Routers
Cisco Router 12000 Series 
Routers Juniper
Juniper EX3400 Series Ethernet Switches
Juniper Power Supply-50%
SRX5K-IOC4-10G
₹10,231,900.00
- Product Description: 40 x 10GE SFP + port line card, Optics sold separately.
- Manufacturer: Juniper
- Part Number: SRX5K-IOC4-10G
- Model Description: 40X10GE SFPP
- Rating:
- Product Can Be: Bought , Rented ,
- Availability: In Stock
- Also Available In: Used, Ref, NOB
- Condition: New
- Warranty: New- 1 Year
| SRX5400 | SRX5600 | SRX5800 | |
| Maximum Performance and Capacity1 | |||
| Junos OS version tested | Junos OS 21.2 | Junos OS 21.2 | Junos OS 21.2 |
| Firewall Performance, IMIX | 960 Gbps | 1.44 Tbps | 3.36 Tbps |
| Maximum performance per chassis | 960 Gbps | 1440 Tbps | 3.36 Tbps |
| Next-Generation Datacenter Firewall Performance2 | 136 Gbps | 194 Gbps | 504 Gbps |
| Secure Web Access Firewall Performance3 | 75 Gbps | 107 Gbps | 277 Gbps |
| Latency (stateful firewall) | ~11µsec | ~11µsec | ~11µsec |
| IPsec VPN AES-256-GCM (IMIX) | 188 Gbps | 269 Gbps | 699 Gbps |
| Maximum IPS performance | 172 Gbps | 245 Gbps | 638 Gbps |
| Maximum concurrent sessions | 91 Million | 182 Million | 338 Million |
| New sessions/second (sustained, tcp, 3way, firewall NAT) | 1.7/1 Million | 3.4/2 Million | 6.3/4 Million |
| Maximum users supported | Unrestricted | Unrestricted | Unrestricted |
| Network Connectivity | |||
| IOC4 options (SRX5K-IOC4-MRAT; SRX5K-IOC4-10G) | 40x1GbE SFP+ and 40x10GbE SFP+ or 12xQSFP+/QSFP28 multirate | ||
| IOC3 options (SRX5K-MPC3-100G10G; SRX5K-MPC3-40G10G) | 2x100GbE CFP2 and 4x10GbE SFP+ or 6x40GbE QSFP+ and 24x10GbE SFP+ | ||
| Firewall | |||
| Network attack detection | Yes | Yes | Yes |
| DoS and distributed denial of service (DDoS) protection | Yes | Yes | Yes |
| TCP reassembly for fragmented packet protection | Yes | Yes | Yes |
| Brute force attack mitigation | Yes | Yes | Yes |
| SYN cookie protection | Yes | Yes | Yes |
| Zone-based IP spoofing | Yes | Yes | Yes |
| Malformed packet protection | Yes | Yes | Yes |
| IPsec VPN | |||
| Site-to-site tunnels | 15,000 | 15,000 | 15,000 |
| Tunnel interfaces | 15,000 | 15,000 | 15,000 |
| Number of remote access / SSL VPN (concurrent) users | 25,000 | 40,000 | 50,000 |
| Tunnels | Site-to-Site, Hub and Spoke, Dynamic Endpoint, AutoVPN, ADVPN, Group VPN (IPv4 / IPv6 / Dual Stack) | ||
| Internet Key Exchange | IKEv1, IKEv2 | ||
| Configuration Payload | Yes | Yes | Yes |
| IKE Authentication Algorithms | MD5, SHA1, SHA-256, SHA-384, SHA-512 | ||
| IKE Encryption Algorithms | Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB | ||
| Authentication | Pre-shared key and public key infrastructure (PKI X.509) | ||
| IPsec (Internet Protocol Security) | Authentication Header (AH) / Encapsulating Security Payload (ESP) protocol | ||
| Perfect forward secrecy | Yes | ||
| IPsec Authentication Algorithms | hmac-md5, hmac-sha-196, hmac-sha-256, hmac-sha-384, hmac-sha-512 | ||
| IPsec Encryption Algorithms | Prime, DES-CBC, 3DES-CBC, AEC-CBC, AES-GCM, SuiteB | ||
| Monitoring | Standard-based Dead peer detection (DPD), VPN monitoring | ||
| Prevent replay attack | Yes | Yes | Yes |
| VPNs (GRE, IP-in-IP, MPLS) | Yes | Yes | Yes |
| Redundant VPN gateways | Yes | Yes | Yes |
| Intrusion Prevention System (IPS) | |||
