Professional Documents
Culture Documents
September 2012
This ESG White Paper was commissioned by Juniper Networks and is distributed under license from ESG.
2012, Enterprise Strategy Group, Inc. All Rights Reserved
Contents
IT Trends and Opportunities Impacting the Network .................................................................................. 3 Why a New Architecture is Important to the Evolution of Networking ....................................................... 4 SDN Architectures Can Be Used to Modernize the Network ....................................................................... 6 Juniper: an Innovator in SDN ........................................................................................................................ 6
Deployment of EX Series Switch Innovations/SDN in the Enterprise ....................................................................... 9 Examples of the EX Series in Action ....................................................................................................................... 10
Juniper Switch Technologies: A Building Block for SDN ............................................................................. 10 The Bigger Truth ......................................................................................................................................... 11
All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of the Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at 508.482.0188.
either the number one IT priority reported by respondents, or tied for number one, for the last three years in ESGs annual IT spending survey (see Figure 1).1As organizations mature and
expand their virtualized environments beyond the simple benefits of consolidation to a more agile infrastructure, they have begun to build out private clouds. In the same ESG research 2012
spending intentions survey, deploying a private cloud infrastructure became a top ten priority. (see Figure 1).These agile IT environments enable business managers to rapidly turn up
new services to meet unexpected demand or requirements. However, all this abstraction can create blind spots in the infrastructure and make meeting compliance requirements difficult. Figure 1. Top Ten IT Priorities for 2012 Which of the following would you consider to be your organization's most important IT priorities over the next 12-18 months? (Percent of respondents, N=614, ten responses accepted)
Improve data backup and recovery Increased use of server virtualization Major application deployments or upgrades Manage data growth Information security initiatives Business continuity/disaster recovery programs Data center consolidation Desktop virtualization Mobile workforce enablement Deploying a "private cloud" infrastructure
0% 5% 10% 15% 20%
30% 30% 29% 27% 27% 25% 24% 23% 22% 22%
25% 30% 35%
Social media applications/internet services: The explosion in the number of network-connected devices opens up avenues to new applications such as social media and collaboration tools. Well known applications such as Facebook, YouTube, and Twitter often blur the lines between business
1
Source: ESG Research Report, 2012 IT Spending Intentions Survey, January 2012.
and personal. While many marketing organizations leverage these tools to run social media campaigns, the situation begs the question: Should employees outside marketing be allowed to use them? Other services, such as Dropbox and Evernote, offer convenient ways for employees to share files and transfer knowledge, but they can also pose a significant security threat by exposing potentially classified information. Many organizations also leverage video for corporate communications, but broadcasting video to mobile devices requires significantly more bandwidth. Mobile devices or Bring Your Own Device (BYOD): The ability to bring a personal device to work is quickly becoming the norm as more users adopt new technologies in the form of smartphones, tablet computers, and even new form-factor notebooks. In many cases, in fact, an employee may have multiple devices. Healthcare and higher education are just two industries that have enthusiastically adopted these technologies to provide additional services and improve productivity. However, organizations need to consider the ramifications that BYOD will have on their network. Providing support for mobile devices means greater dependence on WLAN for network access, and greatly increases the number of devices and throughput requirements needed for the campus network. BYOD may also require mobile device management, data security, and protection against the increased threat of malware or uninvited devices getting into the network. Many organizations are faced with the dilemma of how to take advantage of these new opportunities to improve business productivity, yet avoid the associated complexities or challenges while still ensuring a quality user experience. From a networking perspective, organizations need new architectures that can provide the appropriate levels of mobility, scale, resiliency, and security to overcome complexity. One new industry initiative, software-defined networking (SDN), holds a tremendous amount of promise for addressing new requirements needed for the future of networking. However, SDN is still very nascent and will require time to develop. Fortunately, vendors such as Juniper Networks recognize these problems and have been developing solutions to help organization take advantage of these IT trends today, while also preparing them for future SDN-enabled environments. This paper will focus on how Junipers EX Series switches with Virtual Chassis technology and the Juniper Networks Junos operating system help accomplish this goal.
Source: ESG Research Report, Data Center Networking Trends, January 2012.
