ValueSYS for Information Technology
Software Service Made Superior
ValueSYS Products
SunSystems
Juniper SSG
Juniper SRX
Juniper SSL VPN
Citrix XenApp
Websense
Juniper Networks SSG 5/SSG 20 PDF Print E-mail

The Juniper Networks Secure Services Gateway 5 (SSG 5) and Secure Services Gateway 20 (SSG 20) are purpose-built security appliances that deliver a perfect blend of performance, security and LAN\WAN connectivity for small branch office and small business deployments. Traffic flowing in and out of the branch office can be protected from worms, Spyware, Trojans, and malware by a complete set of Universal Threat Management (UTM) security features including Stateful firewall, IPSec VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering.

SSG 5/SSG 20
    • Purpose-built security appliances that deliver high performance, security and LAN/WAN connectivity for small branch office and stand-alone business deployments
    • Traffic is protected against all manner of attacks by a complete set of Unified Threat Management (UTM) security features including Stateful firewall, IPSec VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filter
    • Extensible I/O architecture delivers LAN and WAN connectivity options on top of unmatched security to reduce costs and extend investment protection

Overview

The Juniper Networks Secure Services Gateway 5 (SSG 5) and Secure Services Gateway 20 (SSG 20) are purpose-built security appliances that deliver a perfect blend of performance, security and LAN\WAN connectivity for small branch office and small business deployments. Traffic flowing in and out of the branch office can be protected from worms, Spyware, Trojans, and malware by a complete set of Universal Threat Management (UTM) security features including Stateful firewall, IPSec VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering.

The rich set of UTM security features allows the SSG 5 and SSG 20 to be deployed as a stand alone network protection device. With its robust routing engine, the SSG 5 and SSG 20 can also be deployed as a traditional branch office router or as a combination security and routing device to help reduce IT capital and operational expenditures

  • SSG 5: The SSG 5 is a fixed form factor platform that delivers 160 Mbps of Stateful firewall traffic and 40 Mbps of IPSec VPN throughput.
  • SSG 20: The SSG 20 is a modular platform that delivers 160 Mbps of Stateful firewall traffic and 40 Mbps of IPSec VPN throughput.

The SSG 5 and SSG 20 are ideally suited for branch offices, small to medium businesses and service providers that want a security platform to protect their WAN and high speed internal networks while extending the platform return on investment through high levels of system and interface modularity.

Features & Benefits

Key features and benefits of the Juniper Networks SSG 5 and SSG 20 include:

  • Purpose-built, high performance platform that delivers WAN connectivity and security, plus the muscle to protect the high-speed LAN against internal network and application-level attacks
  • Proven security and LAN/WAN routing functionality that provides the ability to consolidate devices and reduce IT expenditures
  • Comprehensive set of Unified Threat Management (UTM) security features to protect against network and application level attacks while simultaneously stopping content-based attacks. UTM security features include:
    • Stateful inspection firewall to perform access control and stop network level attacks
    • IPS (Deep Inspection firewall) to stop application level attacks
    • Best-in-class antivirus based on the Kaspersky Lab scanning engine that includes Anti-Phishing, Anti-Spyware, Anti-Adware protection to stop viruses, Trojans and other malware before they damage the network
    • Anti-Spam via a partnership with Symantec to block known spammers and phishers
    • Web filtering using SurfControl to block access to known malicious download sites or other inappropriate web content
    • Site-to-site IPSec VPN to establish secure communications between offices
    • Denial of service (DoS) mitigation capabilities
    • Application Layer Gateways for H.323, SIP, SCCP and MGCP to inspect and protect VoIP traffic
  • Combination of fixed LAN interfaces and WAN interface options including RS-232 Serial/Aux, V.92, T1, E1, ISDN BRI S/T, and ADSL 2+
  • Interface and routing flexibility for varying network connectivity requirements and future growth requirements
  • Multiple high availability options with sub-second failover between interfaces or devices
  • Customizable security zones to increase interface density without additional hardware expenditures, lower policy creation costs, contain unauthorized users and attacks, and simplify management of firewall/VPNs
  • Management through graphical Web UI, CLI, or the NetScreen-Security Manager central management system
  • Policy-based management to allow centralized, end-to-end life-cycle management

Specifications

Feature/CapacitySecure Services Gateway 5 Base/ExtendedSecure Services Gateway 20 Base/Extended
Number of Interfaces7 x 10/1005 x 10/100
Maximum Number of IP Addresses in Trusted InterfacesUnrestrictedUnrestricted
Physical Interface Module (PIM) Expansion Slots02
WAN Interface OptionsFactory configured RS232 Serial/AUX or ISDN BRI S/T or V.92Mini-PIM: V.92, T1, E1, ISDN BRI S/T, ADSL 2+ Annex A,  ADSL 2+ Annex B
Maximum Throughput160 Mbps FW
90 Mbps IMIX FW
40 Mbps VPN		160 Mbps FW
90 Mbps IMIX FW
40 Mbps VPN
Firewall packets per second (64 byte)30,000 PPS30,000 PPS
Maximum Number of
Sessions		4,000/8,000(3)4,000/8,000(3)
New Sesssions/Sec2,8002,800
Maximum Number of
VPN Tunnels		25/40(3)25/40(3)
Maximum Number of
Policies		200200
Maximum Number of
Virtual LANs		10/50(3)10/50(3)
Maximum Number of
Security Zones		88
Maximum Number of
Virtual Routers		33
WAN Encapsulations SupportedPPPFrame Relay, Multilink Frame Relay, PPP, Multilink PPP, HDLC
Routing Protocols
Supported		OSPF, BGP, RIPv1/v2OSPF, BGP, RIPv1/v2
High Availability
Modes Supported		Active/Passive and/or HA Lite(3)Active/Passive and/or HA Lite(3)
Unified Threat Management / Content Security(1)
IPS (Deep Inspection FW)YesYes
Antivirus(1)YesYes
    Signature database100,000+100,000+
    Protocols scannedPOP3, SMTP, HTTP, IMAP, FTPPOP3, SMTP, HTTP, IMAP, FTP
    Anti-SpywareYesYes
    Anti-AdwareYesYes
    Anti-KeyloggerYesYes
Anti-SpamYesYes
Integrated Web filtering(2)YesYes
External Web filteringYesYes

(1)  UTM Security features (IPS/Deep Inspection, Antivirus, Anti-Spam and Web filtering) are delivered by annual subscriptions purchased separately from Juniper Networks. Annual subscriptions provide signature updates and associated support. The high memory option is required for UTM Security features.
(2)  Redirect Web filtering sends traffic to a secondary server and therefore entails purchasing a separate Web filtering license from either Websense or SurfControl
(3)  The SSG 5 and SSG 20 have an Extended License key option that increases key capacities as outlined below.

Extended License FeatureSSG 5/SSG 20
SessionsIncreases max from 4,000 to 8,000
VPN TunnelsIncreases max from 25 to 40
VLANSIncreases max from 10 to 50
HAAdds support for HA Lite or full Active/Passive
VoIP capacitiesUps max from 32 to 48 (SIP, H.323, MGCP, SCCP)
 

Home - About Us - Solutions - Products - Services
©2008 ValueSYS, All Rights Reserved