THE POWER OF

A CONNECTED WORLD
Javier Grizzuti
System Engineer Juniper Networks
Mayo 2016
Our Strategy
Vision: To Be the Worldwide Leader of Network Innovation

Go to Market Vertical Focus

Alliance, Channel and Commercial Engines

TECHNOLOGY
AUTOMATION

ROUTING SWITCHING SECURITY

PERFORMANCE
Innovation Matters Across the Network

Campus/
Data Center
Branch

Edge/ Access
Core
& Aggregation
WHY JUNIPER?

PERFORMANCE HIGH AVAILABILITY SIMPLICITY

 Line-rate performance  Carrier-class platform  Collapsed architectures

 Wire-speed security  Redundant hardware and  One Junos OS across
 Scale software options routing portfolio
 Density  Virtual Chassis  Platform for innovation
technology  Service Now/Service
 Rich service provider
feature set  In-service software Automation
upgrades
ARCHITECTING NETWORKS

SILICON SOFTWARE SYSTEMS

FOCUS ON ROUTING, SWITCHING AND SECURITY

JUNOS
ARCHITECTURE
 JUNOS: THE POWER OF ONE
 Deployed since 1998
 First high-performance network operating
system
 16 years of innovation and development
 Spans routing, switching, and security
platforms
 Simplify operations and deliver operational
excellence
 Evolutionary architecture expands and
extends to tomorrow
 Serving the most demanding customers
 Top 100+ service providers
 High-performance enterprise and public
sector customers
 JUNOS SOFTWARE ARCHITECTURE
Open Management Interfaces  Separation of Control & Data Plane
Management  Independent modules
 Protected memory for stability

Daemon X
Switching
Routing
 Well-defined interfaces for expansion of
Control Plane

functions/platforms
 Scales performance, enhances resiliency,
Kernel enables redundancy
 Open Management & Development
mKernel Interfaces
Data Plane

HAL  NETCONF/XML/DMI
 Junos API
 Automation
Physical Interfaces
Operating Junos
COMMIT MODEL
1 2 3
commit
load candidate validated active

rollback
configuration configuration configuration
commit
confirmed commit commit 1
scripts validations 49

• Separation of configuration, edit and activation

• Validation checks, version control, automated rollback

Benefits
• Avert downtime caused by configuration errors
• Reduce time for configuration and changes
• Enforce compliance to policies
• Avoid risks of transient configuration state
• Compare configurations
• Easily roll back to past configurations
 HIERARCHICAL COMMAND
STRUCTURE
• Logical structure organizes device
features and functions
Top level
– Deeper levels are more and more node

specific 2nd level

nodes ... ... ...
– User-defined variables for
consistent re-use 3rd level ... ... ... ...
nodes
... ... ... ...
– Configuration groups minimize
... ... ... ...
changes across hierarchies
• Eases movement and command entry
JUNOS AUTOMATION API
• Many customers now investing in workflow applications that drive up
business revenue, in addition to on-box automation that drive down
operational expenses
• Junos can do both
The key is the common Junos automation API

On the device: Across the network:

"off-box"
"on-box" JUNOS
operations OSS integration & Increase
Business
Lower
Risk & XML API Workflow automation
Revenue
OpEx commits
events Net.Eng. Tools
NETCONF/DMI
Management System

NETCONF XML
Security Routing Switching
PROTOCOL
(RFC4741)
Automate config changes, Secure TCP/IP
remote invocation of connections via
SSHv2 (RFC4742)
operational commands,
collection of logs

NETCONF client libraries exist

for a number of programming XML
languages such as Java, Perl,
Ruby, Python, and even SLAX !

• Secure and connection oriented with SSHv2 as transport

• Structured and transaction-based with XML as RPC request / response
• User-class privilege aware
JUNOS SCRIPTS
Scripts Utilize XML

Operational Event Commit

Scripts Scripts Scripts

Output Output
Output XML XML
XML instructions instructions
Input instructions Input on what to Input on actions
Blank on what to XML display XML to take
XML display event (if anything) Junos (make changes,
document description configuration issue warnings,
errors, etc.)

