LN1000 Mobile Secure Router

Similar documents
Product Description. Product Overview DATASHEET

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

Demonstrating the high performance and feature richness of the compact MX Series

Cisco RV 120W Wireless-N VPN Firewall

Cisco Integrated Services Routers Performance Overview

Introduction of Quidway SecPath 1000 Security Gateway

Designing and Developing Scalable IP Networks

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

20 GE + 4 GE Combo SFP G Slots L3 Managed Stackable Switch

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Unified Services Routers

Cisco 5915 Embedded Services Router

Datasheet. Advanced Gigabit Ethernet Routers. Models: ER-X, ER-X-SFP. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Cisco 5940 Series Embedded Services Router

Gigabit Multi-Homing VPN Security Router

Unified Services Routers

SRX300 Line of Services Gateways for the Branch

Datasheet. Managed PoE+ Gigabit Switches with SFP. Models: ES W, ES W, ES W, ES W

Unified Services Routers

NetScreen Series Security Systems

Cisco RV220W Network Security Firewall

How To Use A Cisco Wvvvdns4400N Wireless-N Gigabit Security Router For Small Businesses

Network Configuration Example

Cisco SR 520-T1 Secure Router

vsrx Services Gateway

IPv6 Opportunity and challenge

Cisco RV180 VPN Router

Juniper Solutions for Turnkey, Managed Cloud Services

Cisco RV082 Dual WAN VPN Router Cisco Small Business Routers

vsrx Services Gateway

RuggedCom Solutions for

Gigabit SSL VPN Security Router

Subscriber Management for MX Series 3D Universal Edge Routers

How To Set Up A Cisco Rv110W Wireless N Vpn Network Device With A Wireless Network (Wired) And A Wireless Nvv (Wireless) Network (Wireline) For A Small Business (Small Business) Or Remote Worker

Cisco RV220W Network Security Firewall

Cisco RV215W Wireless-N VPN Router

Cisco WRVS4400N Wireless-N Gigabit Security Router: Cisco Small Business Routers

Juniper Networks SRX 5000 Services Gateways

Network Security Firewall

Wireless Controller DWC-1000

1- and 2-Port Fast Ethernet High-Speed WAN Interface Cards for Cisco 1841, 2800, and 3800 Series Integrated Services Routers

How Cisco IT Uses Firewalls to Protect Cisco Internet Access Locations

Cisco RV110W Wireless-N VPN Firewall

20 GE PoE-Plus + 4 GE PoE-Plus Combo SFP + 2 GE SFP L2 Managed Switch, 370W

Cisco 7600 Series Route Switch Processor 720

HP VSR1000 Virtual Services Router Series

Customer Benefits Through Automation with SDN and NFV

FASTIRON II SWITCHES Foundry Networks award winning FastIron II family of switches provides high-density

TK800-Series Industrial GPRS / UMTS / LTE Router

TP-LINK L2 Managed Switch

Advanced Network Routers. Datasheet. Model: ERLite-3, ERPoe-5. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Cisco RV110W Wireless-N VPN Firewall

24 GE + 2 GE SFP L2 Managed Switch

SonicOS 5.9 / / 6.2 Log Events Reference Guide with Enhanced Logging

Datasheet. Managed Gigabit Switches with SFP. Models: ES-24-Lite, ES-48-Lite. Non-Blocking Throughput Switching Performance

Datasheet. Managed Gigabit Fiber Switch. Model: ES-12F. Non-Blocking Throughput Switching. High Performance and Low Latency

Technology Overview. Class of Service Overview. Published: Copyright 2014, Juniper Networks, Inc.

TK C -25 C 95% RH EMC TK701G TK701U TK704G TK704U TK704W. TK-Series Cellular Router

Gigabit Multi-Homing VPN Security Router

Cisco Cisco 3845 X X X X X X X X X X X X X X X X X X

Gigabit Content Security Router

Integrated Services Router with the "AIM-VPN/SSL" Module

EX 3500 ETHERNET SWITCH

Configuring a Lan-to-Lan VPN with Overlapping Subnets with Juniper NetScreen/ISG/SSG Products

Junos Space Virtual Control

Cisco Intrusion Detection System Services Module (IDSM-2)

WANic 800 & or 2 HSSI ports Up to 52 Mbps/port. WANic 850 & or 2 T3 or E3 ports Full-speed CSU/DSU. WANic 880.

