IP service segmentation, Ethernet over SVR, application identification |
| Routing |
|---|
| Features | Service based routing, static routing, BGPv4, BGP route reflector, BGP graceful restart, BGP over SVR, BGP route map, BGP prefix list, OSPFv2, BGP VRF, OSPF VRF, Services and Topology Exchange Protocol (STEP) |
| Traffic engineering |
|---|
| Features | Traffic scheduling and shaping, flow policing and shaping, packet marking (DiffServ), service rate limiting |
| Network firewall |
|---|
| Features | Distributed stateful firewall, distributed and automated access control, fine-grained segmentation/tenancy, ICSA network firewall certified, ICMP blackhole |
| IDS/IPS and URL filtering |
|---|
| Features | Intrusion Detection System/ Intrusion Prevention System (IDS/IPS) and URL filtering capabilities are available through the Advanced Security Pack. |
| Secure edge connectors |
|---|
| Features | Seamless connections to Juniper Secure Edge or third-party SSE. |
| Application identification |
|---|
| Features | HTTP/S domain-based identification, O365 identification, DNS based identification, application categorization |
| Analytics |
|---|
| Features | Session metrics, network metrics, LTE metrics, peer path SLA, MOS score, session analytics, SSL/TLS metrics, session IPFIX records |
| Session encryption |
|---|
| Features | Session Payload Encryption (AES-256, AES-128), session/route authentication (HMAC-SHA1, HMAC-SHA256, HMAC-SHA-256-128), adaptive encryption, rekeying, FIPS 140-2 validated, enhanced replay attack protection, transport-based encryption |
| Session management |
|---|
| Features | Path selection, (SLA, MoS, average latency), load balancing using proportional and hunt, session migration, session duplication, session duplication for non-SVR, session duplication for inter-node links, MOS for VoIP, Path of last resort, session optimization, session reliability, service health learning, service route redundancy |
| Monitoring |
|---|
| Features | Monitoring agent, SNMPv2, Syslog, audit logs |
| Management and remote access |
|---|
| Features | GUI, CLI, REST, remote access over SVR (LTE), upgrade rollback, Zero Touch Provisioning, remote service packet capture, user-defined configuration templates, role-based access control |
| AAA |
|---|
| Features | Local registry, LDAP |
| Interface options |
|---|
| Features | Ethernet, LTE support including Dual LTE and Dual SIM, T1 |
| Platforms |
|---|
| Supported Platforms | Bare metal x86 server, KVM, VMWare ESXi, OpenStack, AWS, Azure, Google Cloud |
| Security Features |
|---|
| Service-centric, tenant-based security architecture | Enables SSR to understand sessions and perform vital business operations, securing connectivity based on user, application, and location. |
| Zero Trust security | Deny-by-default principle with checkpoints to validate traffic. |
| Integrated NGFW | Layer 3/Layer 4 network firewall functionality integrated into routing fabric. |
| Integrated security | Built-in NGFW features: IDS/IPS, URL filtering, antivirus. |
| Security at its core | Routing plane built for security, unified posture without separate appliances. |
| AI-native management | Managed by Marvis AI for policy orchestration, threat intelligence, troubleshooting. |
| Advanced Security Pack |
|---|
| Description | Integrates IDS/IPS, URL filtering into routing fabric. Standalone or with SRX Series. Supports SASE journey with Juniper Secure Edge. |