Junos Infrastructure
 JUNOS “ON-BOX” AUTOMATION
On-box automation is used to automate configuration, operations, and respond to network event
conditions. These programs use the same XML core OS infrastructure as the off-box programs. This ensures
that as new Junos features are released they become immediately available to both on-box and off-box
automation.
operations events commit configuration
 Instructs Junos of actions to take in  Instructs Junos during the
 Instructs Junos as prompted by the
response to events configuration/commit process
command-line, OSS, or other programs
 Gather relevant troubleshooting  Abstracts a complex configuration
 Create custom commands for specific
information and correlate events from the into a simple set of base commands
solution/user needs
first leading indicators  Options to provide warnings, post
 Combine a series of iterative steps to
 Automate event responses with a set of logs, prevent the configuration, self-
diagnose network problems
actions correct the configuration
 Perform controlled configuration changes
 Key Benefits  Key Benefits
 Key Benefits
 Automate time-of-day configuration  Assure compliance to business rules
 Reduce risk and improve productivity changes (e.g. “green” power-saving and network/security policies
 Automate troubleshooting actions)  Provide change management to
 Controlled configuration  Speed time-to-resolve to reduce the avert and even correct errors
downtime and cost of events  Simplify and speed setup of complex
 Automate response to leading indicators configuration
to minimize the impact of events
JUNIPER
SYSTEMS
Recent Network Innovations
Revolutionizing Routing. MetaFabric and UN1TE Software Defined -
Again. Switching Secure Networks.

NEW SILICON:
JUNOS FUSION: SKY ATP WITH SPOTLIGHT SECURE:
First 500G performance (1tbps) 400GE
Centralized point of management; Centralized threat detection and mitigation;
pipeline ready
“Virtual buffer” technology adaptable real-time policy enforcement
PTX5000 & PTX3000: QFX10000 LINE: SECURITY DIRECTOR: Industry
81% more power efficient than nearest Market leading 100G density; seamless breakthrough design; consolidated security
competitor 10/40/100GE transition management; open policy engine foundation
NORTHSTAR: JUNOS DEVOPS SUITE:
First SDN controller to automate control of PHYSICAL & VIRTUAL SRX: Consistent
Unparalleled automation; cloud firewall capabilities; policy enforcement
multiple network layers analytics engine points; deploy with agility
MX Strategy
Pillars of Strategy
Continuous Product Innovation
Scale, Performance, Convergence
Virtualization
vPE, SDN, Analytics
Programmability & Automation
New Deployment Models
Agile, Simple, Open
• Metro, DC, Colo optimized platforms
• Multi-Terabit scale line cards on MX960 & MX2K
• Virtualized Routing Engine
• SMP, RPD modularity; RSVP hyper-scaling
• High Availability - LFA, Service mirroring
• vMX, vRR, vCPE
• vBNG, vLNS
• JET, gRPC, Thrift, REST APIs
• OpenConfig
• Scale out, Chassis virtualization
• EVPN, VXLAN
• SPRING
• JUNOS Telemetry Interface, Northstar
MX ASIC Evolution – MPC Per Slot Capacity
MX240/480/960 system Gen 4
MX2K system TRIO
(ZT)
Gen 3
TRIO
(EA) 1.5T MPC10
Gen 2
TRIO 4.0T MPC11/12
(XM, XL) 480G MPC7E
Gen 1.5
TRIO 960G MPC8E
Gen 1 (XM, LU) 1.6T MPC9E
240G MPC5E
TRIO
ICHIP (MQ, LU)
10G 480G MPC6E
130G MPC3E
260G MPC4E
40G MPC1E
80G MPC2E
40G DPC 16x10G MPC

2007 2010–2011 2012 2014 2015 2017+

 80 Tbps

MX Roadmap 32 Tbps

CO & NEBS Colo and DC

2017/2018
2015/2016
40Tbps
One TRIO Architecture
16Tbps
One UNIVERSAL EDGE

15 Tbps 24 Tbps
5 Tbps 13 Tbps
8 Tbps
3 Tbps 3 Tbps
1 Tbps 6.0T
N x 10Gbps 80 Gbps 2.4T
400G

vMX MX 960 MX2000 Summit/Vale

Power Optimized MX2020/MX2010 100GE DWDM

MPC5: 240G NG HQoS ½ rack MX2K
Hardware NG Universal MPC MPC8E/9E: 1.6T on MX2K
MPC6: 500G MX2K Native Card Summit/Vale-8
MPC7E-MRATE : 480GE on MX960 NG-RE
EVPN, VXLAN:
64bit RPD IPv6 Ready
MX NG SDN GW RPD Multi-core
Software CPP SPRING
SCG SCG2.5
Hypermode NG vMX
Junos SMP
Junos Continuty
10GE MACSEC Programmability/Automation
Innovation G.709 OTN Framing Junos Fusion
JUNOS Telemetry Interface JET (Junos Programmability)
vMX
2014 2015 1H 2016 2H 2016/2017
UN1TE
Cloud Enabled Enterprise
 Cloud Enabled Enterprise
Juniper’s Cloud Enabled Enterprise is Juniper’s vision in transforming Enterprise IT from a business necessity
to a powerful business asset -- by evolving the enterprise network into an agile, secure services platform

1 Simplify 2 Secure 3 Open

Open Convergence Framework

Simplify management, Secure across points Integrate best of breed

deployment, and and layers in the capabilities from WLAN
operations of the network with and security partners to
infrastructure increasing dynamically updated offer customers a
flexibility while reducing policy protecting comprehensive
cost and time users and assets solution
Junos Fusion
One Technology / multiple products
Junos Fusion
Provider Edge
• Maximize MX value,
optimize Capex
Better slot utilization leads
to improved ROI
• Simple Management,
reduced network layers
Junos Fusion
Datacenter
• Simplified management,
Plug and play provisioning
• Reduce Opex by simplifying
operation
• Large scale and features rich
aggregation devices
• Distributed forwarding
Junos Fusion
Enterprise
• Simplified Management of
Wiring closet for Campus
Network
• Zero Touch deployment of
entire campus infrastructure
• Reduce Opex by simplifying
operation
JUNOS FUSION - Terminology
Aggregation
Device (AD)

Cascade
Port
Upstream
Port
Linux Forwarding
Operating System
LFOS … Satellite Device (SD)

Yocto Linux

Satellite Device Cluster Extended

port
AP
Junos Fusion Use Cases In details
Simplicity, Flexibility and Reliability at Scale
Provider Edge (JFE) Datacenter (JFD) Campus (JFC)

QFX5100

LAG
MX EX4300

Aggregation MX series QFX10,000 EX9200

Satellite EX4300, QFX5100 EX4300, QFX5100 EX4300, EX3400, EX2300,
EX4600, QFX5100
Supported Devices
Aggregation Device Satellite Devices

EX9200 EX4300: EX3400, EX2300

Family EX9200
EX9200 Overview Programmable
 Programmable ASIC (Junos)
 Programmable control and management
planes via open APIs
 Automation

Flexible
 Campus- and data center-optimized
 Extensive protocol support
 Feature rich
 Future ready
EX9208 EX9214
EX9204 Scalable
 Logical scale
 High density
 Up to 13.2 Tbps chassis capacity
 1GbE, 10GbE, 40GbE and 100GbE
Juniper One Custom Silicon
EX9200 Line Cards
 40 x 10/100/1000BASE-T
1GbE
 40 x 100FX/1000BASE-X SFP
Line Cards
 40 x 100FX/1000BASE-X SFP MACsec

10GbE  32 x 10GbE SFP+

Line Card  Up to 260G throughput

40GbE  6x 40G GbE QSFP+ or 24x10G SFP+ combo

Line Card  Up to 260G throughput

100GbE  2 x 100G CFP + 8 x 10GbE SFP+

Line Card  Up to 260G throughput

EX9200-MPC
1 GBE/10GBE  EX9200-20F-M-MIC
Line Card  EX9200-40GT-MIC
 EX9200-10XS-MIC
Access Layer
Update
Juniper’s Innovation in
Enterprise Networks
EX Series Portfolio
Core

