On 9/3/07, Peter E. Fry <[EMAIL PROTECTED]> wrote: > On 2 Sep 2007 at 0:57, Affan Basalamah wrote: > [...] > > I want to look for Juniper solutions in order to do IP routing, > > together with stateful firewall devices. > [...] > > Establishing interface requirements... Sounds like Ethernet only... > It's an interesting problem. Adding to what you've already > mentioned: > > - The M-series has a much wider interface selection than the J- > series. I don't know if this would be an issue for you, given that > you're currently using a PC. > > - The M7i will generally be performance-bound by the ASM, but > creative configuration (using the ASM only when necessary) can > stretch this considerably. Given your stated environment this > wouldn't seem to be an issue at this time. > > - The two different management interfaces of the J (JunOS) plus SSG > (ScreenOS) may be an issue for you. > > - The SSG has more firewall features than the M-(or J-)series. If > the features are potentially useful to you, you have a few other > elements to consider: > - Potential savings from using a J4350 router instead of the larger > J6350, as you'll generally be performance-bound by the SSG 550 > firewall. The J4350 lacks redundant power options, though. It's > also not a direct replacement for the SSG 550, whereas the J6350 is, > if that would affect any sparing strategy you might have. > - Additional recurring cost of firewall feature licenses -- they can > add up. > > Your choices seem to offer, at face value, more performance than > you'll need. Good! You can never have too much performance -- you > can only overrun your budget. > Speaking of budget, if you're coming from an open source, do-it- > yourself situation, be sure to factor in (recurring!) support and > licensing costs. > I don't know about anyone else here, but I always find bench-racing > networks (or nearly anything else) to be an endless source of > entertainment. > > Peter E. Fry > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp >
Hi all, Thank you for your response, Based on all of your suggestion, I think the best solution would be managing separated platform for routing and firewall, JunOS (whether it is M-series or J-series) and Netscreen (on bridging mode). I'm sorry that I've forgot to mention another constrain for this design, to whom suggesting J-series solution. Currently our campus is connected to REN and there are times that we need to run IPv6 multicast stream and DVTS stream. IPv6 multicast stream usually run with 2 Mbps UDP stream, and DVTS stream consist of two-way 30 Mbps UDP stream. Now I wonder whether J-series can cope with that challenge. That's why I like M-series because the confidence of accepting the challenge :) Not to mention if there are bandwidth upgrade to STM-1 in one/two year, and I want this solution to be lasts in more than five year. Thank you for all your help, Regards, -affan _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp