MACsec and hop-by-hop encryption: The QFX5120-48YM supports IEEE 802.1AE MACsec AES-256, providing link-layer data confidentiality, data integrity, and data origin authentication. The MACsec feature enables the QFX5120-48YM to support 2 Tbps of near line-rate hardware-based traffic encryption on all 100GbE, 40GbE, 25GbE, 10GbE, and 1GbE ports. Defined by IEEE 802.1AE, MACsec provides secure, encrypted communication at the link layer that is capable of identifying and preventing threats from denial-of-service (DoS) and intrusion attacks, as well as man-in-the-middle, masquerading, passive wiretapping, and playback attacks launched from behind the firewall. When MACsec is deployed on switch ports, all traffic is encrypted on the wire, but traffic inside the switch is not. This allows the switch to apply network capabilities such as quality of service (QoS) and sFlow to each packet without compromising the security of packets on the wire.
In addition, Ethernet-based WAN networks can use MACsec to provide link security over long haul connections. MACsec is transparent to Layer 3 and higher layer protocols and is not limited to IP traffic; it works with any type of wired or wireless traffic carried over Ethernet links.
Virtual chassis: The QFX5120 supports Juniper Networks’ unique virtual chassis technology, which enables interconnected switches to operate as a single, logical device with a single IP address. This technology allows campus enterprises to eliminate STP and efficiently utilize network links. QFX5120-48Y (starting with Junos 19.3), QFX5120-32C (staring with Junos 20.3), QFX5120-48T (starting with Junos 20.2), and QFX5120-48YM (starting with Junos 23.1) support virtual chassis feature.
QFX5120-48T, QFX5120-48Y, and QFX5120-32C switche models support HiGig protocol for forming a virtual chassis. However, the QFX5120-48YM switch model supports only HGoE protocol for virtual chassis formation.
Marketplace