Skip to main content
Junos OS 21.2R2
Product Type
Network and Network Related Devices and Systems
Product Status
In evaluation
Assurance Level
Protection Profile
Product Description

The Target of Evaluation (TOE) is Juniper Networks, Inc. Junos OS 22.2R1 operating system on the MX10003 routing appliance and the EX9253 ethernet switch. 

The portfolio of MX Series 3D Universal Edge Routers includes a wide range of physical and virtual platforms that share a common architecture and feature set. Juniper Networks MX10003 routing appliance is a complete routing system that supports a variety of high-speed interfaces (only Ethernet is within scope of the evaluation) for medium/large networks and network applications.  Juniper Networks MX routers share common Junos firmware, features, and technology for compatibility across platforms.

The EX9200-Series line of programmable, flexible and scalable modular Ethernet core switches simplifies the deployment of cloud applications, virtualized servers and rich media collaboration tools across campus and data centre environments.  The EX9250 Ethernet Switch enables collaboration and provides simple and secure access to mission critical applications. In the data centre, the EX9253 simplifies network architectures and network operations to better align the network with today’s dynamic business environments.

The appliances are physically self-contained, housing the firmware and hardware necessary to perform all routing functions.

The MACsec line cards support MACsec between adjacent devices, encrypting all traffic communicated between the devices including frames for LLDP, DHCP, ARP, STP, Ethernet Control frames, etc (the exceptions to this protection are Destination MAC and Source MAC addresses in MACsec and MKA frames). MACsec can be deployed in point-to-point mode or shared mode with multiple stations. In the evaluated configuration MACsec must be configured individually on each point-to-point Ethernet link, such that a pair of MACsec devices (connected by a physical medium) protect Ethernet frames switched or routed from one device to the other.