Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Gig Throughput on IPSEC

  • From: Brad Fleming
  • Date: Wed Nov 11 13:46:37 2009 
On Nov 11, 2009, at 3:25 AM, adel@baklawasecrets.com wrote:


Hi,

I have a requirement to encrypt data using IPSEC over a p-t-p gig fibre
link. In the past I've normally used Juniper to terminate VPNs, as I
have found them excellent devices and the route based VPN functionality
very useful. However looking at their range, only the ISG will do a gig
of IPSEC. I'm leaning towards keeping my exising Juniper SSG550's for
firewall/routing capability at each site. Then having a separate
encryption devices to handle the site-to-site vpn requiring the gig
throughput. Does anyone have any suggestions on devices to use?



Adel


Not knowing all your other needs, I won't swear to it... but would the Juniper SRX650 work for your situation? It can pass 1.5Gbps of encrypted traffic according to their datasheet. I've never actually tried to move that much data through the box so I can't testify to it.

Also, the Juniper SRX3400 is advertised as handling 6Gbps of encrypted traffic.

Of course, these are JunosES devices as opposed to ScreenOS, but the transition isn't as painful as you might expect. We actually use the J- series devices with JunosES as site routers/firewalls with a great deal of success.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.