The Juniper Networks SRX5400, SRX5600, and SRX5800 are next-generation firewalls (NGFWs) that deliver industry-leading threat protection, high performance, six nines reliability and availability, scalability, and services integration. These devices are ideally suited for large enterprise, service provider, and public sector networks, including:
Large enterprise data centers
Cloud and hosting provider data centers
Mobile operator environments
Managed service providers
Core service provider infrastructures
The SRX5400, SRX5600, and SRX5800 firewalls are an integral part of the Juniper(R) Connected Security framework, which extends security to every point of connection on the network to safeguard applications, user, and infrastructure from advanced threats. Delivering the highest level of protection against exploits, malware, and command and control (C&C) communications, these platforms feature a carrier-grade next-generation firewall and advanced security services such as application security, intrusion prevention system (IPS), and integrated threat intelligence services.
SRX5800
The SRX5800 Firewall is the market-leading security solution supporting up to 3.36 Tbps firewall throughput and latency as low as 32 microseconds for the stateful firewall. The SRX5800 also supports 638 Gbps IPS and 338 million concurrent sessions. The SRX5800 is equipped with the full range of advanced security services and is ideally suited for securing large enterprise, hosted, or colocated data centers, service provider core and cloud provider infrastructures, and mobile operator environments. The massive performance, scalability, and flexibility of the SRX5800 make it ideal for densely consolidated processing environments, and the service density makes it ideal for cloud and managed service providers.
SRX5600
The SRX5600 Firewall uses the same SPCs and IOCs as the SRX5800 and can support up to 1.44 Tbps firewall throughput, 182 million concurrent sessions, and 245 Gbps IPS. The SRX5600 is ideally suited for securing enterprise data centers as well as aggregating various security solutions. The capability to support unique security policies per zone and its ability to scale with the growth of the network infrastructure make the SRX5600 an ideal deployment for consolidation of services in large enterprise, service provider, or mobile operator environments.
SRX5400
The SRX5400 Firewall uses the same SPCs and IOCs as the SRX5800 and can support up to 960 Gbps firewall throughput, 90 million concurrent sessions, and 172 Gbps IPS. The SRX5400 is a small footprint, high-performance firewall ideally suited for securing large enterprise campuses as well as data centers, either for edge or core security deployments. The ability to support unique security policies per zone and a compelling price/performance/footprint ratio make the SRX5400 an optimal solution for edge or data center services in large enterprise, service provider, or mobile operator environments.
Table 1. SRX5800 SRX5600 and SRX5400 Firewalls Performance Specifications
Model | SRX5400 | SRX5600 | SRX5800 |
Junos OS version tested | Junos OS 21.2 | Junos OS 21.2 | Junos OS 21.2 |
Firewall Performance, IMIX | 960 Gbps | 1.44 Tbps | 3.36 Tbps |
Maximum performance per chassis | 960 Gbps | 1440 Tbps | 3.36 Tbps |
Next-Generation Datacenter Firewall Performance2 | 136 Gbps | 194 Gbps | 504 Gbps |
Secure Web Access Firewall Performance3 | 75 Gbps | 107 Gbps | 277 Gbps |
Latency (stateful firewall) | ~11µsec | ~11µsec | ~11µsec |
IPsec VPN AES-256-GCM (IMIX) | 188 Gbps | 269 Gbps | 699 Gbps |
Maximum IPS performance | 172 Gbps | 245 Gbps | 638 Gbps |
Maximum concurrent sessions | 91 Million | 182 Million | 338 Million |
New sessions/second (sustained, tcp, 3way, firewall NAT) | 1.7/1 Million | 3.4/2 Million | 6.3/4 Million |
Maximum users supported | Unrestricted | Unrestricted | Unrestricted |
Table 1. SRX5400 Firewall Specifications
Product Number | Description |
Junos OS Software version tested | Junos OS 18.2R1-S2 |
Firewall performance (max) | 960 Gbps |
IPS performance | 172 Gbps |
VPN performance | 188 Gbps |
Maximum concurrent sessions | 90 million |
New Sessions/second (sustained, TCP, 3-way) | 1.75 million |
Maximum security policies | Unrestricted |
Maximum security intelligence data feed entries in firewall rules database | Up to 1 million IP addresses; separate allocation (capacity) for URLs |
Total Onboard Ports | 2 IOC slots (see IOC options) |
MACsec-capable Ports | N/A |
PoE+ Ports | N/A |
Mini PIM Slots | N/A |
Table 1. SRX5400, SRX5600, and SRX5800 Firewalls Ordering Information
Product Number | Description |
SRX5800X-BASE2 | SRX5800 Configuration includes: Chassis, enhanced midplane, SRX5K-RE3-128G, 2xSRX5K-SCB4, 2xHC PEM, 2xHC fan tray; Supported by JUNOS release 19.3R1 onwards |
SRX5800X-BASE2-TAA | SRX5800 Configuration includes: Chassis, enhanced midplane, SRX5K-RE3-128G, 2xSRX5K-SCB4, 2xHC PEM, 2xHC fan tray,TAA; Supported by JUNOS release 19.3R1 onwards |
SRX5600X-BASE2 | SRX5600 Configuration includes: Chassis, enhanced midplane, SRX5K-RE3-128G, 2xSRX5K-SCB4, 2xHC PEM, 1xHC fan tray; Supported by JUNOS release 19.3R1 onwards |
SRX5600X-BASE2-TAA | SRX5600 Configuration includes: Chassis, enhanced midplane, SRX5K-RE3-128G, 2xSRX5K-SCB4, 2xHC PEM, 1xHC fan tray,TAA; Supported by JUNOS release 19.3R1 onwards |
SRX5400X-BASE2 | SRX5400 Configuration includes: Chassis, enhanced midplane, SRX5K-RE3-128G, 1xSRX5K-SCB3, 2xHC PEM, 1xHC fan tray; Supported by JUNOS release 19.3R1 onwards |
SRX5400X-BASE2-TAA | SRX5400 Configuration includes: Chassis, enhanced midplane, SRX5K-RE3-128G, 1xSRX5K-SCB3, 2xHC PEM, 1xHC fan tray,TAA; Supported by JUNOS release 19.3R1 onwards |
