NSM

Download Report

Transcript NSM 

OPERATIONAL SIMPLICITY
Unified Network Management
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Unified Management for the EX-series
Network & Security Management
Device Management
JUNOS CLI
J-Web
Juniper NSM
Juniper STRM
 Telnet, SSH
 JUNOScript: Automated
Configuration,
Operations
 Quick Setup with Templates
 Dashboard View
 Performance Monitoring




 Threat Detection
 Event Log Management
 Compliance & IT Efficiency
Telnet
SSH
XML
Discovery & Configuration
Policy Management
Inventory Management
Log Management
HTTP
HTTPS
XML
NetConf
DMI
Syslog
Sflow
Third party NMS
SNMP
Syslog
Juniper EX-series
Open, Standards-based
Management
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Device Management
JUNOS XML APIs – JUNOS script and NetConf
 EX-series support the standard JUNOS XML APIs
 Allows config scripts driven from customized external clients
(XML or Perl) Or 3rd party NMS / OSS
• e.g. 1: External trap & RADIUS authentication triggered config-let sets
mac-address and VLAN on a switch port
• e.g. 2: Centralized VoIP manager pushes 802.1x, VLAN, and CoS based
configs dynamically based on new location for a user
xnm-cleartext / xnm-ssl / telnet / ssh
request
response
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
CLI handles initial
authentication
Device Management
Automation with JUNOS scripts
 Commit Scripts
– Enable automated compliance checks & change management for all
configurations on EX-series switches

e.g. Reject guest VLAN tag configuration on access switch trunk ports – restrict guest access to a
floor
– Macros allow operators to simplify complex configurations and self-heal
errors

e.g Apply pre-defined Data+VoIP port template on any switch port that gets a description matching
a particular string “data-phone”
 Operations Scripts
–
Allows custom output for diagnosis and event management

e.g. Combine 2 different show commands to get a custom output for better analysis
 Event Policies & Scripts
–
Automated pre-defined responses to events creating self-monitoring networks

e.g. When a switch’s trunk port goes up & down, run “show interfaces” and “show alarms” CLI,
parse data, save it to a file and send this to a server
http://junos.juniper.net/scripts/
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
EX-series MIBs in JUNOS 9.4
SMI / SNMP v1 (RFC 1155, 1157, jnx-exsmi)
Interfaces (RFC 2863 and 2233)
SPAN / RSPAN (jnxanalyzer MIB)
IP, TCP, UDP (RFC 2011, 2012, 2013,
jnx-ipv4)
MIB-II (RFC1213, 1215)
Interfaces MIB (jnx-if-extensions)
VLAN (jnx-vlan)
IP Forwarding (RFC 2096)
RPF (jnx-rpf)
SNMP v2 (1905, 1907)
Ether-Like Interfaces (RFC 2665a)
CoS (jnx-cos)
BGPv4 (RFC 1657 and Draft–ietf-Idrbgp4-mibv2–03)
SNMP v3 (2570, 2571, 2572, 2576, ESO)
Ping, Traceroute (RFC 2925 and
jnx-ping.mib)
Stacking (jnx-virtualchassis)
OSPFv2 (RFC 1850)
SNMP Applications & Security (RFC
3413, 3414, 3415, Draft-blumenthal–aes–
usm-08, Draft–reeder-snmpv3–usm3desede-00)
LLDP (RFC 2922)
Chassis (jnx-chassis)
Host-Resources MIB (jnxhostresources)
ISIS (draft-ietf-isis-wg-mib-07)
System Application Packages (RFC
2287)
BFD MIB (jnx-bfd and jnx-bfdextensions)
Firewall (jnx-firewall)
VRRP (RFC 2787)
RMON Stats (RFC 2819)
STP & Extensions (jnx-mimstp.mib)
Configuration mgmt
(jnx-cfgmgmt)
Multicast (RFC 2932)
RMON History (RFC 2819)
Bridge MIB (RFC 4188)
Syslog (jnx-syslog)
Experimental (jnx-exp)
SMI v2 (RFC 2578, 2579)
PoE (RFC 3621)
Event MIB (jnx-event)
RMON Events & Alarms (jnx-rmon)
P-bridge MIB (RFC 4363a)
Q-Bridge VLAN ( RFC 4363b)
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
IEEE 802.ad MIB – LACP
& LAG
New
IEEE MIB for IGMP & PIM(draft-ietfidmr-igmp-mib-13, draft-ietf-idmr-pimmib-09)
Existing
Simplify Operations with the
J-Web Management User Interface
 Easy Initial Setup
–
Enables fast deployment with
minimum configuration steps
 Dashboard with Chassis View
–
Dynamic status update
of system & ports
 Feature Configuration
–
Templates: Ports, VLAN, 802.1X,
Security & QoS
–
Networking: VLAN, PoE, LLDP, Link
Aggregation, Chassis, Port Mirroring
Security: 802.1X, ACL
–
 Performance Monitoring
–
Real-time Monitoring Graphs
–
System, ports, VLAN, PoE, Chassis
–
802.1X, Port Security
 Troubleshooting & Maintenance
–
Firmware & conf upgrade / rollback
–
Basic troubleshooting tasks
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
J-Web dashboard –
single view of system health
 Chassis View for EX3200 &
EX4200
• Dynamic status update of
system, ports & LCD panel
data
 System health status
• Memory Util, CPU temp, CPU
util, fan status
 Capacity utilization of
resources
• Ports, Mac-table entries,
VLANs configured
 Top 10 alarms view
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
J-Web dashboard –
template-based configuration
 Single click role-based port
templates including
- Desktop, IP-phone, access point,
router uplink, switch uplink
 Click-and-enable GUI
configurations
- VLANs, LLDP, PoE, Link Aggregation,
CoS, ACL
 Click-to-CLI
- Covers all configuration options in
CLI
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
J-Web dashboard –
monitoring, troubleshooting, and maintenance
 Performance Monitoring
• Real-time monitoring
graphs
• System, ports, VLAN, PoE,
virtual chassis
• Virtual chassis ports and
members
• 802.1X, port security
 Troubleshooting &
Maintenance
• Firmware & conf upgrade /
rollback
• Basic troubleshooting tasks:
TDR, Ping, Traceroute
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Network Management
NSM and NSMXpress™
 Device management
–
–
–
–
Device topology discovery, tracking
Role Based Administration
Tracking end-hosts, free ports
URL link to J-Web
 Configuration Management
–
–
Role based port templates
Configuration version management
 Inventory Management
–
–
Hardware & software inventory
Viewing device licenses
 Monitoring & Troubleshooting
–
–
Log Filtering & Reporting
Status monitoring
 Centralized change management
–
–
Configuration version management
Software version tracking & updates
 Ease of deployment
–
Appliance based form factor
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
device management
 Flexible device addition
and/or deletion
– Secure auto-discovery –
SNMP, SSH, IP address seed
– Manual device addition and
synch-up
 Continuous device
synch-up for status,
config, and inventory
 Streamlined and scheduled
device update
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
topology discovery
 Standards-based
topology discovery
of Juniper routers,
switches and security
devices
– Hierarchical segmentation
of network maps
– Quick device search, map
panning & zoom-in
 Easy search for endhost connections off
switch ports – Any
vendor switch
 Free port search for
switch ports
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
inventory management
 Hardware inventory
including device
model, serial number,
line cards, PSU, Fan &
PoE
 Software inventory
including JUNOS
version, license state
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
template based configuration
 Click & select based
configuration
– All device feature details
 Customizable device
configuration templates
– Pre-selected options
– Applied to one or more
devices
 Port templates
– Pre-defined port roles –
Desktop, VoIP phone,
Access Point, uplink to
Router, etc
– Based on best practices
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
UAC and EX switch management
 Wizard based
interface to map EX
switches to one or
more Infranet
Controllers (IC)
 Allows port level
turn-up of 802.1x
based access
control for one or
more switches
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
configuration change management
 Facilitates regular synch
and backup of device
configuration file with
NSM database
– Allows archival and
versioning
 Can compare two
different configurations
– From within NSM
database or
– Between NSM version
and running configuration
on the device
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
software image management
 Centralized software image
version tracker for the devices
– Also stores firmware updates
and entire image files
 Allows centralized software
upgrade or downgrade for
several devices at a time
– Includes JUNOS change
management controls for images
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NSM –
event visibility management
 Centralized syslog based
event management
– View event details in real-time
and for historical records
 Event filters for zeroing on
specific types of events
– Pre-defined & user-customizable
filters available for all device
types
– Actionable triggers can be set
