Understanding Services PICs

Adaptive Services and Multiservices PICs

Adaptive Services [AS] PICs and Multiservices PICs enable you to perform multiple services on the same PIC by configuring a set of services and applications. The AS and Multiservices PICs offer a range of services that you can configure in one or more service sets. The following are some of the services you can configure on Adaptive services or multiservices interfaces:

• Class-of-service

• Intrusion detection service (IDS)

• IP Security (IPsec)

• Layer 2 tunneling protocols

• Monitoring services

• Network Address Translation (NAT)

• Stateful firewalls

• Voice services

For more information about these services, see Adaptive Services and Multiservices Interfaces Overview.

Encryption Services (ES) PIC

ES PIC provides a security suite for the IP version 4 (IPv4) and IP version 6 (IPv6) network layers. The suite provides functionality such as authentication of origin, data integrity, confidentiality, replay protection, and nonrepudiation of source. It also defines mechanisms for key generation and exchange, management of security associations, and support for digital certificates. For more information about encryption interfaces, see Configuring Encryption Interfaces.

Multilink Services and Link Services PICs

Multilink Services and Link Services PICs enable you to split, recombine, and sequence datagrams across multiple logical data links. The goal of multilink operation is to coordinate multiple independent links between a fixed pair of systems, providing a virtual link with greater bandwidth than any of the members. The Junos OS supports two services PICs based on the Multilink Protocol: the Multilink Services PIC and the Link Services PIC.

For more information about multilink and link services interfaces, see Link and Multilink Services Interfaces User Guide for Routing Devices.

Monitoring Services PICs

Monitoring Services PICs enable you to monitor traffic flow and export the monitored traffic. Monitoring traffic allows you to perform the following tasks:

• Gather and export detailed information about IPv4 traffic flows between source and destination nodes in your network.

• Sample all incoming IPv4 traffic on the monitoring interface and present the data in cflowd record format.

• Perform discard accounting on an incoming traffic flow.

• Encrypt or tunnel outgoing cflowd records, intercepted IPv4 traffic, or both.

• Direct filtered traffic to different packet analyzers and present the data in its original format.

For more information about flow monitoring interfaces, see Monitoring, Sampling, and Collection Services Interfaces User Guide.

Tunnel Services PIC

Tunnel Services PIC provides a private, secure path through an otherwise public network by encapsulating arbitrary packets inside a transport protocol. Tunnels connect discontinuous subnetworks and enable encryption interfaces, virtual private networks (VPNs), and MPLS.

For more information about tunnel interfaces, see Tunnel Services Overview.

Multiservices MIC and Multiservices MPC

The Multiservices Modular Interfaces Card (MS-MIC) and the Multiservices Modular PIC Concentrator (MS-MPC), introduced in Junos OS Release 13.2, provide improved scaling and high performance. The MS-MIC and MS-MPC have enhanced memory (16 GB for MS-MIC, 32 GB per NPU of MS-MPC) and processing capabilities.

The services interfaces on MS-MPC and MS-MIC are identified in the configuration with an ms- prefix (for example, ms-1/2/1).

The following services packages come preinstalled and preconfigured on MS-MICs and MS-MPCs in Junos OS Release 13.2:

• Junos Traffic Vision (formerly referred to as Jflow/Flow Monitoring)

• Junos Address Aware (formerly referred to as NAT features)

• Junos VPN Site Secure (formerly referred to as IPsec features)

• Junos Network Secure (formerly referred to as the Stateful Firewall feature)

For information about MS-MIC and MS-MPC, see Multiservices MIC and Multiservices MPC (MS-MIC and MS-MPC) Overview.