It will actually be pretty simple... I dont think there is much the juniper boxes cannot handle 🙂
I assume you are using the windows client? If so then create a group or local policy to classify traffic on the workstations as per this article, notice the application option in step 5, you should actually specify the skype.exe in the policy and set all DSCP marking to EF (46) for that application following the article.
DSCP Marking on windows applications
Secondly you will configure your firewall policy to act on those markings as follows (remember to apply the filters to the interfaces required), you don't strictly speaking require a source address, but its just good practise to be as specific as you can be:
firewall {
family inet {
filter test {
term t1 {
from {
source-address {
10.0.0.0/24;
}
dscp ef;
}
then {
policer policer-1mb;
accept;
}
}
}
}
policer policer-1mb {
if-exceeding {
bandwidth-limit 1m;
burst-size-limit 625k;
}
then discard;
}
}
This will then give you a process to identify the traffic as well as a way to process it on the SRX. Obviously you can use Wireshark to debug all of this and perhaps start with an FTP client to generate traffic and confirm the speed limits.
Lastly you would need to consider all the "other" traffic, if other traffic is still able to overload the interface the above will be pointless, so its important to create another policer to capture the "all-else" and limit that traffic to allow bandwidth for voice.