 Event reports for analyzing
event trends and historical
tracking
– Pre-defined & user-customizable
reports available
– Reports can saved / printed
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Security Threat Response Manager (STRM)
Juniper STRM Appliance
Key Features
Threat Detection
Detect day 0 threats; detect right
threats at the right time
Log Management
Log management and generic
reporting engine
Compliance
Policy Safety Net & Audits
Application Visibility
Application flow identification &
consumption per application
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
STRM –
Flexible & Useful Reporting
 220+ Out of the box report
templates
 Fully customizable reporting
engine: creating, branding and
scheduling delivery of reports
 Compliance reporting
packages for PCI, SOX,
FISMA, GLBA, and HIPAA
 Reports based on control
frameworks: NIST, ISO and
CoBIT
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
STRM and EX
 STRM collects information from
EX via:
– Syslog
– sFlow (9.3R2.8 onwards)
 sFlow
– Used to monitor traffic at wire speed
on all interfaces simultaneously
– STRM uses this data to provide
network traffic visibility information
– EX supports raw packet header to
enable deep packet inspection
– Up to 4 sFlow collectors can be
configured on a switch
– Can be enabled on all interfaces
except:
 Layer 3 VLAN-tagged interfaces
 LAG interfaces (sFlow can be enabled
on the members)
WP: Monitoring Network Traffic using Sflow in the EX Series
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Third Party Network Management
Integration through standards-based JUNOS APIs:
NetConf, SNMP v1/v2/v3, Telnet, SSHv3, HTTP/HTTPs
Last updated: January 26, 2009
Vendor
Product
Description
JUNOS
release
Tivoli NetCool OmniBus Centralized fault management, and trap and
alarm correlation and device monitoring
v7.2
9.2
Tivoli IP Network
Manager v3.7
9.0
OpsWare Network
Automation
IP based layer 3 network visualization and
topology based event correlation
Device discovery, collection of traps and
alarms, and device health monitoring
Centralized configuration & change
management
VistaInsight v3.0
Centralized performance management
OpenView NNM v7.5
Smarts v7.03
Spectrum v8.1
Centralized fault management including
discovery, alarm correlation
Centralized fault management including
discovery, and trap and alarm correlation and
device monitoring
eHealth v6.0
Centralized performance management
NetworkAuthority
Automation
Orion Network
Performance Monitor
Policy based configuration & change
management
Comprehensive fault and network
performance management platform
Network Configuration and Change
Management
R-Series NCCM
Comptel / Axiom
Service Activation
Service Activation and provisioning
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
9.2R2.1
5
9.x
9.0
9.2R3
9.2R3
9.2
9.2R3
9.0
9.2
9.2R3
Automate operations with
Advanced Insight Solutions (AIS)
 Detect and prevent potential
operational problems
– Monitor systems for early-warning
indicators
– Assess potential upgrade risks
– Option to integrate with Juniper’s
support systems and know-how
 Service Offerings
Juniper Support Systems
Advanced Insight Manager
– JTAC-Access (event-driven)
 Detect, analyze, collect all relevant
data within device
 Open cases as issues occur
– Proactive Services (intelligence-driven)
 Collect data from devices
 Proactive analysis
 Identify risks before issues occur
EX-Series
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NETWORK DESIGN SCENARIOS:
CAMPUS
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Problems with legacy campus
LAN architecture
Building 2… (to Bldng N)
Building 1
Closet A2
Closet C2… N
Closet B2
Closet D2…N
Access
Closet A1
Closet C1
Closet B1
Closet D1
Aggregation
IDF 1
IDF 2
 Oversubscribed interfaces
requires additional links
 Each wiring closet and each
aggregation core device
must be managed
Core
 14 managed LAN devices
Legend
10/100/1000BASE-T
1000BASE-x
10GBASE-x
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
LAN simplification #1: Access
Building 2… (to Bldng N)
Building 1
Closet A2
Closet C2… N
Closet B2
EX4200 VC
EX4200 VC
EX4200 VC
Closet D2…N
EX4200 VC
Access
Closet A1
Closet C1
Closet B1
Closet D1
Aggregation
IDF 1
IDF 2
 EX4200 Virtual Chassis
Did you know?
across wiring closets
 Up to ½ fewer uplinks
 Fewer (10) managed
LAN devices
Core
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Virtual chassis can
save you up to 33%
from a standard
configuration
LAN simplification #2: Aggregation
Building 2… (to Bldng N)
Building 1
Closet A2
Closet C2… N
Closet B2
EX4200 VC
EX4200 VC
EX4200 VC
Closet D2…N
EX4200 VC
Access
Closet A1
Closet C1
Closet B1
EX4200-24F
VC
EX4200-24F
VC
Aggregation
IDF 1
 Fewer aggregation uplinks
 No blocked links,
independent of Layer 2
Closet D1
IDF 2
EX8200
EX8200
Core
 8 managed LAN devices
 EX8200 for the LAN core
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
LAN simplification #3: Core
Building 2… (to Bldng N)
Building 1
Closet A2
Closet C2… N
Closet B2
EX4200 VC
Closet A1
EX4200-24F
IDF 1
EX4200-24F
EX4200 VC
EX4200 VC
Closet C1
Closet B1
EX4200-24F
Core VC 1
EX4200-24F
Closet D1
EX4200-24F
EX4200-24F
VC #1
IDF 2
Core
Core VC 2
Closet D2…N
EX4200 VC
EX4200-24F
EX4200-24F
VC #2
 Simplified architecture
 Up to ten IDFs per VC
 Six managed devices
 Up to 45% TCO savings*
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
*Refer to Juniper TCO analysis
Increase high availability
at no additional cost
Building 2… (to Bldng N)
Building 1
Closet A2
Closet B2
Closet C2… N
Closet D2…N
EX4200 VC
EX4200 VC
EX4200 VC
Layer 2
EX4200 VC
Access
Default
Gateway
Default
Gateway
Closet A1
Closet B1
Closet C1
Layer 3 Layer 3
Default
Gateway
Default
Gateway
Closet D1
Aggregation
EX4200-24F
VC
IDF 1
 EX Series supports OSPF
EX4200-24F
VC
IDF 2
Did you know?
