White Paper

Getting on the Path to SDN:

Leveraging Juniper Networks Virtual Chassis Technology on Juniper EX Series Switches to Improve SDN Adoption in Your Network
By Bob Laliberte, Senior Analyst

September 2012

This ESG White Paper was commissioned by Juniper Networks and is distributed under license from ESG.
2012, Enterprise Strategy Group, Inc. All Rights Reserved

White Paper: Getting on the Path to SDN

Contents
IT Trends and Opportunities Impacting the Network .................................................................................. 3 Why a New Architecture is Important to the Evolution of Networking ....................................................... 4 SDN Architectures Can Be Used to Modernize the Network ....................................................................... 6 Juniper: an Innovator in SDN ........................................................................................................................ 6
Deployment of EX Series Switch Innovations/SDN in the Enterprise ....................................................................... 9 Examples of the EX Series in Action ....................................................................................................................... 10

Juniper Switch Technologies: A Building Block for SDN ............................................................................. 10 The Bigger Truth ......................................................................................................................................... 11

All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of the Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at 508.482.0188.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

IT Trends and Opportunities Impacting the Network

A number of IT trendsincluding the consumerization of IT, cloud computing, and social media present significant opportunities for businesses to improve productivity. Before adopting these technologies, however, organizations should fully understand the impact they will have on the underlying infrastructure and, more specifically for the purposes of this white paper, the network environment, since it is a critical enabler for all of these services. Taking a closer look at each trend highlights the opportunities and challenges facing the network. These trends include: Server virtualization/cloud networking: According to research conducted by ESG, organizations continue to invest in server virtualization. In fact, increased use of server virtualization has been

either the number one IT priority reported by respondents, or tied for number one, for the last three years in ESGs annual IT spending survey (see Figure 1).1As organizations mature and
expand their virtualized environments beyond the simple benefits of consolidation to a more agile infrastructure, they have begun to build out private clouds. In the same ESG research 2012

spending intentions survey, deploying a private cloud infrastructure became a top ten priority. (see Figure 1).These agile IT environments enable business managers to rapidly turn up
new services to meet unexpected demand or requirements. However, all this abstraction can create blind spots in the infrastructure and make meeting compliance requirements difficult. Figure 1. Top Ten IT Priorities for 2012 Which of the following would you consider to be your organization's most important IT priorities over the next 12-18 months? (Percent of respondents, N=614, ten responses accepted)
Improve data backup and recovery Increased use of server virtualization Major application deployments or upgrades Manage data growth Information security initiatives Business continuity/disaster recovery programs Data center consolidation Desktop virtualization Mobile workforce enablement Deploying a "private cloud" infrastructure
0% 5% 10% 15% 20%

30% 30% 29% 27% 27% 25% 24% 23% 22% 22%
25% 30% 35%

Source: Enterprise Strategy Group, 2012.

Social media applications/internet services: The explosion in the number of network-connected devices opens up avenues to new applications such as social media and collaboration tools. Well known applications such as Facebook, YouTube, and Twitter often blur the lines between business
1

Source: ESG Research Report, 2012 IT Spending Intentions Survey, January 2012.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

