Embed Size (px)
Citation preview
Juniper Strategy
TECHNOLOGY
Vision: To Be the Worldwide Leader of Network Innovation
Go to Market Vertical Focus
ROUTING SECURITYSWITCHING
PERFORMANCE
AU
TOM
AT
ION
Alliance, Channel and Commercial Engines
JUNIPER’s NFV SOLUTION
AGILITY WITHOUT COMPROMISE JUNIPER’s NFV SOLUTION
Massive scale
Five 9s availability
Physical & virtual security
Open standards
Own and 3-rd party NFV
Multi-tenancy
Automation
Agile service delivery
Centralized & distributed intelligence and context
Security correlation & active defense
CONTEXT ON THE WIRE
HIGH IQ NETWORKSNETWORKS THAT KNOW
Simplified architecture
Dynamic optimization
Rich analytics
The Juniper Execution…
Managem
ent
(Juno
sSPA
CE, N
etworkDirector,
NorthStar, etc.)
OSS
VNF
Contrail Cloud
Platform
Juniper VNFs(vSRX, vMX)
3rd Party VNFs
MX (SDN GW)
BSS/OSS Partners
Compute
Service Control Gateway(DPI, Policy, TDF)N
FVI
MANO
Contrail Networking
Contrail Cloud
3rd Party VNF Manager
3rd Party Orchestration
Automation
Analytics
Smart
SWITCHINGARCHITECTURES
SSL VPNFirewallIPSec VPN
IPS
L2 Switch
L2/L3 Switch
L2/L3Switch
L2/L3Switch
Today’s Networks are Complex and Inefficient
SERVERS STORAGE
FC SAN
L2/L3 Switch
1. High Latency
2. Spanning Tree
3. Appliance complex
4. Multiple networks
5. Limited scalability
6. Poor economics
7. Sub-optimal performance
Complex, inefficient
NAS
Single-Tier Data-Center Fabric
Two-Tier Data Center
Collapsing TiersLegacy Three-Tier
Data Center
3→2→1 Fewer Devices, Fewer Interconnections
4X10-Gigabit Ethernet Uplinks
40-Gigabit Ethernet Virtual Chassis Extension
4x40-Gigabit Ethernet Dedicated Virtual Chassis
MC-LAGPOE+
Uplink (LAG 1) Uplink (LAG 1)Uplink (LAG 2) Uplink (LAG 2)
Rack 1 Rack 2 Rack 3 Rack 4 Rack 5 Rack 6 Rack 7 Rack 8 Rack 9 Rack 10
RE0 RE1 LCLCLCLC LCLCLCLC
480 1GE POD
Virtual Chassis
Master RE0
Backup RE1
Line Card 1
Line Card 2
Line Card N
VCCP
FULL MESHLocally – ETH portsLong distance – ETH ports
RINGLocally – Dedicated VCP
Long distance – ETH ports
DAISY CHAINLocally & Long Distance
ToR ToR Daisy Chain
Virtual Chassis
Qfabric – simplifies the Data Center
Fibre Channel StorageServers NAS
RemoteData Center
MXSeries
Routers
SRXSeries
Devices
The QFabric family implements a single-tier network in the data center, enabling improvements in speed, scale and efficiency by removing legacy barriers and improving
business agility.
Defining characteristics:•Any-to-any connectivity•Low latency and jitter•No packet drops under congestion
•Linear cost and power scaling•Support of virtual networks and services
•Modular distributed implementation
•Highly reliable and scalable•A single, logical device
7
EX4300EX4300EX4300EX4300EX4300
1 2 3 4 8
Number of Ports(3:1 Oversub) 384
QFabric Director
QFabric Interconnect
QFabricNode
Grow your data center as large asyou want (investment protection)… ...grouping resources into one big resource.(storage, computing, and security)
QFX3600-I QFX3600-I
1-G
igab
it E
ther
net
1-G
igab
it E
ther
net
1-G
igab
it E
ther
net
1-G
igab
it E
ther
net
1-G
igab
it E
ther
net
1-G
igab
it E
ther
net
1615
768
6463
3072
24x1GEor48x1GE
EX4300
Different choices: 48port 1/10Gbps/6x40Gbps96x1/10Gbps/8x40Gbps48x1/10Gps copper/6x40Gbps24x40Gbps/4x40Gbps
QFX5100
QFX3600-IQFX3600-I
128127
6144
QFX3008‐I
Qfabric – simplifies the Data Center
Switching building blocks
• EX4300
• QFX5100
• Single Point of Management
• Full Layer 2 and Layer 3
• ECMP
• Transit FCoE
• Topology Independent ISSU
• Plug and Play Provisioning
• 4 spines and 16 leaves
• VXLAN L2 Gateway
Virtual Chassis Fabric
Virtual Chassis Fabric
Architectural ChoicesVirtual Chassis
FabricQFabricLayer 3MC-LAG
20Managed Devices N 1 1
2 wayMulti Path N way 4 way 4 way
NoLayer 3 Yes Yes Yes
NoFCoE No Yes Yes
YesNSX or Contrail Yes No Yes
….