ECMP in the base license
 Increased availability with L3
to the access
 No blocked links
EX8200
EX8200
Core
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
*Refer to Juniper TCO analysis
You can save up to
40% by enabling
Layer 3 technology
to the access
Challenges with
unified communication
Mail
PROPRIETARY
PROPRIETARY
VoIP
Call Directory
Server
User Interface
Video
IP PBX
Soft Phones
VoD
Voice
QoS
Voice Mail
Server
Switch
Data
SIP
 Complex architecture
 Proprietary protocols
 Scalability problems
 Vendor lock-in
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Changing the paradigm on
unified communication
Voice
Network
STANDARD
Call Directory
Server
VoiP
STANDARD
IP PBX
STANDARD
Virtual
Chassis
SSL VPN
MX Series
STANDARD
Soft Phones
User
Interface
STANDARD
Voice Mail
Server
EX 8200
Series
Conference
Server
Infranet
Controller
WX/WXC
STRM
ISG/IDP
SRX Series
NSMXpress
Choose
Best-in-Class
 Choice and flexibility for:
- Wireless
- Power over Ethernet
- Telepresence
 Scalability advantages
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Legacy campus operating
system overhead
Building 2… (to Bldng N)
Building 1
Closet A2
Closet C2… N
Closet B2
OS#1
OS#1
Closet D2…N
OS#1
OS#1
OS#2
OS#2
Access
OS#2
OS#2
Closet A1
Closet C1
Closet B1
OS#3
OS#3
Aggregation
Closet D1
OS#3
IDF 1
OS#3
IDF 2
Firewall
OS#4
OS#6
OS#4
Core
OS#7
OS#5
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
OS#5
IPS
JUNOS software simplifies the campus
Building 2… (to Bldng N)
Building 1
Closet A2
Closet C2… N
Closet B2
EX4200 VC
EX4200 VC
EX4200 VC
Closet D2…N
EX4200 VC
Access
Closet A1
Closet C1
Closet B1
EX4200-24F
VC
Closet D1
EX4200-24F
VC
Aggregation
IDF 1
 Consistency of features
 Stability
 Ease of management
 Savings on training IT
IDF 2
SRX
EX8200
EX8200
Core
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Firewall/IPS
Did you know?
JUNOS saves an
average of 41%*
* Source Forrester Report
Feb 2009
Cisco-Juniper Interoperability Report and
Configuration Cookbook
 Report documents interoperability between
EX8208 and EX4200 Switches and Catalyst
3560E/3750E and Catalyst 6500 devices
 Summarizes rigorous test results for common
features including Trunking, Link aggregation,
VSTP, LLDP, and much more.
 Testing configurations for both Juniper and
Cisco are documented and downloadable.
 Read the report »
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Reducing campus network TCO
Typical
Configuration


2500 user campus with five buildings 
PoE at access, redundant GbE uplinks 
10GbE core interconnects
Access control for all users
Juniper Savings %
Total CAPEX (with
no price discount)
$1.03M
$1.87M
Up to 44.8% CAPEX
Ongoing Maintenance/
Support Costs
$206K
$404K
Up to 49.1% Support
Operating Systems
(time to manage)
JUNOS
IOS
Up to 25% OPEX
Juniper Solution
Cisco Solution
 EX Series Switches
 Unified Access Control
 5 year next day
maintenance
 Catalyst Switches
 NAC
 5 year next day
maintenance
 Simplified LAN architecture with fewer managed devices
 Increased availability via Layer 3 to the access
 Seamless, L2-L7 policy enforcement with UAC
Source: publicly available data sheets, price lists, Lake Partner study
Source: Publicly available data sheets, price lists, Lake Partner study
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Campus Financial Analysis Tool (C-FAT)
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
v.17
EX2200 enterprise deployments
UAC enforcement point
EX2200
J2320/SRX
WAN
PSTN
EX2200
UAC enforcement point
Local Servers
GbE
BRANCH OFFICE
WORKGROUP
NTH FLOOR CLOSET
Typical Deployments
 Low-density
wiring closets
 Workgroup
 Retail store
 Office of 48 or less
 K-12
EX2200
EX4200
EX2200
UAC
enforcement
point
EX3200
Access Layer
GbE
EX4200
10GbE
Aggregation/Core Layer
WIRING CLOSET
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
10GbE
EX2200 managed service deployments
Customer Edge
Provider
Edge/Access
Provider
Aggregation
Provider Core
Central Office
1GbE
Corporate
Office
10GbE
EX2200
MX/
EX8200/
EX4200
BUSINESS SERVICE CPE
T Series, M Series,
MX Series
MX Series
1GbE
Customer 2
MX/
EX8200/
EX4200
Customer 1
EX2200
Basement
Extend value of JUNOS-based networks
 Operational simplicity and security
 Consistent JUNOS Software lowers OPEX, speeds delivery
MULTI-TENANT UNITS (MTU)
‹#›
38 | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
NETWORK DESIGN SCENARIOS:
DATA CENTER
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Legacy data center network infrastructure
 Too many devices and layers
 Too many operating systems
 High latency
 Uptime is a challenge
 Takes too long to deploy anything
WAN Edge
Core Tier
L2/L3
Switch
L2/L3
Switch
L3 convergence
SSL VPN
Firewall
IPSec VPN
IPS
Aggregation
Tier
L2/L3
Switch
Security Sprawl
L2
Switch
Hard to manage
STP in a flat L2
access network
End of Row
L2
Switch
10 GbE
(active)
10 GbE
(standby)
1 GbE
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Access
Tier
Data center network nirvana
How do we get there?
