![](/images/backgrounds/142068/bg2c.png)
■JUNOS 5.2 and laterSoftware release
■High-bandwidth encryption (in accordance with IPSec standards)
■Power requirement: 0.21 A @ 48 V (10 W)
■Support for IPSec encryption, decryption, and key calculation acceleration
NOTE: The ES PIC does not support reassembly and decryption of encrypted packets that
were fragmented in an IPSec tunnel.
Description
■Extends the existing security functionality to Internet traffic at high-performance rates
■Throughput at 800 Mbps, half duplex
■1000 IPSec tunnels or 2000 IPSec security association (SA) pairs
■Supports MTUs of up to 3900 bytes
Hardware features
For a list of the software features available for services PICs, see the JUNOS Services Interfaces
Configuration Guide.
■Support for IPv4
■Authentication hash algorithms: MD-5 and SHA-1
■Encryption algorithms: DES, 3-DES, and Null
■Automated key management using Diffie-Hellman key establishment
■Support for pre-shared key management
■Authentication Header and Encapsulating Security Payload (ESP) independently or in
bundle mode
■Tunnel mode IPSec encryption and decryption for data traffic
■Transport mode IPSec encryption and decryption for control traffic
■Static and dynamic security associations (SA) supported
■SA lifetime configurable in seconds and kilobytes
■JUNOS Release 7.0 or later is required to configure graceful Routing Engine switchover
(GRES).
Software features
One tricolor:
■Off—Not enabled
■Green—Online with no alarms or failures
■Amber—Online with alarms for remote failures
■Red—Active with a local alarm; router has detected a failure
LEDs
44 ■ES PIC
M20 Internet Router PIC Guide