Beruflich Dokumente
Kultur Dokumente
Policy & Service BRAS & Circuit Small/Med Core Circuit Large Core Session Border
Control Aggregation Aggregation Metro Aggr’n Gateway
NMC-RX
JUNOScope E-series M-series T-series VF-series
Enterprise
Internal Network
k ing ge
n an s a
Ba m e u ity s g
rt ers
ta il Hu urc Eq der o
M ro k
Re e so Tr
a B Segmentation
R VLAN
MPLS VPN
VPLS
= Malicious User
Secure Server
Area
Branch
Router
Head office, backbone, data center Remote, branch, and regional office
Leveraging modular JUNOS and Leveraging modular JUNOS and
purpose built ASICs high performance standard processors
J2300
M7i
J4300
M10i
J6300
Control
Interface Mgmt
Chassis Mgmt
Protocols
Control Forwarding
Services
SNMP
Engine Engine
Forward
Services
Services? Engine
Interface Mgmt
memory
Chassis Mgmt
per function
Protocols
Services
SNMP
Control Forwarding Clean interface between
Clean separation of
Engine Engine processes
functions
Minor problems do not
Full router control while lead to system crashes
Services under attack
Engine Next Gen CLI prevents
operator error
Addition of
performance even
new service under load maintenance and s/w
features
6.4 7.0 7.1
stability
Comprehensive QOS
functions to classify, Structured quarterly
Traditional release process
prioritize and
Router
schedule traffic
One Train! Features shared across
Complexity of all platforms
Packet Processing
Enterprise
Secure Server Area
Market Access
Internal
Data Feeds Network
Network
To Remote
Backup Site
Predictable Performance
Next-Generation Security ASIC (GigaScreen³)
• 2 Gbps Stateful Firewall - any packet size
• 1 Gbps 3DES & AES IPSec VPN - any packet size
• 1 Gbps+ IDP
Integration
• Security applications – FW + Deep Inspection + VPN + IDP
Scalability
• New flexible architecture designed to accommodate future performance,
capacity and functionality needs
• Up to 28 ports, up to 500 VLANs
Attack Protection
• Network attack protection, including DoS attacks
• Deep Inspection to protect against attacks in Internet-facing protocols
• Modular IDP blade
Accelerates Applications
• Siebel, SAP, Lotus, Oracle, etc.
• Custom web applications and Portals
• SLB replacement for legacy apps, mail, DNS,
etc.
Deployment
• Replace or complement existing SLB
(customer does not have to throw it away)
• No server or application changes
• No changes to client or applications
ATM
Dedicated Links to machines
Customers, Partners
and Branches
Access
Network
Aggregation
of WiFi
Access Points
Enterprise within
Internal Network Premises
• Networks: From slow and expensive leased line/X.25/FR to mosre cost effective high speed broadband
• Applications: From just cash dispenser to value-added services (eg. VoIP/ videoconference with bank agent,
digitization of cheque deposit…)
Juniper solutions: 5GT @every ATM machine; NS FW/VPN appliance @ hub site for high performance
FW/VPN aggregation
Hub site
IP
IP over IPsec VPN over BB
Windows-based
ATMs @
branches
Mobile
Users
Remote Office
Branch Office
Business
Fixed Partners
telecommuters HQ
Finance
Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 22
Extranet Deployment – connecting your
partners (eg. Broker firm, agencies….)
Traditional Extranet SSL VPN-Based Extranet
Dedicated Links
Markets and Feeds
ESP
Secure Server
Area
Solution
SWIFT NetScreen-5200 (12)
NetScreen-5XP and 5GT (12,000) deployed in
remote sites
SWIFT has deployed 12,000+ Juniper NSM to secure its new global IP data network and
IP-based messaging platform, SWIFTNet
NetScreen appliances . In the coming
years, SWIFT is planning to deploy Results
more – which is expected to represent
Deployment has been running successfully at
one of the world’s largest VPN 100% capacity since June 2003
deployments. Reliable security and flexible networking
functionality
Uniform GUI across the product line, simplicity
deployment for SWIFT and its’ members saving
operational cost for both parties
Solution
Secure Access series
Solution
Deploy M-series routers, migrate backbone
Stockholm Helsinki
network to IP/MPLS
MPLS Fast Reroute – multicast applications
no longer affected by link errors
MPLS Maps multicast trading info to CCC tunnels
and provide QoS
JUNOS operating system and rich
London Sydney reliability features provides high network
Full mesh tunnels for 9 data centers and 6 availability
hub sites in 9 countries