You can’t build a new future on old technologies – Juniper Networks
Enabling the Hi-IQ network of tomorrow
Aligning business and IT strategy
Driving IT Transformation
Consolidation SDN Big Data
1 0 0 0 0 0 1 0
1 0 1 0 1 1 0
1 0 1 0 0 1 0 1 1 0 1 1 0 0 0 1 0 0 0 1 1
0 0
Virtualization Clouds
Agility and Economics
INDUSTRY TRENDS – MOVE TO THE CLOUD Enterprise DC and Cloud
Public Cloud XaaS
Iaas
Private Cloud
Business Critical IT
Cloud-enable Campus
ITaas
Vanilla Enterprise
L3 CLOS
Overlay
L3
L3 CLOS With
Overlay
L2/L3
• Scale out IP fabric • Small Blast Radius
• Hyper scale multi-tenancy • Overlay virtual network
• Virtualized IT • Low scale multi-tenancy
• Consolidated IT • Converged storage • Simplified operation
• Simplified network & ops • Virtualized network services
Underlay
IP Fabric / consistent Latency / simple / scalable
Server
Hypervisor
VM VM VM
Server
Hypervisor
VM VM VM
Server
Hypervisor
VM VM VM
Overlay
Overlay Controller
OVERLAY NETWORK ARCHITECTURE Underlay Network low/predictable latency
Network Function Virtualization (NFV)
SERVICE CENTER
NFV is the use of general purpose servers instead of specialized devices for network functions such as routers, firewalls, DPI, Analytics, voice gateways,
video encoders, etc.
Virtualized Network Applications
KVM Hypervisor
Linux
Host/ Cluster
Manager
Virtualized Network Applications
KVM Hypervisor
Linux
Host/ Cluster
Manager
VMs VMs
EXAMPLE NFV - SECURING YOUR PRIVATE CLOUD
Department A Department B Department C
FIREFLY
VM
VM VM
Private Cloud Infrastructure
SRX
Physical Servers
Security Director
Virtual Director
vCenter
vCloud Director
VM VM VM VM VM
FIREFLY
VM
FIREFLY
VM
Extracting Intelligence from the Network
New Way • Automated, proactive & network-wide • Data streamed at wire rate • Network tells you what you need to
know • Easily correlate physical and virtual
Old Way
• Manually driven, per-device • Low frequency and capacity data extraction • Need to know what you want to know. • Limited visibility into tunnels and paths
User requests data from
switch
Cloud Analytics Engine
Open, standards based solution for extracting meaningful data from the network—providing unparalleled visibility into physical and virtual networks from the application to the physical interface.
SDN is an ECOSYSTEM
SERVICES
Elastic scaling for rapid deployment of L4-L7 services
Virtual Applications, ADC, FW, IPS, NSTraffic Mon, DDoS, etc. FASTER
Automated orchestration & provisioning to enable
private/hybrid clouds
Open, Programmable physical networks with future-
proof investment protection
MANAGEMENT
FORWARDING Security Routing Switching
EASIER
LOW RISK
Platform Applications APIs
Agility to enable multi-tenant networks
CONTROL
Control Analytics Configuration SDN CONTROLLER: NETWORK ORCHESTRATION
FLEXIBLE
FINANCE HR MARKETING
ORCHESTRATION
CONTROL PLANE FEDERATED CONTROLLER – SCALABLE/RESILIENT
VIRTUAL NETWORK OVERLAY
AUTOMATION ANALYTICS
PHYSICAL NETWORK
JUNIPER CREATES METAFABRIC ARCHITECTURE
Easy to deploy & use
Save time, improve performance
Maximize flexibility
Simple Smart Open
METAFABRIC VALIDATE ARCHITECTURE
Network Juniper EX9214 - switching Juniper VCF - switching Juniper MX480 - routing ND – Cloud Analytics - management
Security Juniper SRX3600 – security (adaptive) Juniper vGW
Services F5 LTM4200 - solutions
Virtualization VMware vSphere - solutions
Compute IBM FlexSystem Chassis - solutions IBM x3950 - solutions
Storage EMC VNX 5500
Switching Data Center Switching
Stora
ge Compute
DCI Routing Services Sec
