You can’t build a new future on old technologies – Juniper Networks

Enabling the Hi-IQ network of tomorrow

Aligning business and IT strategy

Driving IT Transformation

Consolidation SDN Big Data

1 0 0 0 0 0 1 0

1 0 1 0 1 1 0

1 0 1 0 0 1 0 1 1 0 1 1 0 0 0 1 0 0 0 1 1

0 0

Virtualization Clouds

Agility and Economics

INDUSTRY TRENDS – MOVE TO THE CLOUD Enterprise DC and Cloud

Public Cloud XaaS

Iaas

Private Cloud

Business Critical IT

Cloud-enable Campus

ITaas

Vanilla Enterprise

L3 CLOS

Overlay

L3

L3 CLOS With

Overlay

L2/L3

• Scale out IP fabric • Small Blast Radius

• Hyper scale multi-tenancy • Overlay virtual network

• Virtualized IT • Low scale multi-tenancy

• Consolidated IT • Converged storage • Simplified operation

• Simplified network & ops • Virtualized network services

Underlay

IP Fabric / consistent Latency / simple / scalable

Server

Hypervisor

VM VM VM

Server

Hypervisor

VM VM VM

Server

Hypervisor

VM VM VM

Overlay

Overlay Controller

OVERLAY NETWORK ARCHITECTURE Underlay Network low/predictable latency

Network Function Virtualization (NFV)

SERVICE CENTER

NFV is the use of general purpose servers instead of specialized devices for network functions such as routers, firewalls, DPI, Analytics, voice gateways,

video encoders, etc.

Virtualized Network Applications

KVM Hypervisor

Linux

Host/ Cluster

Manager

Virtualized Network Applications

KVM Hypervisor

Linux

Host/ Cluster

Manager

VMs VMs

EXAMPLE NFV - SECURING YOUR PRIVATE CLOUD

Department A Department B Department C

FIREFLY

VM

VM VM

Private Cloud Infrastructure

SRX

Physical Servers

Security Director

Virtual Director

vCenter

vCloud Director

VM VM VM VM VM

FIREFLY

VM

FIREFLY

VM

Extracting Intelligence from the Network

New Way • Automated, proactive & network-wide • Data streamed at wire rate • Network tells you what you need to

know • Easily correlate physical and virtual

Old Way

• Manually driven, per-device • Low frequency and capacity data extraction • Need to know what you want to know. • Limited visibility into tunnels and paths

User requests data from

switch

Cloud Analytics Engine

Open, standards based solution for extracting meaningful data from the network—providing unparalleled visibility into physical and virtual networks from the application to the physical interface.

SDN is an ECOSYSTEM

SERVICES

Elastic scaling for rapid deployment of L4-L7 services

Virtual Applications, ADC, FW, IPS, NSTraffic Mon, DDoS, etc. FASTER

Automated orchestration & provisioning to enable

private/hybrid clouds

Open, Programmable physical networks with future-

proof investment protection

MANAGEMENT

FORWARDING Security Routing Switching

EASIER

LOW RISK

Platform Applications APIs

Agility to enable multi-tenant networks

CONTROL

Control Analytics Configuration SDN CONTROLLER: NETWORK ORCHESTRATION

FLEXIBLE

FINANCE HR MARKETING

ORCHESTRATION

CONTROL PLANE FEDERATED CONTROLLER – SCALABLE/RESILIENT

VIRTUAL NETWORK OVERLAY

AUTOMATION ANALYTICS

PHYSICAL NETWORK

JUNIPER CREATES METAFABRIC ARCHITECTURE

Easy to deploy & use

Save time, improve performance

Maximize flexibility

Simple Smart Open

METAFABRIC VALIDATE ARCHITECTURE

Network Juniper EX9214 - switching Juniper VCF - switching Juniper MX480 - routing ND – Cloud Analytics - management

Security Juniper SRX3600 – security (adaptive) Juniper vGW

Services F5 LTM4200 - solutions

Virtualization VMware vSphere - solutions

Compute IBM FlexSystem Chassis - solutions IBM x3950 - solutions

Storage EMC VNX 5500

Switching Data Center Switching

Stora

ge Compute

DCI Routing Services Sec

urity

NM

S

Orc

hes

tra

tio

n

EX9200

Core/ Aggregation Switch

NSX Layer 2 Gateway

NSX Layer3 Gateway

Universal SDN Gateway

QFX5100 series

Access Switch (ToR)