Automation. ESG research indicates that the number one challenge for network administrators is the sheer number of manual processes3 they are required to perform. To overcome this, many organizations attempt to automate as many manual processes as possible. However, the scripting process itself is a manual one, requiring time, skills, and resources. Plus, many scripts are static and dont translate into a highly mobile or dynamic environment. Simplified architecture. This goes far beyond just patching or making a few simple upgrades to an existing environment. Rather, it involves implementing a new network architectureone that leverages a new approach to networking and can enable a highly dynamic and virtualized environment. Following the approach taken in the server and storage environment, one would expect this approach to virtualize the network and provide some layer of abstraction between the physical and logical network, as well as a high degree of programmability. Figure 2. Three Ways to Simplify the Network
Increasing difficulty
Architecture
Abstraction
Tools
Software-defined networking may very well become the foundation for a new network architecture that is dramatically simplified. The SDN is typically defined as the separation of the control plane from the data plane. This is accomplished by gaining access to the network device through open standard or vendor-specific application programming interfaces (APIs). SDN can simplify the network by centralizing control, abstracting the underlying infrastructure to appear as a single switch, and enabling higher level (L4-L7) services, most commonly security or application load balancing. Ultimately, the promise of SDN is the ability to manage large and complex network environments efficiently and effectively. However, it should be noted that SDN is still a relatively new concept and, although gaining a tremendous amount of publicity, very few solutions are generally available.
Source: Ibid.
Juniper also recognized the need to abstract or virtualize the network, so it developed a foundational switch virtualization technology, referred to as Virtual Chassis. One could argue that with these advances, Juniper has already thought through the virtualization of the control plane and therefore is in a good position to take advantage of SDN. In fact, Juniper claims that through these technologies, it has already achieved a good portion of the SDN objectives in its EX Series switch product family. One notable difference is that the EX Series switches are available today while the SDN ecosystem is just getting built out. EX Series switches can be used as building blocks for organizations considering SDN but who want to get started today. Consider the comparison in Table 1 below. Table 1. Virtual Chassis and SDN Share Similar Principles Virtual Chassis Abstraction Automation Programmability
Source: Juniper, 2012.
SDN
Just like SDN technology, Junipers EX Series switches subscribe to the following three principles: Abstraction: By separating management from the data plane in the EX Series switches, Junipers Virtual Chassis technology delivers advanced routing control, flexibility, and network management. Juniper leverages Virtual Chassis technology to enable organizations to interconnect and manage as many as 10 EX Series switches as a single, logical device with a single OS. This technology also enables EX Series switches to rapidly scale to meet new requirements. The implementation of the abstraction principle by Virtual Chassis technology enables: o Single device management: Virtual Chassis configurations use a single Junos operating system image file and a single configuration file, enabling the entire Virtual Chassis to be managed as though it were a single switch. With a single command, the Junos OS can be upgraded simultaneously on all Virtual Chassis member switches from the master switch, seamlessly ensuring network availability. Device interconnectivity: Virtual Chassis technology can manage different switch models participating in the same Virtual Chassis configuration. By adding, for instance, EX4500 and/or EX4550 switches to an EX4200-based Virtual Chassis configuration, a network administrator can add 10GbE capabilities while managing the same number of virtual switches. This flexibility brings both scale and a high level of versatility to the network. Location independence: With Virtual Chassis technology, member switches can be deployed in multiple locations such as different rooms, different floors, or even different buildings. In fact, member switches can be spread over an 80km loop and still managed as a single device. The ability to consolidate geographically dispersed locations reduces the potential for errors and abstracts management from the physical constraints of the environment.