| Signature-based and customizable (via templates) | Yes | Yes | Yes |
| Active/active traffic monitoring | Yes | Yes | Yes |
| Stateful protocol signatures | Yes | Yes | Yes |
| Attack detection mechanisms | Stateful signatures, protocol anomaly detection (zero-day coverage), application identification | Stateful signatures, protocol anomaly detection (zero-day coverage), application identification | Stateful signatures, protocol anomaly detection (zero-day coverage), application identification |
| Attack response mechanisms | Drop connection, close connection, session packet log, session summary, e-mail | Drop connection, close connection, session packet log, session summary, e-mail | Drop connection, close connection, session packet log, session summary, e-mail |
| Attack notification mechanisms | Structured system logging | Structured system logging | Structured system logging |
| Worm protection | Yes | Yes | Yes |
| Simplified installation through recommended policies | Yes | Yes | Yes |
| Trojan protection | Yes | Yes | Yes |
| Spyware/adware/keylogger protection | Yes | Yes | Yes |
| Advanced malware protection | Yes | Yes | Yes |
| Protection against attack proliferation from infected systems | Yes | Yes | Yes |
| Reconnaissance protection | Yes | Yes | Yes |
| Request and response side attack protection | Yes | Yes | Yes |
| Compound attacks—combines stateful signatures and protocol anomalies | Yes | Yes | Yes |
| Custom attack signatures creation | Yes | Yes | Yes |
| Contexts accessible for customization | 600+ | 600+ | 600+ |
| Attack editing (port range, other) | Yes | Yes | Yes |
| Stream signatures | Yes | Yes | Yes |
| Protocol thresholds | Yes | Yes | Yes |
| Stateful protocol signatures | Yes | Yes | Yes |
| Frequency of updates | Daily and emergency | Daily and emergency | Daily and emergency |
| Content Security | |||
| Antivirus | Yes | Yes | Yes |
| Content filtering | Yes | Yes | Yes |
| Enhanced Web filtering | Yes | Yes | Yes |
| Redirect Web filtering | Yes | Yes | Yes |
| Antispam | Yes | Yes | Yes |
| AppSecure | |||
| AppTrack (application visibility and tracking) | Yes | Yes | Yes |
| AppFirewall (policy enforcement by application name) | Yes | Yes | Yes |
| AppQoS (network traffic prioritization by application name) | Yes | Yes | Yes |
| User-based application policy enforcement | Yes | Yes | Yes |
| GPRS Security | |||
| GPRS stateful firewall | Yes | Yes | Yes |
| Destination Network Address Translation | |||
| Destination NAT with Port Address Translation (PAT) | Yes | Yes | Yes |
| Destination NAT within same subnet as ingress interface IP | Yes | Yes | Yes |
| Destination addresses and port numbers to one single address and a specific port number (M:1P) | Yes | Yes | Yes |
| Destination addresses to one single address (M:1) | Yes | Yes | Yes |
| Destination addresses to another range of addresses (M:M) | Yes | Yes | Yes |
| Source Network Address Translation | |||
| Static Source NAT—IP-shifting Dynamic Internet Protocol (DIP) | Yes | Yes | Yes |
| Source NAT with PAT—port translated | Yes | Yes | Yes |
| Source NAT without PAT—fix port | Yes | Yes | Yes |
| Source NAT—IP address persistency | Yes | Yes | Yes |
| Source pool grouping | Yes | Yes | Yes |
| Source pool utilization alarm | Yes | Yes | Yes |