NSX Layer2 Gateway

MXSeries Routers

WAN Gateway

NSX Layer 2 Gateway

NSX Layer3 Gateway

Universal SDN Gateway

SRX Series Firefly DDoS

Secure

WebApp

Secure

Virtual

Director

Secure

Analytics

Network

Director Security

Director

JUNIPER PRODUCT PORTFOLIO FOR METAFABRIC

Physical and Virtual Security

QFX5100-24Q

EX9200

Virtual Chassis Fabric (VCF) – 10G/40G

1 RU, 48 SFP+ & 1 QIC

QFX5100-48S EX4300

10G access Existing 1G access Existing 10G access

Switching - virtual chassis fabric Deployment option spine and leaf design – mixed leaf options – Adaptive Flowlet Splicing

Configuration : ND Wizard-based setup VCF

Complete

Fabric Visibility

VISIBILITY: KEY FOR OPTIMAL USER EXPERIENCE

Location wise

grouping

Granular port

utilization view

VISIBILITY: UTILIZATION HEATMAP

Per interface view

of congestion &

latency events

VISIBILITY: LATENCY HEATMAP

SWITCHING - DATACENTER/CORE - JUNIPER ARCHITECTURES

Juniper Architectures

Open Architectures

MC-LAG

…

QFX5100

Virtual Chassis

Up to 10 members

QFabric

Up to 128 members

IP Fabric

L3 Fabric

Virtual Chassis Fabric

Up to 20 members

Benefits Single point of

management and control

Purpose-built and turnkey

Benefits Flexible deployment

scenarios Open choice of

technologies and protocols

One Architecture Does Not Fit All,

QFX5100 enables Choices!

In Service Upgrade for Continuous service delivery

Junos VM (Master) Junos VM (Backup) Junos VM (Upgraded Master)

QFX5100 Topology-independent In-Service Software Upgrades

QFX5100 Architecture

x86 Hardware Packet Forwarding Engine

Kernal Based Virtual Machines

Linux Kernel

Problem Network performance and resiliency at

risk during switch software upgrade

Solution TISSU—Topology-independent in-service

software upgrades (industry only)

Benefits Seamless upgrade

No traffic loss

No performance impact

No resiliency risk

No port flap

Switching architecture agnostic

EX9200 SERIES , SERVICE DELIVERY GATEWAY Delivering innovation inside and outside of the data center

Flexible SDN enabled silicon to provide seamless workload mobility and

connections between private and public cloud infrastructures

The most advanced and flexible SDN bridging and

routing gateway

USG (Universal

SDN Gateway)

Next-generation technology for connecting multiple data

centers and providing seamless workload mobility

EVPN (Ethernet

VPN)

VMTO (VM Mobility Traffic Optimizer)

Creating the most efficient network paths for mobile

workloads

Datacenter Interconnect. Use Case : EVPN For Data Center Interconnect

VLAN 1 MAC1

VLAN 2 MAC 2

VLAN 1 MAC11

VLAN 2 MAC22

Data Plane Learning BGP Control Plane based learning on WAN Data Plane Learning

EX9200 MX Series EX9200/ MX Series Data Center Site1 Data Center Site 2 Data Center Interconnect

E-VPN Cloud VMTO

Legacy L2 Cloud

VxLAN Cloud

Benefits: •Seamless interconnect between DCs - L2 stretch between DCs •Seamless Workload migration - VM mobility across DCs •Wide Applicability – Interconnects Native L2 and overlay technologies

Spotlight Secure Threat Intelligence Platform

New Way

• Open platform for security intelligence • Continuous, real time threat updates • Centralized control for all enforcement points

Old Way

• Single purpose devices with occasional updates

• Slow to react and defend • No centralized intelligence

Open threat intelligence platform for distributing real time intelligence to SRX enforcement points.

