Juniper Networks SRX and LN platforms DoD Certified for use as Firewall, IPS/IDS, and VPN

By Elevate posted 10-15-2014 12:05




I am very pleased to report that the Juniper Networks SRX family with Junos 12.1X46 have been recertified in the data firewall category of the US Department of Defense (DoD) Unified Capabilities Approved Product List (UC APL) and certified for the first time in the IDS/IPS and VPN product categories. This certification includes the LN2600, as well.




Certification in all three categories is the trifecta of the UC APL certification and is rare for a single device.

The High End SRX platforms include the SRX1400, SRX3400, SRX3600, SRX5400, SRX5600, and SRX5800. Branch SRX platforms include the SRX100, SRX110, SRX210E, SRX220, SRX240, SRX550, SRX650, and the ruggedized LN2600.

So what is significant about this announcement? The DoD has over 2 million employees and consequently, some very big networks. High capacity networks require high capacity security solutions. With firewall performance of 300 Gbps and 100 Million concurrent sessions, IPS performance of 100 Gbps, and VPN performance of 200 Gbps, the SRX5K is clearly the most powerful Firewall, IDS, or VPN on the UC APL. The next closest competitor isn’t even close, the difference is almost an order of magnitude. The SRX5400, SRX5600, and SRX5800 are also the only UC APL certified Firewall, IDS, or VPN to support 40G and 100G interfaces.

While performance and scale is often critical, what further sets this certification apart is the flexibility that the full breadth of the SRX family provides. There is a device sized for every need. Additionally, SRXs can be used as a firewall, or as an IPS, or as a VPN. The National Security Agency (NSA) has even approved the SRX family for use as a Commercial Systems for Classified (CSfC) Component. In fact, the SRX family is the only NSA CSfC Component listed solution that is also DoD approved in the Data Firewall, IDS/IPS, and VPN categories.

This incredible flexibility even includes some of the harsh environments common to many DoD deployments. Sometimes called the Honey Badger, the LN2600, which is included as part of the Branch SRX family certification, is the first environmentally ruggedized Firewall, IDS/IPS, VPN certified device on the UC APL. It is dust tight, splash resistant, fan-less, conduction cooled and can operate in environments from -40 to + 160 degrees F.

The UC APL certification memos can be found at the links below:

SRX5400, SRX5600, and SRX5800 - Data Firewall, IDS/IPS, VPN.

SRX1400, SRX3400, and SRX3600 - Data Firewall, IDS/IPS, VPN

Branch SRX (SRX100, SRX110, SRX210E, SRX220, SRX240, SRX550, SRX650, and LN2600) - Data Firewall, IDS/IPS, VPN.

1 comment



10-16-2014 04:43

 Great news.


How about VPNs and what about when you are working in hotels and the splash page (captive portal) prevents you from getting connected? Your laptop/tablet probably doesn't allow split-tunnelling and/or captive portal remediation?


We can enable this via devices ranging from an Android smartphone, a mini-router or a tablet.


Rob Knight.