2Nodes N 128 20
….
ROUTING
ACX
EdgeEdge
MX T Series
CoreCore Super CoreSuper Core
PTX
Juniper Routing Positioning
T-SeriesMX
Access & Aggregation
Access & Aggregation
Access and aggregation
ACX2000
ACX2100
ACX1100
ACX1000
ACX4000
• Juniper’s Universal Access router for mobile backhaul (LTE, 2G/3G), business Ethernet services and residential access
• Complements Universal Edge • Fixed and modular platforms all running JUNOS• Integrated precision timing for highest QoE (IEEE1588v2, SyncE)• Embedded SLA packet generator (RFC 2544)• Hardened fan-less design• Support for POE++ (up to 80W)• 10 Gig interfaces for converged access• Seamless MPLS provides most flexible service architecture • Extensive end-to-end network monitoring: Latency, jitter, OAM• Open system for innovation (JUNOS SDK and JVAE)• Satellite Node to MX/MX104 (Junos Node Unifier)• E-LAN, E-LINE• L2 and L3 multicast
ACX500 indoor
ACX500 outdoor
ACX5000
ACX5096
Edge
MX 960MX 480vMX MX 240
N x 10Gbps
MX 2010 MX 2020
2 Tbps6 Tbps
10 Tbps
32 Tbps
64 Tbps
25 Tbps
One TRIO CHIPSET ArchitectureOne UNIVERSAL EDGE
MX 104
80 Gbps
2H 2014500G on MX2K 1H 2015 2H 2015
480G on MX9601H 2016
1.6T on MX2K
Hardware MPC5: 240G NG HQoSMPC6: 500G MX2K Native Card
Power Optimized MX2020/MX2010NG Universal MPC
MX NG REEagle MPCs P1100GE DWDM
Eagle MPCs P28-slot MX
Software64bit RPD
CPPHypermode for Web2.0
Tomcat – BNG ScaleBGP PIC Edge
MX NG SDN GWSCG
Junos SMPPBB EVPN
IPv6 Ready Segment Routing
NG vMX
Innovation G.709 OTN Framing JAM based LCsNG Port Extender (Fusion)
VMXRouter Telemetry Export
JET (Junos Programmability)
10GE MACSECvCCAP
5 Tbps15 Tbps
26 Tbps50 Tbps
64 Tbps
128 Tbps
2015/2016 Target2017/2018 TargetMX 80
80 Gbps
8-Slot
L4-L7 Router Services Overview
Protects network resources / hosts from attacks
Secure connectivity between routers
Overcomes IPv4 address space depletionCG NAT
Stateful Firewall
IPSec
Active and passive flow export for external analysisFlow Monitoring
L3/L4 router based traffic load balancing with server healthchecksTraffic Load Balancer
DPI, Gx, Gy APIs, Policy EnforcementSubscriber and tenant aware policiesPCRF and RADIUS Integration
DPI, Policy Enforcement
MX Broadband Network Gateway
RADIUS
AAA/CoA
OCSPCRF
Gx Gy
MX BNG
NASREQ
JSRC
SRC
DIAMETER
B-PCEF
NASREQ
Tightly integrated w/ SMI
Runs on RE as Authd plugin
Leverages existing JdiameterdNew diameter apps / interfaces: NASREQ, Gx, GyEnables policy layer FMC
* B-PCEF = Broadband Policy and Charging Enforcement Function* SMI = Subscriber Mgt Infrastructure
NEW
Diameter-based Network Access Server Application (RFC 4005 / RFC 7155)Alternative to Radius Server for Authentication, AuthorizationDynamic interface creation
Policy and charging rules (PCC) interface (PCRF – PCEF/MX BNG)3GPP compliant (3GPP TS 32.240 v10.1.0)Dynamic service provisioning
On-line charging interface (usage reporting) between wireline MX BNG (PCEF) and OCF (On-line Charging Function)3GPP compliant (3GPP TS 32.299 v10.7.0: Diameter Charging Apps for Gy) Dynamic usage collection
Wifi Access Gateway (WAG)
Valued by wireline SPs to– Reduce churn with free Wifi for BB subs– Sell ad hoc access (e.g. $5/day)– Managed Wi-Fi solutions for enterprises
• Valued by Mobile SPs to– Offset cost in MPC and Radios – Wifi for non-SIM devices
Possible new applications for EoGRE– vCPE-like deployments to assign IP and
policy for each device in a home
MX WAG
Wi-Fi AP
InternetOr MPC
GRE TunnelVLAN or Route
RADIUS HLR/HSS
WAG = Inline MX features for AAA and BB services on Wi-Fi attached subscribers.
Key technologies and features Dynamic EoGRE tunnel creation between
APs and MX
BB services on Wifi attached devices
Scalable service application via Radius AAA
Highly scalable solution, inline in MX PFE
Service Control Gateway
Subscriber Termination
Service Complex(Telco Cloud)
P-GW/GGSN
IP
Controlled (focused data) application (DPI), subscriber & network analytics
Application-aware (DPI) service selection
Gx/SdGy/Gyn
RADIUS/CoA
PCRF/SRC
AAA OCS
Business Edge
Juniper Subscriber Analytics
Subscriber control (policy & charging)
Contrail Controller
MX-3D Service Control Gateway
BNG
Core
• High Capacity Routing
• High Capacity Core Routing
• Multi-service core
• Core aggregation
• Virtualized core routing
• Inter-PoP and Intra-PoP connectivity for
largest SPs - WAN, OTN, HSE, GE, 10GE,
100GE
• Multi-service provider edge
T64050 Gbps
T1600!.6Tbps
With an installed base larger than any other core router in the world, T Series Core Routers are powering the most challenging and diverse SP core networks across the globe.
T1600!.6Tbps
T40003.84Tbps
TX Matrix up to 6 T640TX Matrix plus up to eight T1600 or four T400
Super Core
PTX3000 16Tbps PTX5000 48Tbps
PTX1000 2.88Tbps• LSR• Full IP• Integrated 100Gbps DWDM interface on router • No transponder on DWDM system• Multi-Layer Design & Validation with NorthStar (WAN SDN)• SDN Ready (GRE support)• Rich peering features• L3VPN• Multicast
SECURITY
Data Center Campus Branch
SDN/VNF service delivery
Micro-perimeter
Edge VPN
NGFW/UTM
Edge NGFW
Advanced Threat Protection
Edge and Core FW
Juniper Security
SP
Gi-LAN
Security Gateway
Roaming Firewall
SRX SERIES SERVICES GATEWAYS100G
Up to 200 Gbps FW throughput and 100 million concurrent sessions scaling
High-End SRX
Single Junos
Unprecedented ScaleIntegrated Routing, Switching and Security
1G
10GBranch SRX
SRX3400
SRX100SRX210 SRX220
SRX240
SRX650
BRANCH CAMPUS DATA CENTER
SRX110
SRX550
SRX1400
SRX3600
SRX5400
SRX5800
SRX5600
DIFFERENTIATORS
EASY ACTIVATION &
SCALABLE MANAGEMENT
for all security services
ALL-IN-ONE DEVICE
for security, routing, and
switching
APPLICATION AWARENESS
with AppSecure to stop
application borne security threats
and manage application usage
ALWAYS AVAILABLEmanagement access even under attack delivered by
separate control and data planes
BEST-IN-CLASS
CONTENT SECURITY leveraging
intelligence from multiple expert
security companies
Thank you
