BUILDING THE BRIDGE TO THE FUTURE NICO SIEBELINK TECHNICAL DIRECTOR JUNIPER NETWORKS 1 Copyright © 2014 Juniper Networks, Inc. JUNIPER TODAY : GLOBAL REACH • Supporting Our Customers Around the World DISCIPLINED AND STRATEGIC FOCUS, NO DISTRACTIONS Customer Segments 2 Enterprise Service Provider Businesses 3 Switching Routing Domains Security 6 Core Edge Access & Aggregation Data Center WAN Campus & Branch OUR TECHNOLOGY STRATEGY SOLVE A PROBLEM ONCE : RE-USE MANY TIMES • Innovating Across Systems, Silicon and Software Connect everything. Empower everyone. Silicon Systems Software Network Architecture Through high-performance network and industry innovation MAJOR GLOBAL TRENDS Intense Demand for Network Innovation to Reduce Cost, Provide Security and Enable New Services • Mobile Internet Cloud Security Devices to connect on wireless networks in 2020 % of New Enterprise Apps Deployed in the Cloud: % of IT practitioners citing serious web-based and denial of service attacks 80% 60+% 50B MAJOR MARKET FORCES… THERE IS AN EXPLOSION OF DATA, USERS AND CONNECTED DEVICES 2011 2016 5.3ZB 22ZB 2.1B 3.3B 5B 14B THE WORLDWIDE MIGRATION IS A REALITY Clients Global High-Performance Network Data Centers People Mobile Home Branch Machines Campus Increasingly Mobile workforce, contractors The Network is the enabler Applications Cloud Services THE EXISTING NETWORK CAN'T KEEP PACE IN FAST CHANGING IT WORLD Enterprise Challenges Service Provider Challenges Agility, responsiveness Service differentiation BYOD / mobility growth Static versus dynamic Rapid service creation and delivery Inability to adapt fast enough Static versus dynamic Managing complexity, cost and risk of scaling network infrastructure NETWORK CHALLENGES IN REAL TERMS Network Roadblock to Cloud Time Manual Static Complex Isolated Provisioning Server Pre Virtualization Provisioning Storage Provisioning Network Post Virtualization PROBLEM : THE HUMAN LATENCY Human latency Time to Service = Manual and static : Orchestration Provisioning Diagnostics Troubleshooting Configuration Policy X DEVICE CENTRALIZE COST SAVINGS PROGRAMMABILITY Software Defined Networking Are you ready to adapt to this new model? DYNAMIC FLEXIBILITY DEPLOY FASTER AGILITY AUTOMATION INTELLIGENCE CUSTOMIZE SDN AND NFV •SDN • Software Defined Networking • An evolution in network architecture • SDN provides dynamic, service connectivity overlays •NFV • Network Function Virtualization • An evolution in equipment architecture • NFV generalizes view of network functions into re-purpose-able assets THE NETWORK CAN BE SIMPLE Old way of doing things New way of doing things Pre-SDN SDN For Juniper. Not for you. VLANs MAC addresses IP addresses Subnets ACLs Routing Policies Manual Service Chaining Virtual networks VRFs Security Policies Devices Ports OS-specifics Connections Networking sho Connectivity Policies Service Chaining Service chaining for NFV improve service velocity and agility Contrail Orchestrator SDN Controller Dynamic Service Chain Configuration • Contrail proactively programs virtual overlay switches & gateways only • Services are turned up or down Pool of x86 Appliances MX Router w x86 Service Card MX Router w x86 Appliances BENEFITS • Foundation for new services offering with increased agility and velocity • Reduced capital and operational expense via network simplification DATACENTER METAFABRIC TOP ENTERPRISE IT INITIATIVES APPLICATIONS ARE DRIVING IT TRANSFORMATION Virtualization Clouds SDN CRITICAL DATA CENTER ATTRIBUTES “All great things are simple” Network virtualisation Dynamic Security • Dynamic network creation • Virtualized services • Simple to provision • Dynamic policy • Visibility & control • Multi tenancy Agility & Economics • A more agile business • Better economics INTRODUCING THE METAFABRIC ARCHITECTURE VM VM VM VM VM VM Virtual Physical Virtual Physical My on-premises data center VM VM VM Virtual Physical VM VM VM Virtual Physical My managed My hosted service provider service provider SIMPLE. OPEN. SMART. VM VM VM VM VM VM Virtual Virtual My cloud service provider QFX5100 ONE SWITCH, ANY ARCHITECTURE Virtual Chassis Fabric Up to 20 members QFabric Virtual Chassis Up to 10 members … Up to 128 members Managed as a Single Switch Spine-Leaf Layer 3 Fabric QFX5100 L3 Fabric MX SERIES UNIVERSAL DC GATEWAY “New” Encaps Universal SDN gateway Contrail VM VM VM VM VM VM VM VM VM “Connecting islands” Open, standards-based DCI EVPN, MPLS, VPLS VM VM VM Bare Metal NSX