Juniper Networks Secure Access 6000 SP
The Juniper Networks Secure Access 6000 SP is the industry’s first SSL VPN platform with comprehensive virtualization designed to enable Service Providers (SPs) to deliver network-based SSL VPN services to multiple enterprises of any size from a single appliance/cluster. Combining Juniper Networks expertise in working with Service Providers with the industry-leading Instant Virtual Extranet (IVE) platform, the Secure Access 6000 SP platform provides SPs with a sophisticated, end-to-end virtualization framework that is optimized for highly available and highly scalable network-based SSL
VPN managed services. Specific hardware platform features include redundant hot swappable power supplies and hard disks with real time data mirroring, and hot swappable fans. The platform also includes GBIC-based multiple Ethernet ports with the flexibility to select SX, LX and copper-based interfaces, enabling the creation of short or long distance fiber connections and redundant or meshed configurations. Platforms can be deployed in pairs or in multi-unit clusters for high availability. The SA 6000 SP also features a state-of-the-art SSL acceleration chipset to speed CPU-intensive encrypt/decrypt processes, as well as built in compression for all traffic.
The ability to offer network-based managed services to multiple
Service Provider Value Summary
customers from a single appliance is enabled by Juniper’s unique
Low Total Cost of Ownership with High Return on Investment
Instant Virtual System (IVS) software, which provides end customers
• No client to install and no firewall /NAT traversal issues result in
many of the benefits of their own SSL VPN, without having to manage a
device on their premises. IVS allows complete segregation of each end customer’s traffic, allowing SPs to securely segregate end users’ traffic,
• Differentiated revenue opportunities with services such as extranet
even if two customers have overlapping IP addresses. IVS features
access, disaster recovery, intranet LAN security and mobile device
granular role-based VLAN (802.1Q) tagging, enabling service providers
to provision specific VLANs for employees and partners of an enterprise
customer. DNS/WINS, AAA, log/accounting servers and application
• Maximizes existing SP infrastructure, including MPLS and IPSec
servers such as Web mail, file shares, etc. can reside either in the
respective customers’ intranets or in the SP network. SPs can provision
Complete Management Flexibility with Virtualization Framework
an overall concurrent number of users on a per customer basis with the
• Service providers can choose from a wide range of flexible options,
flexibility to distribute further amongst different user audiences such as
remote employees, contractors, partners, etc.
– Delegate to end customers the ability to define the specifics of
Service providers can tailor their offerings, and they can control the
degree of customer management and configuration that they wish to
– Provide easy-to-deploy standard configurations
offer to their end customers. For example, a service provider can choose
• Central management with role-based delegation for streamlined
whether they wish to delegate the ability for end customers to establish
their own customized user portal, end point security, authentication, authorization and auditing polices, or whether they would prefer to limit
Best-in-class end user features that customers demand
• A variety of value-added access methods, so customers can
Like all products built on the Instant Virtual Extranet (IVE) platform, the
SA 6000 SP uses Secure Socket Layer (SSL) available in all Web browsers as a means of secure transport. This enables the service provider to
Service Provider Performance, Scalability, and High Availability
offer customers a means of remote access for their mobile employees
and contractors without deploying client software, as well secure
• A variety of performance enhancing features, including hardware-
extranet or intranet access with no DMZ buildout, server hardening,
based SSL acceleration, compression and clustering, provide
Web agent deployments, or ongoing maintenance.