JUNIPER CARE PLUS ADVANCED SERVICES CREDITS

TP-LINK 24-Port Gigabit L2 Managed Switch with 4 SFP Slots

Cisco Which VPN Solution is Right for You?

Juniper Networks NetScreen-5000 Series

"Charting the Course...

Deploy and Manage a Highly Scalable, Worry-Free WLAN

TP-LINK. 24-Port Gigabit L2 Managed PoE Switch with 4 Combo SFP Slots. Overview. Datasheet TL-SG3424P.

Security Gateway 10er Serie

TP-LINK. 24-Port Gigabit L2 Managed Switch with 4 SFP Slots. Overview. Datasheet TL-SG

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL

High Performance 10Gigabit Ethernet Switch

NETWORK AND SECURITY MANAGER APPLIANCES (NSMXPRESS AND NSM3000)

48 GE PoE-Plus + 2 GE SFP L2 Managed Switch, 375W

JUNOS PULSE APPCONNECT

Intelligent WLAN Controller with Advanced Functions

- Introduction to PIX/ASA Firewalls -

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL5428E.

Data Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles.

TP-LINK. Gigabit L2 Managed Switch. Overview. Datasheet TL-SG3216 / TL-SG

Cisco VPN Internal Service Module for Cisco ISR G2

Voice Over IP. MultiFlow IP Phone # 3071 Subnet # Subnet Mask IP address Telephone.

Magnum Network Software DX

Cisco Intrusion Prevention System Advanced Integration Module for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Juniper Networks and IPv6. Tim LeMaster Ipv6.juniper.net

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

CCNA Cisco Associate- Level Certifications

Cisco Catalyst 3750 Metro Series Switches

Implementing Firewalls inside the Core Data Center Network

Transcription:

LN1000 Mobile Secure Router Product Overview Military organizations, first responders, and transportation providers are not immune to the growing global demand for secure and mobile access to a high-performance network that provides intelligent voice, video, and data transport. This demand for high-performance, secure networking also exists in networks that support unmanned surveillance aircraft, exploration (oil, gas, and mining) equipment, and energy utility networks for power monitoring. The Juniper Networks LN1000 is a secure, high-performance router delivered in a small form factor energy efficient package that can be embedded in a customer chassis for portable and transportable router markets, making it the perfect solution for even the most demanding mobile network applications. Product Description The Juniper Networks LN1000 Mobile Secure Router is an edge access router that delivers a high-performance routing firewall and intrusion detection service (IDS). Packaged in the standard 4 x 6 x.85 inches VPX form factor, it consumes 35 watts of power or less and weighs less than 1.5 lbs. The Space, Weight, and Power (SWAP) characteristics of the LN1000 make it ideal for customers who require a secure and rugged network access router with a small footprint in a transportable package. The LN1000 provides the power of Juniper s hardware and Junos OS routing functionality across its 8 x 1GbE interfaces. The LN1000 addresses the growing demand for a network access presence in military, first responder and transportation vehicles, mining and exploration equipment, unmanned aircraft, and power grids. Until now, many of these networks were forced to leverage traditional routing and security boxes that were designed for equipment rack installations requiring forced air or fans for cooling. These designs did not consider the SWAP requirements of mobile secure networks. These mobile, and in some instances remote network endpoints, have a unique set of requirements that only the LN1000 can provide in a VPX form factor. The high-performance routing capability of the LN1000 not only provides industry-leading routing and forwarding performance, but it also solves communications issues associated with mobile network access devices. A mesh network of LN1000s is able to determine the most efficient and effective path for network communications across radio networks. It constantly monitors bandwidth between network hops to ensure that traffic is managed appropriately and always gets through even in networks where available bandwidth from one point to another can be extremely dynamic due to radio signal interference. As an edge access device, the LN1000 can be at risk of network attacks. Whether on the battlefield, on a local public transit bus, or located at a local power substation, the threat of unwanted network access, network sabotage, and denial-of-service (DoS) attacks exists. With its integrated firewall and intrusion detection system, the LN1000 ensures that the network is always up and securely running by denying malicious threats and unauthorized access or control. The LN1000 VPX packaging provides a conduction cooling system that allows it to run in harsh environmental conditions without the need for external fans or forced air cooling systems. Your ideas. Connected. 1