100GbE
Aggregation
EX9200
Performance

EX4600
EX4550

EX8200
EX4500

10GbE\40GbE
Access
EX4300
EX3400 Logical Scale

EX3300 Modular
EX2300-C EX2300

EX2200-C EX2200 Hardware Resiliency

EX6200
Ports
Virtual Chassis Multi-Chassis LAG
EX2300 Access Switch

Compact & High Performance

EX2300 and EX2300-C 1GbE density 10GbE uplinks in 1RU

Standard Compliance
IEEE 802.3at (POE +)

Management Simplification
Junos Virtual Chassis (4 devices - 10G support)

Operational Simplicity and Automated Config

Juniper Fusion Enterprise (IEEE 802.1BR support)
Juniper EX3400 Access Switch
Compact, High Performance, & Built-in Redundancy
1GbE density, 10GbE and 40GbE uplinks in 1RU, Dual
Redundant Power Supplies and Fans
EX3400
Standard Compliance
Full POE (15.4W) support with a single PSU
Full POE+ (30W) support with dual PSU (1440 W)

Management Simplification
Junos Virtual Chassis (10 Devices - 40G support)

Operational Simplicity and Automated Configuration

Juniper Fusion Enterprise (802.1BR support)

MACsec
Supported on 1G and 10G interfaces
EX4300 OVERVIEW
1U 24/48 Port 1GbE Switch
 Wire-rate performance on all ports
 4 x 10GbE uplink module
 4x40GbE QSFP+ fixed ports
 MacSec and EEE capable
 Front-back and back-front airflow
 Extensive Layer 3 (requires license)
Virtual Chassis Technology
 Enhanced 320 Gbps backplane
 Manage up to 10 as a single device
 Standard 10GbE/40GbE cables
 Mix 1GbE and 10GbE with QFX3500
 Industry-only cross-platform Virtual Chassis
 Geographically distributed
Automation & Orchestration
 Automation with Puppet and Chef
 Openstack integration
 Openflow support
SRX300 Series and SRX550
Services Gateways
For Branch Firewall and Secure Router
New SRX Product Line
Branch Edge Data Center

Up to 2Tbps FW throughput and

SRX5800
258M concurrent sessions scaling
2T SRX5600

1T SRX5400
SRX3600
SRX3400
100G vSRX
(Virtual SRX) SRX1500
10G SRX550-M
SRX345
SRX340
1G SRX320
SRX300

Integrated Routing, Switching and Security Unprecedented Scale

Single Junos
SRX Series Services Gateways for Branch

All in one routing, switching and security in a single platform

Security at a every layer with MAC-sec, IPSec and application security

Best end-user application experience and operational efficiency

 Portfolio Summary
Retail Office Small Branch Mid Branch Mid-Large Branch Large Branch
Up to 50 Users Up to 50 Users Up to 100 Users Up to 200 Users Up to 500 Users

SRX300 SRX320 SRX340 SRX345 SRX550

Routing* 500 Mbps 1 Gbps 2 Gbps 3 Gbps

App Firewall* 500 Mbps 1 Gbps 1.7 Gbps 2.5 Gbps

IPSec VPN* 100 Mbps 200 Mbps 300 Mbps 350 Mbps

NGFW** 100 Mbps 200 Mbps 300 Mbps 350 Mbps

*Performance numbers for the IMIX packet size

**NGFW = IPS + AppFW + External Logging
Juniper Security Services Overview
Next Generation Firewall Unified Threat Management Threat Intelligence Advanced Threat Prevention
Services (Known Threats) Platform (Zero Day)

Application Control
Anti-virus Botnets/C&C Sandboxing
& Visibility

Intrusion Prevention Anti-spam GEO-IP Evasive Malware

Rich Reporting
User-based Firewall Web Filtering Custom Feeds, APT
& Analytics

SRX Foundation Services

Firewall NAT VPN Routing

Management Reporting Analytics Automation

Preguntas?
Contact: Javier Grizzuti
jgrizzuti@juniper.net
GRACIAS