Automation: By separating the management plane from the data plane, Virtual Chassis technology automates the discovery of new devices, configures these devices with a new image, and handles the failover and software updates on these devices. Virtual Chassis technology is a plug-and-play solution for virtualizing and managing switches in an automated manner, similar to that of an SDN. Adding or removing a switch from a Virtual Chassis configuration is as simple as powering down a switch, unplugging it, and replacing it with a new switch. The master switch stores the configuration of the
removed switch and supervises the discovery of new devices, so the same configuration is applied to the new switch when it is connected to the Virtual Chassis configuration. Nonstop software upgrade (NSSU) enables the automated software upgrade of Virtual Chassis switches with minimal disruption. There is no disruption to the Virtual Chassis control plane, since it is shared by several switches and is therefore not device-dependent. There is also minimal traffic disruption, as traffic continues to flow through the other switches while a new device is being restarted as part of the upgrade. By executing an NSSU with a single CLI command, Juniper also eliminates the need to manually upgrade each Routing Engine separately, reducing network supervision needs. Programmability: The Junos operating system enables dynamic exchange of parameters with other networks and with end-devices connected to the network. Junos access capabilities will be extended in 2013 to include the OpenFlow API (1.3), BGP traffic engineering, and application layer traffic optimization. By providing northbound APIs from the switch to the control and orchestration layers, organizations will be able to deliver automation, analytics, and greater levels of personalization. Juniper Networks also offers an open network application platform called Junos Space that uses multilayered network abstractions, operator-centric automation schemes, and embedded element management functionality to help scale network operations, reduce operational complexity, and enable applications to be quickly deployed. The Junos Space platform offers a schema-driven, programmatic interface that allows for easy management of network devices. This makes it possible to import the published schema version, and map out all configurations and operational commands for a given device, enabling zero day support and future proofing without having to upgrade or patch the platform. The Junos Space platform provides fully centralized, unified, out-of the box functionality for managing Junipers routing, switching, and security devices. Users can control any part of their Juniper network when used in conjunction with multiple add-on applications:
Table 2. Juniper Add-on Applications Application Device Discovery Topology Function Quickly bring network devices under management A broad, topological view of the network and of relationships between network elements A view of hardware inventory, including automated synchronization between hardware inventory, interface information, and device configuration Efficiently manage the deployment of Juniper software Provides the ability to optimize and scale device configurations Visibility into network configuration and performance correlation, which also allows automated configuration deployment scheduling All attributes of a devices configuration can be viewed and edited Centralized management that leverages configuration and diagnostic automation tools provided by the Juniper Networks Junos operating system Provides insight into and visibility across all network devices
Inventory Management
Junos Spaces complete rapid application development framework allows easy user interface prototyping, and standards-based APIs for third-party application integration. With the Junos OS, Junos Space, and Junos Space SDK, network engineers have a complete set of programmability tools that deliver automation for a large array of devices and applications running on that network.
10
Optimized traffic separation: Juniper EX Series switches will prioritize application traffic to ensure a quality user experience; this is especially true for Unified Communications leveraging video or VoIP. EX Series switches can actually support up to eight Quality of Service (QoS) queues per port. Dynamic real-time adaptive networks: Juniper has been actively supporting technology to enable networks to respond to changes on the fly, including Application Layer Traffic Optimization and Traffic Engineering in BGP. The ability to integrate with Juniper's Unified Access Control (UAC) solution provides dynamic network protection, guest access, and identity-based QoS based on user, device, and location. Resilience and performance: Juniper EX Series switches employ high-performance ASICs, Junos software, and Virtual Chassis technology. Given Junipers vast experience with carrier implementations, all ports deliver wire-speed performance at any packet size. Higher levels of automation: In order to keep up with demand, automation will play a key role in highly virtualized or cloud computing environments. By opening up programmability in Junos, the EX Series can provide an interface to orchestration solutions. Examples of the EX Series in Action Mobility: Consider a campus environment where mobile devices travel from one location to another. It would take individual acts of heroism on the part of network administrators to manually move policies associated with those mobile devices or users every time they moved. However, without the ability to move seamlessly across the campus, productivity could be negatively impacted. Because the EX Series is abstracted and leverages Junos, the entire campus appears as one logical switch and policies can be easily enforced across wired and wireless devices, regardless of the location. vMotion: The promise of highly virtualized/cloud environments is the ability to dynamically adjust to changing IT and business needs. Virtual Machines (VMs) are not tied to a single physical server, but rather they can move where and when required to optimize performance. In VMware environments, this technology is call vMotion and it enables VMs to move across a resource pool. The EX Series switches provide full abstraction of the switch infrastructure using Virtual Chassis technology so the VM only recognizes one logical switch, and can easily move it via vMotion to where it is needed.
11