| Source IP outside of the interface subnet | Yes | Yes | Yes |
| Interface source NAT—interface DIP | Yes | Yes | Yes |
| Oversubscribed NAT pool with fallback to PAT when the address pool is exhausted | Yes | Yes | Yes |
| Symmetric NAT | Yes | Yes | Yes |
| Allocate multiple ranges in NAT pool | Yes | Yes | Yes |
| Proxy Address Resolution Protocol (ARP) for physical port | Yes | Yes | Yes |
| Source NAT with loopback grouping—DIP with loopback grouping | Yes | Yes | Yes |
| User Authentication and Access Control | |||
| Built-in (internal) database | Yes | Yes | Yes |
| RADIUS accounting | Yes | Yes | Yes |
| Web-based authentication | Yes | Yes | Yes |
| Public Key Infrastructure (PKI) Support | |||
| PKI certificate requests (PKCS 7, PKCS 10, and CMPv2) | Yes | Yes | Yes |
| Automated certificate enrollment (SCEP) | Yes | Yes | Yes |
| Certificate authorities supported | Yes | Yes | Yes |
| Self-signed certificates | Yes | Yes | Yes |
| Virtualization | |||
| Maximum custom routing instances with data plane separation | 2000 | 2000 | 2000 |
| Maximum security zones | 2000 | 2000 | 2000 |
| Maximum virtual firewalls with data plane and administrative separation (logical/tenant systems) | 500 | 500 | 500 |
| Additional off-platform virtual firewall option with Juniper Networks vSRX Virtual Firewall (VM based) | Unlimited | Unlimited | Unlimited |
| Maximum number of VLANs | 4096 | 4096 | 4096 |
| Routing | |||
| BGP instances | 1000 | 1000 | 1000 |
| BGP peers | 2000 | 2000 | 2000 |
| BGP routes | 1 Million | 1 Million | 1 Million |
| OSPF instances | 400 | 400 | 400 |
| OSPF routes | 1 Million | 1 Million | 1 Million |
| RIP v1/v2 instances | 50 | 50 | 50 |
| RIP v2 table size | 30,000 | 30,000 | 30,000 |
| Dynamic routing | Yes | Yes | Yes |
| Static routes | Yes | Yes | Yes |
| Source-based routing | Yes | Yes | Yes |
| Policy-based routing | Yes | Yes | Yes |
| Equal cost multipath (ECMP) | Yes | Yes | Yes |
| Reverse path forwarding (RPF) | Yes | Yes | Yes |
| Multicast | Yes | Yes | Yes |
| IPv6 | |||
| Firewall/stateless filters | Yes | Yes | Yes |
| Dual-stack IPv4/IPv6 firewall | Yes | Yes | Yes |
| RIPng | Yes | Yes | Yes |
| BFD, BGP | Yes | Yes | Yes |
| ICMPv6 | Yes | Yes | Yes |
| OSPFv3 | Yes | Yes | Yes |
| Class of service (CoS) | Yes | Yes | Yes |
| Mode of Operation | |||
| Layer 2 (transparent) mode | Yes | Yes | Yes |
| Layer 3 (route and/or NAT) mode | Yes | Yes | Yes |
| IP Address Assignment | |||
| Static | Yes | Yes | Yes |
| Dynamic Host Configuration Protocol (DHCP) | Yes | Yes | Yes |
| Internal DHCP server | Yes | Yes | Yes |
| DHCP relay | Yes | Yes | Yes |
| Traffic Management Quality of Service (QoS) | |||
| Maximum bandwidth | Yes | Yes | Yes |
| RFC2474 IP Diffserv in IPv4 | Yes | Yes | Yes |
| Firewall filters for CoS | Yes | Yes | Yes |
| Classification | Yes | Yes | Yes |
| Scheduling | Yes | Yes | Yes |
| Shaping | Yes | Yes | Yes |
| Intelligent Drop Mechanisms (WRED) | Yes | Yes | Yes |
| Three-level scheduling | Yes | Yes | Yes |
| Weighted round robin for each level of scheduling | Yes | Yes | Yes |
| Priority of routing protocols | Yes | Yes | Yes |
| Traffic management/policing in hardware | Yes | Yes | Yes |
| High Availability (HA) | |||
