M20 Internet Router PIC Guide

ES PIC

Software release

JUNOS 5.2 and later

Description

High-bandwidth encryption (in accordance with IPSec standards)

 

Power requirement: 0.21 A @ 48 V (10 W)

 

Support for IPSec encryption, decryption, and key calculation acceleration

 

NOTE: The ES PIC does not support reassembly and decryption of encrypted packets that

 

were fragmented in an IPSec tunnel.

Hardware features

Extends the existing security functionality to Internet traffic at high-performance rates

 

Throughput at 800 Mbps, half duplex

 

1000 IPSec tunnels or 2000 IPSec security association (SA) pairs

 

Supports MTUs of up to 3900 bytes

Software features

For a list of the software features available for services PICs, see the JUNOS Services Interfaces

 

Configuration Guide.

 

Support for IPv4

 

Authentication hash algorithms: MD-5 and SHA-1

 

Encryption algorithms: DES, 3-DES, and Null

 

Automated key management using Diffie-Hellman key establishment

 

Support for pre-shared key management

 

Authentication Header and Encapsulating Security Payload (ESP) independently or in

 

bundle mode

 

Tunnel mode IPSec encryption and decryption for data traffic

 

Transport mode IPSec encryption and decryption for control traffic

 

Static and dynamic security associations (SA) supported

 

SA lifetime configurable in seconds and kilobytes

 

JUNOS Release 7.0 or later is required to configure graceful Routing Engine switchover

 

(GRES).

LEDs

One tricolor:

 

Off—Not enabled

 

Green—Online with no alarms or failures

 

Amber—Online with alarms for remote failures

 

Red—Active with a local alarm; router has detected a failure

44ES PIC

Page 43 Page 45
Page 44
Image 44
Juniper Networks M20 manual Es Pic, Configuration Guide
Page 43 Page 45
Top Page Image Contents