Bare Metal Seamless workload mobility MX Series—one platform to connect multiple sites and clouds Efficient traffic forwarding JUNOSV CONTRAIL AGILE NETWORKING CONTRAIL CONTROLLER Configuration VM VM VM Control Virtual network overlay Analytics VM VM vRouter Physical Host with Hypervisor Simple, open and agile VM VM vRouter Physical Network (no changes) Gateway WAN, Internet VM Multiple hypervisor support KVM, VMware ESXi Physical Host with Hypervisor Developer momentum OpenContrail community VMWARE NSX INTEGRATION Physical Server Connectivity Virtual Network Physical Data Center Connectivity Bare Metal Server Virtual Data Center Physical Data Center IT or Infrastructure as a Service Physical Network Virtual Network NSX L2 gateway on ToR switches NSX L2 gateway on core switch or edge router NSX L2 gateway on edge router Programmatic VxLAN connectivity to bare metal servers Programmatic VxLAN connectivity to nonvirtualized data centers Programmatic connectivity to tenant specific VxLAN QFX5100 EX9200 or MX Series MX Series SMART DATACENTER SECURITY VM VM VM Virtual SRX Series Firewall VM VM VM Physical Virtual Physical Data Center vGW and Firefly Global Attacker Database DDoS Secure WebApp Secure Proven data center scale Virtual host and perimeter security Low-and-slow and volumetric Intrusion Deception stops hacking Integration with WebApp Secure Optimized for performance Signature free: stops new attacks No tuning or WebApp changes CAMPUS AND BRANCH ALWAYS ONENTERPRISE The enterprise extends far beyond the confines of the company. It’s everywhere your organization operates—all the places where the business lives: with your customers and coworkers, between machines and in manufacturing. Your business only happens if the enterprise is always on and always running MOBILITY TRENDS: IDC Explosion of Smartphones and Tablets 100% attach rate with Wi-Fi Propels Enterprise WLAN growth Enterprise Access Wireless 70% IS Wireless >50% of Devices now Growing to 70% • Wired Wireless 50% 50% Wired 30% IDC Report 2013 Why? Higher density than wired 2013 2016 Also, M2M, printers, projectors, cameras, sensors, etc. UNIFIED COMMUNICATIONS & COLLABORATION (UC&C) APPLICATIONS Microsoft Lync Goal: Unify communications and collaboration: Voice, video, chat, desktop sharing Challenges: Increased traffic Wireless Network Requirements Assured Quality of Experience High availability OPTIMIZING THE LYNC USER EXPERIENCE UC&C ON Enterprise across collapsed tiers and centralized controllers ON Enterprise Access Points Juniper EX Virtual Chassis ….. ….. Local Switching at the AP Reduces hundreds of managed devices to tens Remote AP = no WLC at Branch or remote Campus Enables configurations for more flexible East-West traffic for UCC like Lync Move Controllers to the DC WLC Clusters : thousands of APs can be managed as a single unit Collapsed Aggregation/Core/WAN WLC cluster Branch IP WAN Cloud Internet Data Center NEED FOR SIMPLIFYING OPERATIONS Complexity on the Rise Many standalone management tools: wired, wireless, etc. Need for single-pane-of-glass tool Configuration management, monitoring, troubleshooting JUNOS SPACE NETWORK DIRECTOR Wired and Wireless Visualization - Operational simplification Network Director VISUALIZE ANALYZE CONTROL Complete Wired & Wireless View Flow Monitoring Real-Time Performance Monitoring Single Pane of Glass for Wired and Wireless Networks UNIFIED ACCESS Integrating Wired and Wireless Network Access Goal: + Converge wired and wireless networks Reduce cost by taking away silos Reduce Management complexity Maintain consistent security polices Seamless user experience Juniper role based Unified access control AN ARCHITECTURAL APPROACH Stretch the Connectivity for a Seamless Network Core Switch (PE) MPLS Core Switch (PE) VLAN Access Switche (CE) Core Switch (PE) Private MPLS Campus Core with VPLS or L3VPN Core Switch (PE) MPLS VLAN Access Switche (CE) Access Switche (CE) Core Switch (PE) MPLS Access Switche (CE) Core Switch (PE) VLAN Wireles s Access Point Wireless Access Point Access Switches (CE) Access Switches (CE) SITE 1 Wireless Access Point Wireless Access Point SITE 3 Wireless Access Point Wireless Access Point VLAN1 Finance/ Business Ops VPN VLAN2 VLAN3 R&D VPN Marketing/ Sales VPN SITE 2 Juniper Networks Enterprise. Juniper switching, WLAN and networking management solutions that enable secure, reliable access to mission critical applications from any device anywhere in the world. THANK YOU