• Multi-unit cluster deployment option, for high availability across the
Low Total Cost of Ownership with High Return on Investment The combination of the SA 6000 SP platform with Instant Virtual System software allows both the service provider and the end customer to realize a wealth of benefits at a very low total cost of ownership. Features Service Provider Benefits End User Customer Benefits
Virtually all of the benefits of a standalone VPN, without having to manage a device on premises
Top of the line product features without requiring dedicated in-house resources
No client software to deploy, install or
No changes to internal servers or devices
Provides access from any device (including PCs, laptops, mobile devices) with a standard Web browser
Increased productivity and customer satisfaction
Lucrative service requiring no changes to infrastructure
Give secure, granular access to business partners or customers with no additional infrastructure required
Complete Management Flexibility with Virtualization Framework The granular role based delegation features of the SA 6000 SP enable SPs to grant customer administrators a variety of management controls. Granular network, security (endpoint security, authentication, authorization & auditing), and management policies can be tailored to individual customer needs. Features Service Provider Benefits End User Customer Benefits
Fully customizable look and feel at the end
• Can create a standard portal look and feel for quick rollout
• Simplify rollout to end users with a standard look
• Can provide a differentiated offering by allowing the end customer • Can give end users a familiar interface with corporate look and
• Can create standard security parameters for most customers to
• Can use their own AAA infrastructure, or that provided by the
• Can create a differentiated offering for customers that want to
• Can create custom AAA, end point security checks and remedia-
leverage their own security infrastructure
tion policies to ensure that individual security requirements are met
• Can standardize offerings, or offer differentiated services with
• Differentiated access for variety of end user constituencies such
network layer access methods with granular
the flexibility to create customer specific policies that reflect their
• Each access method provides different levels of access control,
from IP addresses, all the way to the URL or file level
• SPs can offer auditing and logging services or end
• Log data can be replicated to the customers’ log servers
customers can use their own log/accounting servers
• SP services aid with regulatory compliance without requiring in-
• With log data, SPs can help end customers with regulatory
• Customer-specific RADIUS accounting facilitates seamless billing
integration with existing billing applications
Service Provider Performance, Scalability, and High Availability The SA 6000 SP features a number of benefits to meet service provider performance, scalability and high availability needs, including: Features Service Provider Benefits
• Offloads compute-intensive encrypt/decrypt process from the CPU, enhancing performance
• Faster application performance and response times for all traffic traversing the IVE such as HTTP, file, and client/server
• Cluster pairs or multi-unit clusters can be deployed across the LAN or across the WAN for superlative scalability with a large number of
user licenses, which scales access as the user base grows
• Units that are part of a cluster synchronize system-state, user profile-state, and session-state data among a group of appliances in the
cluster for seamless failover with minimal user downtime and loss of productivity
• Ensures high availability and high reliability with component level redundancy and data mirroring in hard disk
plies and hard disks with real time data
• Optimized uptime with hot swappable components resulting in operational convenience in a rare event of failure of a component
mirroringHot swappable fansGBIC-based ports with flexibility to select
• Fully redundant/meshed configuration of SSL VPN appliances with multiple load balancers for optimized uptime
• Enables strong performance in the highest speed enterprise networks
Streamlined Service Provider Administration The SA 6000 SP provides streamlined administration to most efficiently provision multiple customers. It also features standards-based management protocols to facilitate integration with third party management and reporting products. Features Service Provider Benefits
• Unified cluster management with synchronized push configuration, zero downtime upgrade, back-up configuration and restore, dynamic
log filtering and deterministic cluster recovery
• Allows management via an interface segregated from user traffic
• Platform configuration can be exported and imported for streamlined multi-box configuration
• XML export/import can be leveraged for an API to the provisioning system• Easily accessible XML configuration data aids with regulatory compliance
• Real time system health monitoring with SNMP MIBs for critical parameters such as CPU and memory utilization, concurrent number of
• Customer-specific maintenance and troubleshooting with virtualized SNMP traps for major and critical events
• Virtualized troubleshooting and diagnostics enable SPs to service individual customers without affecting other customers hosted on the
Best-in-class SSL VPN features that end users demand Juniper Networks market leading SSL VPN offerings provide an unmatched feature set. These features are available to end customers as part of a virtualized system, allowing the service provider to choose to offer them as part of a standard or differentiated service offering. More detailed information on the standard Juniper SSL VPN features can be found in the Secure Access family datasheets. Classification Specific Features
• Hybrid role- / resource-based policy model• Pre-authentication assessment• Dynamic authentication policy• Dynamic role mapping• Resource authorization• Granular auditing and logging• Extensive directory integration & broad interoperability
• Clientless Core Web access - Access to Web-based applications, including complex JavaScript, XML or Flash-based apps and Java
applets that require a socket connection, as well as standards-based e-mail, files and telnet/SSH hosted applications.
• Secure Application Manager (SAM) - A lightweight Java or Windows-based download enables access to client/server applications using
just a Web browser. Also provides native access to terminal server applications without the need for a pre-installed client.
• Network Connect - Provides complete network-layer connectivity via an automatically provisioned, cross platform download from a Web
browser. Adaptive dual mode transport for optimal network layer connectivity in diverse connection environments.