and personal. While many marketing organizations leverage these tools to run social media campaigns, the situation begs the question: Should employees outside marketing be allowed to use them? Other services, such as Dropbox and Evernote, offer convenient ways for employees to share files and transfer knowledge, but they can also pose a significant security threat by exposing potentially classified information. Many organizations also leverage video for corporate communications, but broadcasting video to mobile devices requires significantly more bandwidth. Mobile devices or Bring Your Own Device (BYOD): The ability to bring a personal device to work is quickly becoming the norm as more users adopt new technologies in the form of smartphones, tablet computers, and even new form-factor notebooks. In many cases, in fact, an employee may have multiple devices. Healthcare and higher education are just two industries that have enthusiastically adopted these technologies to provide additional services and improve productivity. However, organizations need to consider the ramifications that BYOD will have on their network. Providing support for mobile devices means greater dependence on WLAN for network access, and greatly increases the number of devices and throughput requirements needed for the campus network. BYOD may also require mobile device management, data security, and protection against the increased threat of malware or uninvited devices getting into the network. Many organizations are faced with the dilemma of how to take advantage of these new opportunities to improve business productivity, yet avoid the associated complexities or challenges while still ensuring a quality user experience. From a networking perspective, organizations need new architectures that can provide the appropriate levels of mobility, scale, resiliency, and security to overcome complexity. One new industry initiative, software-defined networking (SDN), holds a tremendous amount of promise for addressing new requirements needed for the future of networking. However, SDN is still very nascent and will require time to develop. Fortunately, vendors such as Juniper Networks recognize these problems and have been developing solutions to help organization take advantage of these IT trends today, while also preparing them for future SDN-enabled environments. This paper will focus on how Junipers EX Series switches with Virtual Chassis technology and the Juniper Networks Junos operating system help accomplish this goal.

Why a New Architecture is Important to the Evolution of Networking

Organizations continue to add mobile devices and new applications as well as increase their use of server virtualization and build out cloud environments, creating much more dynamic IT environments. Virtualization technologies are well established in the server and storage domains, but they tend to be lacking in the network space. As a result, many existing networks struggle to keep up with the rapid provisioning, self-service, and mobility associated with dynamic cloud computing platforms. At the same time, organizations have been consolidating data centers (also a Top 10 priority, see Figure 1) and building out multi-tenant data centers,2 resulting in fewerbut much larger and more complexnetwork environments. This leads to something ESG refers to as data center network discontinuity, which is the inability of the network to keep pace with demands placed on it by the business. Network teams are overwhelmed by the rate of change, scale, and complexity, and the network becomes a bottleneck to enabling the business. This is making it much harder for organizations to manage the network at scale. To date, the industry has tried to resolve these issues through the following methods: Tools and GUIs. In many instances, the first response may be to deploy additional instrumentation. While more tools and GUIs are capable of providing greater levels of visibility, most tools tend to be proprietary, difficult to learn, useful only in certain vendor environments, and costly to purchase and maintain.

Source: ESG Research Report, Data Center Networking Trends, January 2012.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

Automation. ESG research indicates that the number one challenge for network administrators is the sheer number of manual processes3 they are required to perform. To overcome this, many organizations attempt to automate as many manual processes as possible. However, the scripting process itself is a manual one, requiring time, skills, and resources. Plus, many scripts are static and dont translate into a highly mobile or dynamic environment. Simplified architecture. This goes far beyond just patching or making a few simple upgrades to an existing environment. Rather, it involves implementing a new network architectureone that leverages a new approach to networking and can enable a highly dynamic and virtualized environment. Following the approach taken in the server and storage environment, one would expect this approach to virtualize the network and provide some layer of abstraction between the physical and logical network, as well as a high degree of programmability. Figure 2. Three Ways to Simplify the Network

Increasing difficulty

Simplify underlying architecture Automate

Architecture

Abstraction

Scripts on devices GUI

Standardize & static Expensive

Tools

Source: Enterprise Strategy Group, 2012.

Software-defined networking may very well become the foundation for a new network architecture that is dramatically simplified. The SDN is typically defined as the separation of the control plane from the data plane. This is accomplished by gaining access to the network device through open standard or vendor-specific application programming interfaces (APIs). SDN can simplify the network by centralizing control, abstracting the underlying infrastructure to appear as a single switch, and enabling higher level (L4-L7) services, most commonly security or application load balancing. Ultimately, the promise of SDN is the ability to manage large and complex network environments efficiently and effectively. However, it should be noted that SDN is still a relatively new concept and, although gaining a tremendous amount of publicity, very few solutions are generally available.