 Simple logical and
physical topology
Routers
 Significant reduction in
power, cooling and space
 Improved performance:
reduced congestion
and latency
Application
Services
Security
Network
Management
 Simpler to configure
end to end
 Increased reliability
Servers
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Storage
Juniper simplifies the data center network
WAN Edge
Extend Virtual Private
LANs with MPLS
 Lower latency
M Series
 Increased bandwidth
 Higher reliability
High density,
wire-rate 10GbE
 Less power and space
Virtualized
security
 Simplified management
 Consolidated security
EX8208
Single control plane using Virtual Chassis
EX4200
10 GbE
(active)
10 GbE
(standby)
1 GbE
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Core Layer
SRX5800
Access
Layer
EX2500
Data Center Access (Top of Rack)
Virtual
Chassis #1
Virtual
Chassis #2




Fewer Switches to Manage
Economizes Uplinks
Fewer Distribution Switch Ports
No Spanning Tree
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Uplinks of VC #1
Uplinks of VC #2
Scalable virtual machine mobility
VPLS
Virtual Chassis
Across Racks
Virtual Chassis Extension
Over Metro Fiber
Data Center
Rack A
Data Center
Cloud Center
Cloud Center
Rack B
Layer 2 domain across racks
RACK TO RACK
Layer 2 domain across
fiber connected data centers
METRO DATA CENTERS
WP: Implementing VMWARE Server Virtualization
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Layer 2 domain across
virtual private LAN
CLOUD TO CLOUD
Lowering application latency by
collapsing tiers and consolidating security
L2/L3 Switch
L2/L3 Switch
L2/L3 Switch
L2/L3 Switch
EX8200 Series
SRX5800
Antivirus
EX4200 Series EX4200 Series EX4200 Series EX4200 Series
L2/L3 Switch L2/L3 Switch L2/L3 Switch L2/L3 Switch
Server A
Server B
Server A
Server B
LEGACY
JUNIPER
• More devices/interconnections
• 20-50 us in each chassis
based switch
• Open/close sessions multiple times
• Fewer devices/interconnections
• EX4200: Lowest 10G latency in the
entire industry - 2-3 us
• Open/close sessions only once
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
JUNOS simplifies data center deployments
Access Switch
Aggregation/Core
Security
WAN Router
L2
Switch
L2/L3
Switch
L2
Switch
ASA
55xx
Product
CAT 4948
OS
IOS-SG
Number of
Release Trains
Too many,
inconsistent
Too many,
inconsistent
Too many,
inconsistent
Too many,
inconsistent
Product
EX 4200
EX 8200 / MX
SRX
M
OS
JUNOS
JUNOS
JUNOS
JUNOS
CAT 6500 NX 7000
IOS-SX,
CAT-OS
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
IPS
PIX-OS PIX-OS
7.x
6.x Linux
NX-OS
Number of
Release Trains
FWSM
1
7200
ASR
IOSmainline
IOS-XE
Reducing data center network TCO
Typical
Configuration
 3000 servers, dual
1GbE attached
 Fully redundant design
 125Gbps firewall
 10GE uplink from
access and in core
Savings $$
$4.7M
$10.1M
Up to 53.5% CAPEX
372,169 kW*hr/yr
666,758 kW*hr/yr
Up to 44.2% power
Rack Space
210 RU
450 RU
Up to 55.3% space
Operating Systems
(time to manage)
JUNOS
IOS
Up to 25% OPEX
Total List Price
Power
Juniper Solution
Cisco Solution
 EX 4200 top-of-rack
(2/rack)
 EX 8208 in core
 2 SRX 5800
 Cat 4948 top-of-rack
(2/rack)
 Cat 6500 in
aggregation and core
 46 FWSM
Source: Publicly available data sheets, price lists, Lake Partner study
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Data center financial analysis tool
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Gartner Report: a second network vendor
can lower costs
“The operational impacts of introducing a second
vendor for basic network infrastructure are modest
and easily handled by most organizations.”
