> - Potential savings from using a J4350 router instead of the larger > J6350, as you'll generally be performance-bound by the SSG 550 > firewall. The J4350 lacks redundant power options, though. It's > also not a direct replacement for the SSG 550, whereas the J6350 is, > if that would affect any sparing strategy you might have.
It's worth mentioning the J2320/SSG320 here, as the poster only has 45Mbps of external bandwidth, and it's rated for 400Mbps of IMIX traffic in both firewall and routing mode. It's approximately 1/2 the price of the J4350 in its 1GB RAM mode, which will be necessary for a full table, or the UTM features of ScreenOS. My recommendation for the overall approach would be to get a J2320 and an SSG320, safe in the knowledge that in an emergency one can be reinstalled to become the other, and J-Series adaptive services firewall would provide a useful stopgap security solution. JUNOS AS firewall is much more painful to configure than ScreenOS today: the ScreenOS web-based management is good for a non-specialist to configure firewall rulesets. Regards, Phil Sykes Technical Consultant JNCIE-M #227 Imtech Telecom Mobile: +44 (0) 7823 530 630 http://www.imtechtelecom.co.uk/ _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp