Two weeks ago, I went to the Juniper Networks 3 days at Westcon in Vilvoorde. Together with other integrators and end users, I got an update on Juniper’s latest network and security solutions.
The first day of my visit, I got more insight into Juniper’s vision on secure networks. Juniper is releasing a new line of SRX firewalls (SRX300 and SRX 4000) which will be more performant and will be able to integrate with the cloud security solutions such as Sky ATP and Spotlight Secure. Juniper considers every switch port and access point as untrusted and will enforce security at this level. This means that policies for users and applications will be enforced at switch port level.
Another interesting subject that was discussed on the first day of this conference, is the development of an SRX roadmap 4000 series that can be situated between the 1500 series and the 5000 series. This product will soon be available.
An important evolution is the integration of the EX switches and the SRX firewall series with the Aruba ClearPass policy manager. This integration allows users to authenticate seamlessly on a wired Juniper, and wireless Aruba network.
Make your work easier with Juniper Networks’ new switching fabrics
The second day was mostly about data centers and automation. There is an instant evolution when it comes to the Junos Fusion Fabrics. This technology combines reliability and ease of management in one solution. Junos Fusion can be managed as one logical switch and it can scale up to 128 nodes, consisting of 2 aggregates and satellites.
There are 3 types of Junos Fusion with focus on the specific requirements for each environment:
- Provider Edge (MX)
- Datacenter (QFX 10K)
- Enterprise (EX9200)
The new campus switches
At the conference, they also talked about their new campus switches EX2300 and EX3400 on which end point devices can be connected. The EX2300 is the successor of the EX2200 and will support 10GE uplinks and full blown virtual chassis technology. The EX3400 replaces the EX3300 and will support two 40GE uplinks, integrated redundant PSU and MACSec.
Network Function Virtualization (NFV)
I also went to an extensive session about the integration of VMWare’s NSX and Juniper switching. Juniper’s QFX switches can act as VXLAN gateways by means of hardware VTEP and OVSDB. This allows a more scalable and performed NSX integration.
Another thing that really got my attention was Juniper Networks’ automation and DevOps Toolbox. The latest Junos release supports scripting languages such as Ansible and Python. The agents Chef and Puppet enable a tight integration and interaction with north bound orchestration tools such as VMWare vRealize, Open Stack etc.
The integration of the NSX manager and the Junos Space Security Director was also put in the spotlight. This will allow central management and automation of the vSRX in the NSX environment.
Today, SNMP is commonly used for monitoring by means of polling information every five minutes. Of course you can miss events within those 5 minutes and SNMP does not scale anymore. To overcome this, the new Juniper switches will offer a real time streaming of analytics in order to detect microburst.
Disaggregated Junos OS
The new QFX and SRX series have an architecture with the disaggregated Junos operation system. That means that Junos will be ‘disconnected’ from the hardware by means of a KVM hypervisor. That has 3 main advantages:
- you can run multiple Junos Instances;
- you can run third party applications on the KVM Hypervisor;
- new hardware will no longer depend on the Junos operation system
The need for more efficient bandwidth
Last but not least, the need for more efficient bandwidth like 25/50 GBps was addressed. Juniper responds to that with their QFX5200 and QFX5300 series. These switches will be positioned as satellite switches for the datacenter Fusion fabrics.
When I take the global security eco system into account, I notice that Juniper still has a strong focus on security. Just think about their Sky ATP, Spotlight Secure, Cloud Security and vSRX integration with SDN controllers. Furthermore, I was really impressed by Juniper’s effort to implement automation by means of open API’s and scripting. It is really innovative and they play a leading role in that area. They really focus on advanced technologies and integration with NSX and Contrail as well as on orchestration tools. Of course, I can certainly appreciate that, with a view to the future.