Architecture and Key Components The key components of the LN1000 are high-performance routing for mobile networks, security features that include a firewall and IDS, a small footprint, a conduction cooled packaging system, and the powerful Juniper Networks Junos operating system. Routing As a Juniper router, the LN1000 is deployed with Juniper routing hardware, ensuring industry-leading forwarding and routing support even under the harshest network traffic loads. Unlike traditionally fixed-line or wireless backhaul networks, the communication path for mobile networks, whether terrestrial, air, or sea, is through radio links. These communication links have limited bandwidth, are typically bursty in nature, and are subject to dynamic changes to available bandwidth due to Line of Sight (LOS), weather or environmental interference that affects transmission. The high-performance routing capabilities of the LN1000 include radio router protocol support that enables the LN1000 to overcome these difficult mobile networking issues. The radio router protocols in the LN1000 enable it to establish a mesh network configuration using extensions to OSPFv3 routing protocol to include other mobile devices as well as land-based receivers. The radio router protocols provide real-time monitoring of radio hop efficiency and effective available bandwidth. This information is then leveraged by the routing capabilities within the LN1000 to appropriate direct traffic across the most effective hop sequence, and when necessary to regulate traffic flow so that traffic quality of service (QoS) can be maintained. The LN1000 has hardware-based QoS support, which provides consistent routing performance across all 8 x 1 Gbps network interfaces. This hardware-based QoS will support a QoS hierarchy that provides up to 8 queues of 4 precedence levels, delivering classification for up to 32 unique DiffServ code point (DSCP) values. QoS hierarchy support can be used in military and first responder networks to establish a network communications hierarchy as well as message importance and urgency preference. QoS hierarchy in the LN1000 can also be used to provide differentiated classifications of service based on network traffic type in commercial applications. Security The LN1000 provides a hardware assisted stateful firewall and IDS solution that is based on the capabilities provided in the industry-leading Juniper Networks SRX Series Services Gateways. As a network edge device, the security capabilities within the LN1000 provide network access protection whether on the battlefield, in a first responder network, in energy management systems, or in remote sensor data networks. The firewall and IDS systems in the LN1000 provide DoS attack and network disruption protection in various environments. The memory sanitization capability within the LN1000 erases all information stored in memory upon system reboot. This capability ensures that all confidential communications traffic is removed, and it can be used to ensure that hackers are not able to store information in the memory banks of the LN1000 for future use, or even worse for an attempted attack at a future point in time. Firewall Network attack detection DoS and DDos protection TCP reassembly for fragmented packet protection Brute force attack mitigation SYN cookie protection Zone-based IP spoofing Malformed packet protection Intrusion Prevention System (IPS) Protocol anomaly detection Stateful protocol signatures IPS attack pattern obfuscation Customer signatures creation Frequency of updates (daily and emergency) Packaging The LN1000 packaging complies with the VPX standard and consists of a single 3 U card with a VITA 46 interface weighing less than 1.5 lbs. The router is approximately the size of a 4 x 6 in. index card. Populated with military grade components, having a unique thermal conductive design, and shrunk by Juniper s innovative package design, the LN1000 will operate in harsh environments while consuming less that 35 watts of power. And it can achieve excellent routing performance capability because of Juniper hardware assisted security and routing features. Junos Operating System All of the routing, security, and control features leverage the functionality and quality of Junos OS. In addition to Juniper s superior routing software, the LN1000 also can support neighbor discovery and PPPoE extensions to radio router protocol to enable unicast and multicast IP broadcast in a mobile environment. 2

