The SRX definitely supports screen options and you can upgrade the J series to something newer. I think it was in 9.4 that Juniper got rid of the 2 versions of software for J series, ie the router and enhanced services versions, so all newer versions have the security stuff built in.
Upgrading the J series to use screen is fairly straightforward but if you are just looking to run the J series as a router we can turn off the main security features but you may be better off with just having all interfaces in same zone and allow intra zone traffic. Your SRX running as the firewall should be able to cater as the only screen device but it does make sense to apply DDoS protection as close to your perimeter if you can to reduce the load on the upstream boxes. On 11 April 2013 11:15, James Howlett <jim.howl...@outlook.com> wrote: > Hello, > > I think I can't use screen on my J-series in 9.x software / router context. > Will SRX be able to handle it alone? > > all best, > jim > > ------------------------------ > Date: Thu, 11 Apr 2013 10:10:18 +0100 > Subject: Re: [j-nsp] DDoS protection for J-series and SRX > From: m...@deimark.net > To: jim.howl...@outlook.com > CC: juniper-nsp@puck.nether.net > > > Have a look at the screen options on both kits, we can apply basic DDoS > protection there and limit stuff like max connections over a short period > etc > > > On 11 April 2013 09:57, James Howlett <jim.howl...@outlook.com> wrote: > > Hello, > > I have a small network with J6350 as a border router (BGP) and two SRX240H > in a cluster. > Since few days my network is a victim of DDoS attacks. Majority of them > are high pps count attacks. > Are there any methods to protect my network against such attacks. My > J-series can handle quite a lot of pps, but my SRX die after getting more > than 8000 new sessions per second. > > Is there anything i can do here? > > Regards, > jim > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp