Quantity: £663.00

 

More Buying Options

Lower
SRX210HE2£429.00
Higher
SRX220H2£858.00
Juniper Networks SRX210HE2-POE Firewall/VPN, 2GB DRAM
List Price: £1,075.00
Your Price: £663.00
You Save: 38%
Part Code:SRX210HE2-POE
Vendor:Juniper Networks
Product Type:Firewall/VPN

Available Options

Maintenance:
Services:
UTM Subscriptions:
VPN Services:

SRX210HE2-POE replaces the SRX210H-POE and SRX210HE-POE


The SRX210HE2-POE is a step up in performance from the SRX100. As well as having Ethernet ports, the SRX210 introduces PIM (Physical Interface modules). PIMS can be used to allow different types of WAN connections such as leased line (via the E1, serial connectors), ADSL/2/2+, VDSL, G.SHDSL for native broadband connections, DOCSIS3 for cable connections and SFP for native fibre connections. These connection methods can save money and reduce complexity in provisioning.

The SRX210HE2-POE is the first in the series to have Power over Ethernet capabilities as the box can support up to 4 ports of 802.3af. 802.3af is a POE standard that means each port provides up to 15.4 Watts of power, but the Maximum wattage for all 4 PoE ports on this firewall is 50 W.

In addition to the connection options, the 210 delivers acceleration hardware for UTM acceleration this means higher performance when performing IPS and ExpressAV operations on traffic (with high memory version). Finally the SRX210 has a 3G ExpressCard Slot which allows the potential for wireless connection to the internet.

Difference between the SRX210HE2-POE and SRX210HE2

  • SRX210HE2-POE provides up to 4 Ports with Power over Ethernet (802.3af)

Key Benefits of the SRX210HE2-POE:

The SRX range brings together the best of the Netscreen (ScreenOS) firewall platform and integrates with the stability of JUNOS - with its routing and switching heritage (thus "S"ecurity "R"outing Switching ("X")). Next-generation workflow in the Web interface deliver Wizards to help build firewall policies, NAT and VPN's - meaning the SRX is fast to set-up and easy to maintain.

  • Fast Performance - 850Mbs means supporting more users on high speed networks
  • Build complex network topologies to meet your needs and control via security policies
  • 2 Gigabit Ethernet ports mean that this is a Gigabit class firewall. 6 x 10/100 Fast Ethernet ports (with switching and VLAN support) provide additional connections. Like all SRX, routing and switching needs can be met making this much more than just a firewall.
  • Factory option of 4 dynamic Power over Ethernet (PoE) ports 802.3af
  • Dial-in, Policy and Route based VPN built in (use the free Junos Pulse client on Windows, iPhone, Android)
  • Advanced networking with dynamic routing (inc OSPF, RIP, BGP (inc eBGP, iBGP), Multicast) means the SRX210HE2-POE can be an end-point in a private WAN (PWAN) network.
  • 1 Mini-PIM Slot for additional WAN connectivity options and a ExpressCard slot to enable 3G WAN connections
  • DHCP Server , client and relay options mean IPAM is robust and simple to use
  • Flexible Class of Service (CoS) means your traffic can be prioritised - so VoIP and other real-time network protocols can be scheduled over email and other low priority traffic if needed.
  • Unlike many firewalls on the market, the SRX210HE2-POE fully supports SNMP, syslog and NetFlow, making it a platform that is easy to manage

Maximum Performance and Capacity  
Operating System Junos
Firewall Performance (Large Packets) 850 Mbps
Firewall Performance (IMIX) 250 Mbps
Firewall + Routing PPS (64 Byte) 80 Kpps
VPN Performance 65 Mbps
IPsec VPN Tunnels 256
IPS (Intrusion Prevention System) 80 Mbps
Antivirus 30 Mbps
Connections per Second 2,000
Maximum Concurrent Sessions 64,000
Maximum Security Policies 512
Maximum Users Supported No restrictions
   
Network Connectivity  
Fixed Ports 6 x 10/100 & 2 x GE RJ45
I/O Slots 1 x Mini-PIM & Internal 3G ExpressCard
PoE ports Up to 4 ports of 802.3af with maximum 50 W
Other RG45 Console port
USB 1
   
Routing  
BGP instances 10
BGP peers 16
BGP routes 16000
OSPF instances 10
OSPF routes 16000
RIP v1 / v2 instances 10
RIP v2 routes 16000
Static routes 16000
Source-based routing Yes
Policy-based routing Yes
Equal-cost multipath (ECMP) Yes
Reverse path forwarding (RPF) Yes
   
MPLS4  
Layer 2 VPN (VPLS) Yes
Layer 3 VPN Yes
LDP Yes
RSVP Yes
Circuit Cross-connect (CCC) Yes
Translational Cross-connect (TCC) Yes
   
Multicast7 Yes
IGMP (v1, v2, v3) Yes
Protocol independent multicast (PIM) sparse mode (SM) Yes
PIM dense mode (DM) Yes
PIM source-specific multicast (SSM) Yes
Multicast inside IPsec tunnel Yes
   
IPsec VPN  
Concurrent VPN tunnels 256
Tunnel interfaces 64
DES (56-bit), 3DES (168-bit) and AES (256-bit) Yes
MD-5 and SHA-1 authentication Yes
Manual key, Internet Key Exchange (IKE), public key infrastructure (PKI) (X.509) Yes
Perfect forward secrecy (DH Groups) 1,2,5
Prevent replay attack Yes
Dynamic remote access VPN Yes
IPsec NAT traversal Yes
Redundant VPN gateways Yes
   
User Authentication and Access Control  
Third-party user authentication RADIUS, RSA SecureID, LDAP
RADIUS accounting Yes
XAUTH VPN, Web-based, 802.X authentication Yes
Unified Access Control enforcement point  
PKI certificate requests (PKCS 7 and PKCS 10) Yes
Automated certificate enrollment (SCEP)  
Online Certificate Status Protocol (OCSP)  
Certificate Authorities supported VeriSign, Entrust, Microsoft, RSA Keon, iPLanet,
Self signed certificates (Netscape), Baltimore, DoD PKI
   
Virtualisation  
Maximum number of security zones 12
Maximum number of virtual routers 10
Maximum number of VLANs 64
   
Address Translation  
Source NAT with or without Port Address Translation (PAT) Yes
Static NAT Yes
Destination NAT with or without PAT Yes
   
IP Address Assignment (IPv4 & IPv6)  
Static Yes
DHCP, PPPoE client Yes
Internal DHCP server Yes
DHCP relay Yes
   
L2 Switching  
VLAN 802.1Q Yes
Link Aggregation 802.3ad/LACP Yes
Spanning Tree Protocol (STP) 802.1D, RSTP 802.1w, MSTP 802.1s Yes
Authentication 802.1x Port based and multiple supplicant Yes
   
   
Traffic Management Quality of Service (QoS)  
Guaranteed bandwidth Yes
Maximum bandwidth Yes
Ingress traffic policing Yes
Priority-bandwidth utilization Yes
DiffServ marking Yes
   
High Availability  
Active/active - L3 mode Yes
Active/passive - L3 mode Yes
Configuration synchronization Yes
VRRP Yes
Session synchronization for firewall and VPN Yes
Session failover for routing change Yes
Device failure detection Yes
Link failure detection Yes
   
Firewall  
Network attack detection Yes
DoS and DDos protection Yes
TCP reassembly for fragmented packet protection Yes
Brute force attack mitigation Yes
SYN cookie protection Yes
Zone-based IP spoofing Yes
Malformed packet protection Yes
   
Unified Threat Management  
Intrusion Prevention System (IPS) Option
Protocol anomaly detection Option
Stateful protocol signatures Option
Intrusion prevention system (IPS) attack pattern obfuscation Option
Customer signatures creation Option
Frequency of updates Daily and emergency
   
Antivirus  
Express AV (packet-based AV) No
File-based antivirus Yes
Signature database Yes
Protocols scanned POP3, HTTP, SMTP, IMAP, FTP
Antispyware Yes
Anti-adware Yes
Antikeylogger Yes
Antispam Yes
Integrated Web filtering Yes
Redirect Web filtering Yes (no Juniper subscription required)
Content filtering Yes
Based on MIME type, file extension, and protocol commands Yes
   
System Management  
Web UI http & https
Command-line interface (Console) Yes
Command-line interface (Telnet) Yes
Command-line interface (SSH) Yes
Network and Security Manager Yes
STRM Series Yes
   
Administration  
Local administrator database yes
External administrator database support yes
telnet/ssh client & server  
Software upgrades with J-care
Configuration rollback multiple
   
Logging/Monitoring  
Syslog (multiple servers) yes
SNMP (v2 & v3) yes
SNMP full custom MIB yes
Traceroute yes
VPN tunnel monitor yes
   