Features and Benefits Features VPX 3 U form factor VITA 46 Interface Low power requirement Benefits Small, single board size makes the LN1000 easily configurable in the customer chassis using an industry-standard VITA 46 backplane. Running with full functionality at less than 35 W, the LN1000 is easily embedded in a moving vehicle, whether terrestrial, airborne, or at sea, where power is often limited. SWAP qualities The exceptional Space, Weight, and Power (SWAP) characteristics (< 1.5 lb, < 35 W, 3 RU x 6.3 in deep) make the LN1000 a unique product for vehicular, airborne, or seaborne units where size, weight, and power must be kept to a minimum. The clear advantage for the LN1000 is to be able to deliver full routing functionality, 8 x 1GbE outputs, as well as firewall and IPS security functions in a small package designed to be easily embedded in a customer chassis that conforms to the VITA 46 standard. IPMI RS232 console port IPv4 and IPv6 support Junos OS functionality Protocol (4938bis) QoS Hot swap Performance The LN1000 is designed with an Intelligent Platform Management Interface (IPMI) for external commands such as reset, remote power on and off, onboard temperature and voltage sensing, and status information. IPMI provides an external control capability for a router that is typically embedded in a constrained space. One RS232 console at the front end of the card via RJ45 connector and also mirrored to the backplane. The RS232 console port can be used to externally monitor operational status as well as to run the Junos OS CLI while the router is in operation. Includes support for forwarding of IPv4/IPv6 packets, IPv4/IPv6 firewall, and intrusion prevention system (IPS) to ensure scalability on the world s largest networks. The LN1000 supports the rich routing and networking functionality of the Junos OS, enabling it to be easily configured to WAN and LAN routers all running the same OS. Allows the LN1000 to communicate to a radio card for uplink using a PPPoE extension (RFC 4938bis). Support for the protocol enables the LN1000 to monitor available bandwidth on a per-hop basis, and adjust routing tables and message queues to ensure that traffic is transported effectively and efficiently. The LN1000 will support 8 queues per virtual, logical, or physical interface. Each queue can have four random early detection (RED) classes applied to it. The hardware-based QoS capability ensures consistent routing performance across all 8 x 1 Gbps Ethernet ports whether QoS is enabled or not. Supports VITA 46.13 Hot Remove/Insert Specification. The LN1000 can be removed from or inserted into the backplane while power is applied without damage to either the backplane or to the LN1000. 500,000 packets/sec at 64 byte packet size without services enabled 200,000 packets/sec at 64 byte packet size with all services enabled (multicast, QoS, firewall, IDS) 3

Product Capabilities Additional security capabilities for the LN1000 include: VPN Firewall, zones, screens, policies Stateful firewall, access control list (ACL) filters DoS and distributed denial-of-service (DDoS) protection (anomaly-based) Replay attack; anti-replay protection Content filtering Tunnels IPsec Generic Routing Encapsulation (GRE) IP-in-IP IPsec Data Encryption Standard (DES) (56-bit), triple Data Encryption Standard (3DES) (168-bit), and Advanced Encryption Standard (AES) (256-bit) Message Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA1) authentication IPsec Network Address Translation (NAT) traversal User Authentication and Access Control Third-party user authentication (RADIUS) RADIUS accounting XAUTH VPN, web-based, 802.X authentication PKI certificate requests (PKCS 12) Certificate authorities supported: VeriSign, Entrust, Microsoft, RSA Keon, iplanet, (Netscape), Baltimore, DoD PKI Address Translation Source NAT with Port Address Translation (PAT) Static NAT Destination NAT with PAT IP Address Assignment Static Dynamic Host Configuration Protocol (DHCP), Point-to-Point over Ethernet (PPPoE) client Internal DHCP server DHCP relay Traffic Management Quality of Service (QoS) Guaranteed bandwidth Maximum bandwidth Ingress traffic policing Priority bandwidth utilization DiffServ code point marking High Availability Virtual Router Redundancy Protocol (VRRP) The Junos OS provides: Routing IPv4 and IPv6 support Static routes RIPv2 OSPFv2/v3 OSPFv3 address family support BGP IS-IS Source-based routing Policy-based routing Equal-cost multipath (ECMP) Reverse path forwarding (RPF) MPLS Layer 2 VPN (VPLS) Layer 3 VPN LDP RSVP Circuit cross-connect (CCC) Translational cross-connect (TCC) Multicast Internet Group Management Protocol (IGMP v1, v2, and v3) IGMP Multicast Listener Discovery (MLD) proxy Protocol Independent Multicast (PIM) sparse mode (SM) PIM dense mode (DM) PIM source-specific multicast (SSM) Distance Vector Multicast Routing Protocol (DVMRP) Source specific Multicast inside IPsec tunnel Encapsulations Generic routing encapsulation (GRE) Point-to-Point Protocol (PPP) PPPoE Ethernet (media access control and tagged) Quality of Service Packet classification based on IP precedence, DSCP, 802.1p 8 queues per logical entity 4 drop profiles per queue using Tail RED 32 queues per interface Weighted round-robin (WRR) scheduling 4 priority levels with strict order Packet marking by precedence, DSCP Radio Router Protocols RFC 4938 RFC 4938 BIS (using rate information to control flows) UDP-based radio router protocol (ground to satellite radio) Command-Line Interface Junos OS CLI 4