• Native Host Checker• Host Checker API• Host Check Server Integration API• Policy-based enforcement and remediation• Secure Virtual Workspace• Cache Cleaner• Integrated Malware Protection• Coordinated Threat Control
• Password management integration• Web-based Single Sign-On• BASIC Auth & NTLM, Forms-based, Header Variable-based
Specifications Warranty • 90 days – can be extended with support contract Upgrade Options Hardware
• Replacement hot swappable chassis fan
• SFP (small form factor pluggable) transceiver
– 1000base-T RJ45 copper – 1000base-SX fiber
– 1000base-LX fiber Software Secure Access 6000 Base System
• Instant Virtual System Upgrade Option
Secure Access 6000 Base System Service Provider Series
• Secure Application Manager and Network Connect Upgrade Option (SAMNC)
Secure Access 6000 User Licenses
• Advanced Software Feature Set (includes Central Manager)
Technical Specifications
• Dimensions: 16.7”W x 3.5”H x 16.2”D
• Weight: 28.5lb (12.94 kg) typical (unboxed)• Material: 18 gauge (.048”) cold-rolled steel
Secure Access 6000 Feature Licenses
• Fans: 2 externally accessible, hot swappable ball-bearing fans
Secure Application Manager and Network Connect for SA 6000
Panel Display
Advanced Endpoint Defense: Malware Protection -
• Power LED, HD Activity, Temp, PS Fail
Advanced Endpoint Defense: Malware Protection -
Advanced Endpoint Defense: Malware Protection -
– Two RJ-45 Ethernet - 10/100/1000 full or half-duplex (auto-negotiation)
Advanced Endpoint Defense: Malware Protection -
• Fast Ethernet - IEEE 802.3u compliant
Advanced Endpoint Defense: Malware Protection -
• Gigabit Ethernet - IEEE 802.3z or IEEE 802.3ab compliant
Advanced Endpoint Defense: Malware Protection -
• Management: One RJ-45 Ethernet - 10/100/1000 full or half-duplex (auto-negotiation)
Secure Access 6000 Clustering Licenses
Clustering: Al ow 100 additional users to be shared from another SA 6000
Clustering: Al ow 250 additional users to be shared from another SA 6000
• AC Power Voltage 100-240VAC, 50-60Hz, 5A Max
Clustering: Al ow 500 additional users to be shared from another SA 6000
• System Battery CR2032 3V lithium coin cell
SA6000-CL-1000U Clustering: Al ow 1000 additional users to be shared from another SA 6000
SA6000-CL-2500U Clustering: Al ow 2500 additional users to be shared from another SA 6000
SA6000-CL-5000U Clustering: Al ow 5000 additional users to be shared from another SA 6000
Accessories Environmental
Field Upgradeable Secondary Power Supply for SA 6000
• Operating Temp 50°F to 104°F (10°C to 40°C)
Field Upgradeable Secondary Hard Disk for SA 6000
• Storage Temp -40° to 158°F (-40°C to 70°C)
SA6000-MEM Field Upgradeable (by authorized VAR only) Additional 2 GB Memory for SA 6000
• Relative Humidity (Operating) 8% to 90% noncondensing
• Relative Humidity (Storage) 5% to 90% noncondensing
• Altitude (Operating) -50 to 10,000 ft (3,000m)
• Altitude (Storage) -50 to 35,000 ft (10,600m)
Safety and Emissions Certification
• Safety: EN60950-1:2001+A11, UL60950-1:2003, CSA C22.2 No. 60950-1,
• Emissions: FCC Class A, VCCI Class A, CE class A
Copyright 006, Juniper Networks, Inc. All rights reserved.
Juniper Networks and the Juniper Networks logo are registered trademarks of Juniper Networks, Inc. in the United States and other countries.
All other trademarks, service marks, registered trademarks, or registered service marks in this document are the property of Juniper Networks
or their respective owners. All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any
Suite 507-, Asia Pacific Finance Tower
inaccuracies in this document or for any obligation to update information in this document. Juniper Networks reserves the right to change,
modify, transfer, or otherwise revise this publication without notice.
Phosphodiesterase Type 5 Inhibitor Use and Hearing Impairment Objective: To compare use of phosphodiesterase type Results: The overall prevalence of self-reported hearing 5 inhibitors (PDE-5i) between participants with and with-impairment and PDE-5i use in each group was 17.9% andout self-reported hearing impairment using logistic2%, respectively. Men who reported hearing impairmentre
Polycopié de Neurologie-Neuroradiologie et Neurochirurgie 2005-2006 – Faculté de Médecine de Strasbourg Nationaux CEN Connaître les principaux éléments physiopathologiques de la myasthénie. Citer les symptômes révélateurs les plus fréquents et les plus évocateurs. Citer les principaux arguments (cliniques et paracliniques) du diagnostic. Connaître les principe