Source: Ibid.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

SDN Architectures Can Be Used to Modernize the Network

Legacy network architectures will struggle to keep up and, therefore, need to be replaced in order to extract the full value of IT trends like mobility, virtualization, new applications and internet services, and cloud computing. Software-defined networking architectures and technologies can help organizations enable these initiatives by providing: Centralized command-and-control. One of the most important distinctions or criteria for a softwaredefined network is the ability to separate the control plane from the data plane. This will give organizations a common control plane across wired and wireless devices for end-to-end service delivery. In addition, centralized management will help guide certain traffic types to specific security, event management, or other L4-L7 services. It also means that, as the network rapidly scales, a policy change need only be implemented once centrally and repeated for each device. This will allow the same number of staff to manage a rapidly growing network infrastructure. Organizations will also be able to maintain higher levels of availability and resiliency, given a more accurate view of the entire environment. Distributed enforcement. Again, as these network environments rapidly scale to meet growing demand, organizations need to simplify the enforcement of policies across the end-to-end network. The ability to enforce policies across a wired and wireless campus network to the endpoints as well as the network perimeter will dramatically reduce the number of manual processes that must be performed by the network staff. It will also provide a more secure environment. This security could prove to be especially valuable when dealing with mobile device access. Given the proliferation of mobile devices in the enterprise, it will be imperative to restrict access to authorized employees only. Integrated services and programmability. By opening up the access to the network and enabling programmable interfaces, organizations can deliver an integrated approach with either internal or thirdparty software vendors for network services. With so many new devices, applications and internet services inundating the enterprise, organizations need greater levels of visibility across the network and tightly integrated solutions to ensure a secure environment. This integration should apply to access controls, antimalware solutions, application discovery/control, and device management. Application-aware networks would be a plus. Early SDNs were based on OpenFlow, an open-source protocol that would allow standardized communication from OpenFlow API-enabled switches to a centralized controller. Services could then be integrated with the controller to solve specific problems. While OpenFlow was a great first draft of SDN, it is still maturing and the ecosystem of services is just developing. However, what is important is that it demonstrated a new network architecture, which will be the key to abstracting and programming the network so that it is more responsive and agile in highly virtualized or cloud environments.

Juniper: an Innovator in SDN

Before the term SDN was in vogue, Juniper recognized the need for a new, simpler architecture. About three years ago, Juniper announced its New Network Initiative focused on innovation, automation, and optimization. One of its goals was to open up the Junos operating system to developers and partners, enabling a single platform with numerous applications or services. Juniper also began integrating an OpenFlow protocol client into its products using the Junos Software Development Kit (SDK). The source code to the OpenFlow application was made available to organizations that want to expand on the reference implementation to promote the understanding of capabilities and applications in real-world environments. Longer term, Juniper believes that collaboration between applications and networks will make both more capable. Therefore, by combining OpenFlow with other technologies like Application Layer Traffic Optimization (ALTO), Path Computation Element (PCE) protocol, and BGP-TE extensions, Juniper plans to enable true network programmability.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

Juniper also recognized the need to abstract or virtualize the network, so it developed a foundational switch virtualization technology, referred to as Virtual Chassis. One could argue that with these advances, Juniper has already thought through the virtualization of the control plane and therefore is in a good position to take advantage of SDN. In fact, Juniper claims that through these technologies, it has already achieved a good portion of the SDN objectives in its EX Series switch product family. One notable difference is that the EX Series switches are available today while the SDN ecosystem is just getting built out. EX Series switches can be used as building blocks for organizations considering SDN but who want to get started today. Consider the comparison in Table 1 below. Table 1. Virtual Chassis and SDN Share Similar Principles Virtual Chassis Abstraction Automation Programmability
Source: Juniper, 2012.

