SRX3600 Cluster & IDP


Published on

Published in: Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

SRX3600 Cluster & IDP

  1. 1. Kashif Latif
  2. 2. The SRX Clustering Module (SCM) is a card thatyou can install in the services gateway toenable the dual control link feature for chassiscluster supported in Junos OS Release 10.2.
  3. 3. When deploying SRX3600’s in H/A cluster, theSRX cluster module utilize the redundantarchitecture design of the SRX3000 line toprovide full control link resiliency for missioncritical environments.
  4. 4. To form a chassis cluster, a pair of the same kindof supported SRX-series devices or J-seriesdevices are combined to act as a single systemthat enforces the same overall security. For SRX 5600 and SRX 5800 chassis clusters, the placement and type of Services Processing Cards (SPCs) must match in the two clusters. For SRX 3400 and SRX 3600 chassis clusters, the placement and type of SPCs, Input/output Cards (IOCs), and Network Processing Cards (NPCs) must match in the two devices.
  5. 5. For J-series chassis clusters, although thedevices must be the same kind, they cancontain different Physical Interface Modules(PIMs).When a device joins a cluster, it becomes anode of that cluster. With the exception ofunique node settings and management IPaddresses, nodes in a cluster share the sameconfiguration.
  6. 6. You can deploy up to 15 chassis clusters in aLayer 2 domain. Clusters and nodes areidentified in the following way:1. A cluster is identified by a cluster ID (cluster-id) specified as a number from 1 through 15.2. A cluster node is identified by a node ID (node) specified as a number from 0 to 1.
  7. 7. Juniper Networks Intrusion Detection andPrevention (IDP) products provide comprehensiveand easy-to-use in-line protection that stopsnetwork and application level attacks before theyinflict any damage to the network, minimizing thetime and costs associated with maintaining asecure network. Usingindustry-recognized stateful detection and prevention techniques, Juniper Networks IDP provides zero day protection against worms, Trojans, spyware, key loggers and other malware from penetrating the network or spreading from already infected users.
  8. 8. Juniper Networks IDP not only helps protectnetworks against attacks, it providesinformation on rogue servers, as well as typesand versions of applications and operatingsystems that may have unknowingly beenadded to the network.Application signatures, available on the JuniperNetworks IDP, goes a step further and enablesaccurate detection of specific applications suchas peer-to-peer or instant messaging.
  9. 9.  Juniper Networks IDP 75 brings full Intrusion prevention System (IPS) capability to small and mid-size businesses as well as remote offices. Juniper Networks IDP 250 and IDP 800 offer market-leading IPS capabilities to mid-size and large enterprises as well as service providers. Juniper Networks IDP 8200 offers market leading performance with 10 Gbps of real world throughput and is also suited for large enterprises and service providers.
  10. 10. Kashif Latif