| Active/passive, active/active | Yes | Yes | Yes |
| Unified in-service software upgrade (unified ISSU) | Yes | Yes | Yes |
| Configuration synchronization | Yes | Yes | Yes |
| Session synchronization for firewall and IPsec VPN | Yes | Yes | Yes |
| Session failover for routing change | Yes | Yes | Yes |
| Device failure detection | Yes | Yes | Yes |
| Link and upstream failure detection | Yes | Yes | Yes |
| Dual control links | Yes | Yes | Yes |
| Interface link aggregation/Link Aggregation Control Protocol (LACP) | Yes | Yes | Yes |
| Redundant fabric links | Yes | Yes | Yes |
| Management | |||
| WebUI (HTTP and HTTPS) | Yes | Yes | Yes |
| Command line interface (console, telnet, SSH) | Yes | Yes | Yes |
| Juniper Security Director Cloud | Yes | Yes | Yes |
| Administration | |||
| Local administrator database support | Yes | Yes | Yes |
| External administrator database support | Yes | Yes | Yes |
| Restricted administrative networks | Yes | Yes | Yes |
| Root admin, admin, and read-only user levels | Yes | Yes | Yes |
| Software upgrades | Yes | Yes | Yes |
| Configuration rollback | Yes | Yes | Yes |
| Logging/Monitoring | |||
| Structured syslog | Yes | Yes | Yes |
| SNMP (v2 and v3) | Yes | Yes | Yes |
| Traceroute | Yes | Yes | Yes |
| Certifications | |||
| Safety certifications | Yes | Yes | Yes |
| Electromagnetic Compatibility (EMC) certifications | Yes | Yes | Yes |
| RoHS2 Compliant (European Directive 2011/65/EU) | Yes | Yes | Yes |
| NIST FIPS-140-2 Level 2 | Yes | Yes | Yes |
| Common Criteria NDPP+TFFW EP + VPN EP | Yes | Yes | Yes |
| USGv6 | Yes | Yes | Yes |
| Dimensions and Power | |||
| Dimensions (W x H x D) | 17.45 x 8.7 x 24.5 in
(44.3 x 22.1 x 62.2 cm) |
17.5 x 14 x 23.8 in
(44.5 x 35.6 x 60.5 cm) |
17.5 x 27.8 x 23.5 in
(44.5 x 70.5 x 59.7 cm) |
| Weight | Fully configured 128 lb (58.1 kg) |
Fully Configured: 180 lb (81.7 kg) |
Fully Configured: 334 lb (151.6 kg) |
| Power supply (AC) | 100 to 240 VAC | 100 to 240 VAC | 200 to 240 VAC |
| Power supply (DC) | -40 to -60 VDC | -40 to -60 VDC | -40 to -60 VDC |
| Maximum power | 4,100 watts (AC high capacity) |
4,100 watts (AC high capacity) | 8,200 watts (AC high capacity) |
| Typical Power | 1540 watts | 2440 watts | 5015 watts, 10200 Watts (AC/DC), 200-305 VAC, 200-410 VDC |
| Environmental | |||
| Operating temperature – long term | 41° to 104° F (5° to 40° C) | 41° to 104° F (5° to 40° C) | 41° to 104° F (5° to 40° C |
| Humidity – long term | 5% to 85% noncondensing | 5% to 85% noncondensing | 5% to 85% noncondensing |
| Humidity – short term | 5% to 93% noncondensing but not to exceed 0.026 kg water/kg of dry air | 5% to 93% noncondensing but not to exceed 0.026 kg water/kg of dry air | 5% to 93% noncondensing but not to exceed 0.026 kg water/kg of dry air |
The SRX Series next-generation firewalls are built for large enterprise data centers, service provider infrastructure, and public sector networks. With a modular architecture and high-performance line cards, the SRX Series firewalls are open, scalable security platforms with flexible connectivity options and service integration. The award-winning SRX Series is powered by Junos OS, the same industry-leading operating system that keeps the world’s largest data center networks available, manageable, and secure.