Wireless  
CX111 3G Bridge support Yes
Internal 3G ExpressCard slot support 1
Max WLAN access point supported 210
   
Flash and Memory  
Memory minimum and maximum (DRAM) 2GB
Memory slots Fixed memory
Flash memory 2 GB
USB port for external storage Yes
   
Dimensions and Power  
Dimensions (W x H x D) 11.1 x 1.75 x 7.1 in (27.9 x 4.1 x 18.0 cm)
Weight (device and power supply) 4.4 lb (2 kg)
Rack mountable 1 RU with optional kit
Power supply (AC) 100-240 VAC, 150 W
Average power consumption 84 W
Input frequency 50-60 Hz
Maximum current consumption 0.25 A @ 100 VAC
Maximum inrush current 80 A
Average heat dissipation 116 BTU/hr
Maximum heat dissipation 157 BTU/hr
Acoustic noise level (Per ISO 7779 Standard) 29.1 dB (fanless)
   
Environment  
Operational temperature 0° to 40° C (32° to 104° F)
Nonoperational temperature -20° to 70° C (4° to 158° F)
Humidity 10% to 90% noncondensing
Mean time between failures (Telcordia model) 10.4 years
   
   
Certifications  
Safety certifications EN 60950-1
EMC certifications EN 55022 Class B, EN 300386
Network homologation CTR 12 / 13, CTR 21, DoC

Feature List J-care NextBusinessDay J-care SameDay
Unlimited 24x7
Software Releases
CSC Online E-Support
Junos Space Service Now / Service Insight
E-Learning
NextDay Hardware Replacement Service  
SameDay Hardware Replacement Service  

J-care SameDay

Juniper Networks will deliver FRU replacements to the shipped address, 24 hours a day, 7 days a week, within 4 hours of issuance of RMA in advance of receipt of defective hardware.

J-care NextBusinessDay

Juniper Networks will deliver FRU replacements to the shipped address in advance of receiving returned defective hardware within the next business day if Juniper issues an RMA by 3pm (local JTAC time).

  Kaspersky AV Sophos AV Sophos AS Enhanced WF AppSecure IDP
Kaspersky Main Office Pack  
Sophos Main Office Pack  

Anti-Virus (AV)
Antivirus/anti-malware protects the network from malware, viruses, spyware, worms, trojans, and other attacks, as well as e-mail and web-based threats that can compromise business productivity and corporate assets.

Anti-Spam (AS)
This improves network performance by blocking spam messages. It offers flexibility and is compatible with with both on-premise or hosted email solutions. An SRX firewall receives emails destined for the email server in the DMZ or the trust zone to compare the email source address woth the local whitelist/blacklist.

Enhanced Web Filtering (EWF)
This delivers protection against potentially malicious websites in a number of ways. EWF features 95 URL categories, providing fine-grained control of URLs to help administrators monitor network activity and ensure compliance with acceptable use policies.

Application Security (AppSecure)
It's a suite of application-aware security services that classifies traffic flows, brings greater application visibility, enforces application firewall rules, controls application usage, and protects the network.

Intrusion Detection and Protection (IDP)
This accurately detects and protects the network against intrusions and other attacks. By implementing detection methods that include protocol and traffic anomaly, stateful signatures, synflood, spoofing, and backdoor detection. IPS secures the network with sophisticated analysis techniques, fast response to new attacks, and the expertise of a dedicated security research team.

A two user evaluation license is provided free of cost that do not expire.


Dynamic VPN is Juniper's clientless solution for remote access IPSec VPN. This client is dynamically delivered from the SRX to end users, and simplifies remote access by enabling users to establish secure IPSec VPN tunnels without having to configure VPN settings on their computers.

Here is a table that show's what the maximum number of concurrent users are for each SRX series firewall:

SRX Series Products Number of Remote Access Users
SRX100 5-25 (Increments of 5)
SRX110 5-25 (Increments of 5)
SRX210 5-50 (Increments of 5)
SRX220 5-150 (Increments of 5)
SRX240 5-250 (Increments of 5)
SRX550 5-500 (Increments of 5)
SRX650 5-500 (Increments of 5)
Customers Who Bought This Product Also Purchased
Juniper Networks AX411 Wireless Access Point (AX411-E)
Juniper Networks AX411 Wireless Access Point (AX411-E)

£399.00


Buy Now
    

Copyright 2014 © 1st Advance Limited, 21 London Road, Twyford, Berkshire, RG10 9EH
Registered in England & Wales - Company No: 4531487
VAT Number: 799 1949 47