Security Intelligence

Spotlight

Secure Cloud

JUNIPER SERVICES PORTFOLIO NFV READY

Virtual CPE

Virtual PE

Virtual Route Reflector

Virtual Routing Engine

Network Services

Firefly Perimeter Virtual FW

Firefly Host Hypervisor FW

DDoS Secure Virtual

WebApp Secure Virtual

Virtual Secure Access

Secure Analytics Virtual

Security Services

Virtual CGN

Virtual CDN

Virtual Junos Content Encore

Application Services

SDN - Juniper contrail architecture a general purpose SDN platform

Physical Network Interoperability with traditional network devices

Any-to-any non-blocking low-latency fabric: Q-Fabric or Clos

Virtual Network Overlay Multi-tenancy for private and virtual public clouds

Gateway functions - connect to virtual to physical network

Service chaining (physical and virtual)

Marketing HR Finance

Control Plane - Physical, Virtual Open, standards-based, federated controller

Scalable and resilient

Control Plane

Configuration manager, Automation

Control Plane Control Plane

Orchestration, Automation, Analytics Open source and partner eco system of orchestrators

Api and sdk for integration with OSS / BSS

OSS

IP Network (VCF/IP CLOS)

VXLAN

VLAN

Network Director

DDoS Secure Analytics

Firefly

vSwitch (NVS)

DDoS Secure Analytics

Firefly

vSwitch

(NVS)

QFX 5100 (NSX L2 Gateway + ToR)

Network Management + Underlay/Overlay visibility

QFX 5100 (NSX L2 Gateway + ToR)

VXLAN

Bare Metal Server

Web Server

Web Server

Web Server

App Server

App Server

App Server

Bare Metal Server

VLAN

SDN - VMWARE – NSX - INTEGRATION WITH NETWORK DIRECTOR

Network Director : Physical to Virtual Network Mapping

Junos Automation Stack

Chef

Junos

Data Plane (PFE) Chassis

XML-RPC

Netconf

PythonEZ Framework RubyEZ Library

Puppet Ansible Python Scripts

Ruby Scripts

Junoscript

SNMP

CLI

Junos Platform Automation Stack

Reduce time to build/configure and collect

Open architecture Three key features at the platform layer XML-RPC and Netconf Junos Script Junos EZ

NETWORK ANALYTICS IS A BIG DEAL

Business Agility

Virtualization Cloud Adoption

Operational Simplicity

Application Performance

Virtual Machine

JunOS BACKUP

Virtual Machine

JunOS ACTIVE

BUFFER UTILIZATION LATENCY SFLOW INTERFACE COUNTERS

Disclaimer: Items depicted in the guest VM are for instructional purposes and not validated Juniper solutions.

Guest

Virtual Machine

JSON

COLLECTION OF INFORMATION: GUEST VM CAN BE ADDED

Analytics: Use Cases

Latency Measurement & Visibility

Capacity Planning & Optimization

Break-Fix & Troubleshooting

Network Telemetry

USE CASE 1 : MICROBURST

Congestion Threshold not exceeded 1second view

5 Minute View Legacy Traffic View

10 millisecond view 10 millisecond view Congestion Threshold exceeded

10ms view 1sec view 5min view

Enhanced Traffic

view

Analytics and Orchestration Layer

31

Provide per hop and end-to-end latency per traffic flow

Compute Node A Compute Node B

Flow Latency

Red App:

S1

S1

S2

S3

S4

S2 S4

T+1 T+2 T+3

CA-B

T+4

End To End Latency: 4

Timestamp: T+1

Timestamp: T+2

Timestamp: T+3

Timestamp: T+4

Use Case 2 : Latency Calculations

Evolution : Cloud Enabled Campus Architecture

• EX9200 programmable core

– 480G per slot; 100G/40G/10G line card

– MACSEC line cards

– Network segmentation (MPLS, EVPN, VTEP)

• EX4600 most compact distribution

– ISSU

– Mixed Virtual Chassis with EX4300

• EX4300 access

– Complete RJ45, POE+ and fiber portfolio

– Virtual chassis with standard connectors (QSFP+)

– 10/40GbE uplink options

• Management: Network Director

– Network heat map and analytics

– EX4600 support

Core

Distribution

Access

EX9200

EX4300 VC

EX9200

EX4600

EX4300 VC

EX4600

EX3300 VC EX2200

Large ENT Govt.

FSI

Med-Small ENT

Branch

Target Segments

Network Layer

WHY JUNIPER?

Open System • Embrace an ongoing partner eco-system for

services innovation

• Avoid vendor lock-in

Future-Proof • Built in weeks with off-the-shelf software

• Architecture is an overlay to existing network

which minimizes initial disruption

Leverage Assets • Network Overlay Architected leverages existing

Network infrastructure

• Creates new revenue streams by leveraging

existing customer base

Ready to Deploy • Production ready software of carrier quality