urity
NM
S
Orc
hes
tra
tio
n
EX9200
Core/ Aggregation Switch
NSX Layer 2 Gateway
NSX Layer3 Gateway
Universal SDN Gateway
QFX5100 series
Access Switch (ToR)
NSX Layer2 Gateway
MXSeries Routers
WAN Gateway
NSX Layer 2 Gateway
NSX Layer3 Gateway
Universal SDN Gateway
SRX Series Firefly DDoS
Secure
WebApp
Secure
Virtual
Director
Secure
Analytics
Network
Director Security
Director
JUNIPER PRODUCT PORTFOLIO FOR METAFABRIC
Physical and Virtual Security
QFX5100-24Q
EX9200
Virtual Chassis Fabric (VCF) – 10G/40G
1 RU, 48 SFP+ & 1 QIC
QFX5100-48S EX4300
10G access Existing 1G access Existing 10G access
Switching - virtual chassis fabric Deployment option spine and leaf design – mixed leaf options – Adaptive Flowlet Splicing
Configuration : ND Wizard-based setup VCF
Complete
Fabric Visibility
VISIBILITY: KEY FOR OPTIMAL USER EXPERIENCE
Location wise
grouping
Granular port
utilization view
VISIBILITY: UTILIZATION HEATMAP
Per interface view
of congestion &
latency events
VISIBILITY: LATENCY HEATMAP
SWITCHING - DATACENTER/CORE - JUNIPER ARCHITECTURES
Juniper Architectures
Open Architectures
MC-LAG
…
QFX5100
Virtual Chassis
Up to 10 members
QFabric
Up to 128 members
IP Fabric
L3 Fabric
Virtual Chassis Fabric
Up to 20 members
Benefits Single point of
management and control
Purpose-built and turnkey
Benefits Flexible deployment
scenarios Open choice of
technologies and protocols
One Architecture Does Not Fit All,
QFX5100 enables Choices!
In Service Upgrade for Continuous service delivery
Junos VM (Master) Junos VM (Backup) Junos VM (Upgraded Master)
QFX5100 Topology-independent In-Service Software Upgrades
QFX5100 Architecture
x86 Hardware Packet Forwarding Engine
Kernal Based Virtual Machines
Linux Kernel
Problem Network performance and resiliency at
risk during switch software upgrade
Solution TISSU—Topology-independent in-service
software upgrades (industry only)
Benefits Seamless upgrade
No traffic loss
No performance impact
No resiliency risk
No port flap
Switching architecture agnostic
EX9200 SERIES , SERVICE DELIVERY GATEWAY Delivering innovation inside and outside of the data center
Flexible SDN enabled silicon to provide seamless workload mobility and
connections between private and public cloud infrastructures
The most advanced and flexible SDN bridging and
routing gateway
USG (Universal
SDN Gateway)
Next-generation technology for connecting multiple data
centers and providing seamless workload mobility
EVPN (Ethernet
VPN)
VMTO (VM Mobility Traffic Optimizer)
Creating the most efficient network paths for mobile
workloads
Datacenter Interconnect. Use Case : EVPN For Data Center Interconnect
VLAN 1 MAC1
VLAN 2 MAC 2
VLAN 1 MAC11
VLAN 2 MAC22
Data Plane Learning BGP Control Plane based learning on WAN Data Plane Learning
EX9200 MX Series EX9200/ MX Series Data Center Site1 Data Center Site 2 Data Center Interconnect
E-VPN Cloud VMTO
Legacy L2 Cloud
VxLAN Cloud
Benefits: •Seamless interconnect between DCs - L2 stretch between DCs •Seamless Workload migration - VM mobility across DCs •Wide Applicability – Interconnects Native L2 and overlay technologies
Spotlight Secure Threat Intelligence Platform
New Way
• Open platform for security intelligence • Continuous, real time threat updates • Centralized control for all enforcement points
Old Way
• Single purpose devices with occasional updates
• Slow to react and defend • No centralized intelligence
Open threat intelligence platform for distributing real time intelligence to SRX enforcement points.