Specifications Maximum Performance and Capacity Firewall + routing pps (64 byte): 200 Kpps AES256+SHA-1/3DES+SHA-1 VPN performance: 250 Mbps IPsec VPN tunnels: 1,000 IPS (intrusion prevention system): 250 Mbps Connections per second: 9,000 Maximum concurrent sessions: 128,000 Maximum security policies: 4,096 Maximum users supported: Unrestricted Network Connectivity Fixed I/O: 8 x 1 Gbps Routing BGP instances: 20 BGP peers: 32 BGP routes: 64K OSPF instances: 20 OSPF routes: 64K RIP v1 / v2 instances: 20 RIP v2 routes: 64K Static routes: 64K IPsec VPN Concurrent VPN tunnels: 1,000 Tunnel interfaces: 128 Virtualization Maximum number of security zones: 32 Maximum number of VLANs: 512 Physical and Mechanical Dimensions (W x H x D) Conforms to VITA 48.2 3 U Conduction Cooled Format (0.85 x 3.94 x 6.3 in; 21.6 x 100 x 160 mm) Connections VITA 46.0 specified connections: P0-56 pin Utility Connector; P1, P2-112 pin signaling connectors RJ45 RS232 front console connector Electrical Power < 35 W IInput Voltage +3.3 V +5 V +3 V Aux Thermal Operating VITA ECC4: -40 to 185 F (-40 C to 85 C) Non-Operating LN1000-V: Vita ECC3; -58 to 212 F (-50 to +100 C) LN1000-CC: Vita ECC2; -40 to 185 F (-40 C to +85 C) Shock and Vibration Shock VITA 47 OS2; 40 g, 11 ms Vibration VITA 47 V3: Humidity 5 Hz to 100 Hz PSD increasing 3dB/octave 100 Hz to 1000 Hz PSD = 0.1g2/Hz 1000 Hz to 2000 Hz PSD decreasing at 6dB/octave VITA 47: up to 95% RH non-condensing Corrosion VITA 47; ASTM G85, Annex A4 (Salt, SO 2 spray) Altitude ESD VITA 47: 1,500 ft below sea level to 60,000 ft above sea level VITA 47: EN61000-4-2; up to 15 KV Transportation: MIL-STD-810F for air, sea, road, and rail 5

Juniper Networks Services and Support Juniper Networks is the leader in performance-enabling services that are designed to accelerate, extend, and optimize your high-performance network. Our services allow you to maximize operational efficiency while reducing costs and minimizing risk, achieving a faster time to value for your network. Juniper Networks ensures operational excellence by optimizing the network to maintain required levels of performance, reliability, and availability. For more details, please visit www.juniper.net/us/ en/products-services. About Juniper Networks Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. The company serves customers and partners worldwide. Additional information can be found at www.juniper.net. Product Options The Juniper Networks LN1000-V and LN1000-CC Mobile Secure Routers are currently available with the VITA 46 interface option. Ordering Information The LN1000-V and LN1000-CC can only be ordered through Juniper s J-Partner Program. Please contact your local account representative to order this product. Corporate and Sales Headquarters Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, CA 94089 USA Phone: 888.JUNIPER (888.586.4737) or +1.408.745.2000 Fax: +1.408.745.2100 www.juniper.net APAC and EMEA Headquarters Juniper Networks International B.V. Boeing Avenue 240 1119 PZ Schiphol-Rijk Amsterdam, The Netherlands Phone: +31.0.207.125.700 Fax: +31.0.207.125.701 Copyright 2015 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos and QFabric are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. 1000285-005-EN Mar 2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information