“Introducing a second vendor will reduce
capital expenditures (capex) by at least 30%
(and often more), while only minimally
increasing operational expenditures (opex).”
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
CASE STUDIES
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Global EX Series Customer Distribution
Vertical Distribution
Consulting
Education
Gov't
Telecom
Financial
Manufacturing
Media
Healthcare
Utilities
Other
Theatre Distribution
140+
190+
380+
*Other category includes Construction, Transportation, Retail, and miscellaneous verticals.
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Americas
EMEA
APAC
2Q2009 Key EX Wins
Source: July 2009 QBR
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
1Q2009 Key EX Wins
Indigenous Business Australia
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
New York Stock Exchange:
New Services Rollout
Profile
 World’s most diverse exchange group
Business need
 Design & deploy state-of-the-art, ultra-low latency core
network for consolidated global data centers
Problem
 Need to support several billion daily transactions and
quotes across diverse asset classes & geographies while
reducing total number of data centers
Solution
 EX8216 Modular Switch
 EX2500 10GbE Switch
 MX Series Ethernet Services Routers
Juniper results
 Consolidate 10 data centers down to just four
 Deliver internal latency of 50 microseconds roundtrip
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Bear Transportation Services:
Network Replacement
Profile
 Fully licensed transportation brokerage company
Business need
 Upgrade existing data network that was nearing the end
of its useful life
Problem
 Proposed Cisco solution was far too complex and
expensive, and required advanced licensing
 EX4200 switches in a meshed Virtual Chassis configuration
proved much more practical & efficient
Solution
 EX4200 Switches in Virtual Chassis configuration
Juniper results
 The customer also realized cost savings thanks to common
sparing across the EX4200 line
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
IBM-Lotus Live Data Center:
Data Center Consolidation
Profile
 Globally integrated enterprise
 Online collaboration tools & social networking services for
businesses
Business need
 Consolidate data centers
 Prepare for expansion of Lotus Live offering
Problem
 Protocol dictated purchase of Cisco solutions, with IBM
managing deployment & installation
Solution
 EX8208 Modular Switches
 EX4200 Switches with Virtual Chassis technology
 SRX3600 Services Gateways
Juniper results
 Juniper helped with design, training & implementation while
coming in under budget, beating out Cisco
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Bloomberg:
Data Center Server Access
Profile
 Information services, news & media company for
business & financial professionals
Business need
 Deploy redundant top-of-rack solution with 10GbE uplinks
Problem
 Concerns about rate sharing of Ethernet ports with respect
to memory buffer management
Solution
 EX4200 Switches with Virtual Chassis Technology
 EX3200 Ethernet Switches
Juniper results
 EX4200 switches deployed in top-of-rack Virtual Chassis
configuration with 10GbE uplinks to redundant routers
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net
Arsys.es:
Controlling Rapid Growth
Profile
 Number One provider of Internet, domain registration &
web hosting services in Spain
Business need
 Build new data center to meet growing business demands
Problem
 Solution had to be scalable & flexible enough to deal with
rapid & uncontrolled growth
 Layer 2 / Layer 3 functionality required
Solution
 EX3200 Ethernet Switches
 MX480 Ethernet Services Routers
Juniper results
 “Direct touch” approach employed by account team
resulted in first EX / MX win with major ISP in Iberia
‹#› | Copyright © 2009 Juniper Networks, Inc. | www.juniper.net