Security Intelligence
Spotlight
Secure Cloud
JUNIPER SERVICES PORTFOLIO NFV READY
Virtual CPE
Virtual PE
Virtual Route Reflector
Virtual Routing Engine
Network Services
Firefly Perimeter Virtual FW
Firefly Host Hypervisor FW
DDoS Secure Virtual
WebApp Secure Virtual
Virtual Secure Access
Secure Analytics Virtual
Security Services
Virtual CGN
Virtual CDN
Virtual Junos Content Encore
Application Services
SDN - Juniper contrail architecture a general purpose SDN platform
Physical Network Interoperability with traditional network devices
Any-to-any non-blocking low-latency fabric: Q-Fabric or Clos
Virtual Network Overlay Multi-tenancy for private and virtual public clouds
Gateway functions - connect to virtual to physical network
Service chaining (physical and virtual)
Marketing HR Finance
Control Plane - Physical, Virtual Open, standards-based, federated controller
Scalable and resilient
Control Plane
Configuration manager, Automation
Control Plane Control Plane
Orchestration, Automation, Analytics Open source and partner eco system of orchestrators
Api and sdk for integration with OSS / BSS
OSS
IP Network (VCF/IP CLOS)
VXLAN
VLAN
Network Director
DDoS Secure Analytics
Firefly
vSwitch (NVS)
DDoS Secure Analytics
Firefly
vSwitch
(NVS)
QFX 5100 (NSX L2 Gateway + ToR)
Network Management + Underlay/Overlay visibility
QFX 5100 (NSX L2 Gateway + ToR)
VXLAN
Bare Metal Server
Web Server
Web Server
Web Server
App Server
App Server
App Server
Bare Metal Server
VLAN
SDN - VMWARE – NSX - INTEGRATION WITH NETWORK DIRECTOR
Network Director : Physical to Virtual Network Mapping
Junos Automation Stack
Chef
Junos
Data Plane (PFE) Chassis
XML-RPC
Netconf
PythonEZ Framework RubyEZ Library
Puppet Ansible Python Scripts
Ruby Scripts
Junoscript
SNMP
CLI
Junos Platform Automation Stack
Reduce time to build/configure and collect
Open architecture Three key features at the platform layer XML-RPC and Netconf Junos Script Junos EZ
NETWORK ANALYTICS IS A BIG DEAL
Business Agility
Virtualization Cloud Adoption
Operational Simplicity
Application Performance
Virtual Machine
JunOS BACKUP
Virtual Machine
JunOS ACTIVE
BUFFER UTILIZATION LATENCY SFLOW INTERFACE COUNTERS
Disclaimer: Items depicted in the guest VM are for instructional purposes and not validated Juniper solutions.
Guest
Virtual Machine
JSON
COLLECTION OF INFORMATION: GUEST VM CAN BE ADDED
Analytics: Use Cases
Latency Measurement & Visibility
Capacity Planning & Optimization
Break-Fix & Troubleshooting
Network Telemetry
USE CASE 1 : MICROBURST
Congestion Threshold not exceeded 1second view
5 Minute View Legacy Traffic View
10 millisecond view 10 millisecond view Congestion Threshold exceeded
10ms view 1sec view 5min view
Enhanced Traffic
view
Analytics and Orchestration Layer
31
Provide per hop and end-to-end latency per traffic flow
Compute Node A Compute Node B
Flow Latency
Red App:
S1
S1
S2
S3
S4
S2 S4
T+1 T+2 T+3
CA-B
T+4
End To End Latency: 4
Timestamp: T+1
Timestamp: T+2
Timestamp: T+3
Timestamp: T+4
Use Case 2 : Latency Calculations
Evolution : Cloud Enabled Campus Architecture
• EX9200 programmable core
– 480G per slot; 100G/40G/10G line card
– MACSEC line cards
– Network segmentation (MPLS, EVPN, VTEP)
• EX4600 most compact distribution
– ISSU
– Mixed Virtual Chassis with EX4300
• EX4300 access
– Complete RJ45, POE+ and fiber portfolio
– Virtual chassis with standard connectors (QSFP+)
– 10/40GbE uplink options
• Management: Network Director
– Network heat map and analytics
– EX4600 support
Core
Distribution
Access
EX9200
EX4300 VC
EX9200
EX4600
EX4300 VC
EX4600
EX3300 VC EX2200
Large ENT Govt.
FSI
Med-Small ENT
Branch
Target Segments
Network Layer
WHY JUNIPER?
Open System • Embrace an ongoing partner eco-system for
services innovation
• Avoid vendor lock-in
Future-Proof • Built in weeks with off-the-shelf software
• Architecture is an overlay to existing network
which minimizes initial disruption
Leverage Assets • Network Overlay Architected leverages existing
Network infrastructure
• Creates new revenue streams by leveraging
existing customer base
Ready to Deploy • Production ready software of carrier quality