SDN

Just like SDN technology, Junipers EX Series switches subscribe to the following three principles: Abstraction: By separating management from the data plane in the EX Series switches, Junipers Virtual Chassis technology delivers advanced routing control, flexibility, and network management. Juniper leverages Virtual Chassis technology to enable organizations to interconnect and manage as many as 10 EX Series switches as a single, logical device with a single OS. This technology also enables EX Series switches to rapidly scale to meet new requirements. The implementation of the abstraction principle by Virtual Chassis technology enables: o Single device management: Virtual Chassis configurations use a single Junos operating system image file and a single configuration file, enabling the entire Virtual Chassis to be managed as though it were a single switch. With a single command, the Junos OS can be upgraded simultaneously on all Virtual Chassis member switches from the master switch, seamlessly ensuring network availability. Device interconnectivity: Virtual Chassis technology can manage different switch models participating in the same Virtual Chassis configuration. By adding, for instance, EX4500 and/or EX4550 switches to an EX4200-based Virtual Chassis configuration, a network administrator can add 10GbE capabilities while managing the same number of virtual switches. This flexibility brings both scale and a high level of versatility to the network. Location independence: With Virtual Chassis technology, member switches can be deployed in multiple locations such as different rooms, different floors, or even different buildings. In fact, member switches can be spread over an 80km loop and still managed as a single device. The ability to consolidate geographically dispersed locations reduces the potential for errors and abstracts management from the physical constraints of the environment.

Automation: By separating the management plane from the data plane, Virtual Chassis technology automates the discovery of new devices, configures these devices with a new image, and handles the failover and software updates on these devices. Virtual Chassis technology is a plug-and-play solution for virtualizing and managing switches in an automated manner, similar to that of an SDN. Adding or removing a switch from a Virtual Chassis configuration is as simple as powering down a switch, unplugging it, and replacing it with a new switch. The master switch stores the configuration of the

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

removed switch and supervises the discovery of new devices, so the same configuration is applied to the new switch when it is connected to the Virtual Chassis configuration. Nonstop software upgrade (NSSU) enables the automated software upgrade of Virtual Chassis switches with minimal disruption. There is no disruption to the Virtual Chassis control plane, since it is shared by several switches and is therefore not device-dependent. There is also minimal traffic disruption, as traffic continues to flow through the other switches while a new device is being restarted as part of the upgrade. By executing an NSSU with a single CLI command, Juniper also eliminates the need to manually upgrade each Routing Engine separately, reducing network supervision needs. Programmability: The Junos operating system enables dynamic exchange of parameters with other networks and with end-devices connected to the network. Junos access capabilities will be extended in 2013 to include the OpenFlow API (1.3), BGP traffic engineering, and application layer traffic optimization. By providing northbound APIs from the switch to the control and orchestration layers, organizations will be able to deliver automation, analytics, and greater levels of personalization. Juniper Networks also offers an open network application platform called Junos Space that uses multilayered network abstractions, operator-centric automation schemes, and embedded element management functionality to help scale network operations, reduce operational complexity, and enable applications to be quickly deployed. The Junos Space platform offers a schema-driven, programmatic interface that allows for easy management of network devices. This makes it possible to import the published schema version, and map out all configurations and operational commands for a given device, enabling zero day support and future proofing without having to upgrade or patch the platform. The Junos Space platform provides fully centralized, unified, out-of the box functionality for managing Junipers routing, switching, and security devices. Users can control any part of their Juniper network when used in conjunction with multiple add-on applications:

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

Table 2. Juniper Add-on Applications Application Device Discovery Topology Function Quickly bring network devices under management A broad, topological view of the network and of relationships between network elements A view of hardware inventory, including automated synchronization between hardware inventory, interface information, and device configuration Efficiently manage the deployment of Juniper software Provides the ability to optimize and scale device configurations Visibility into network configuration and performance correlation, which also allows automated configuration deployment scheduling All attributes of a devices configuration can be viewed and edited Centralized management that leverages configuration and diagnostic automation tools provided by the Juniper Networks Junos operating system Provides insight into and visibility across all network devices

Inventory Management

Software image management Configuration templates Configuration file management

Configuration editor Junos OS script management

Fault and performance management

Junos Spaces complete rapid application development framework allows easy user interface prototyping, and standards-based APIs for third-party application integration. With the Junos OS, Junos Space, and Junos Space SDK, network engineers have a complete set of programmability tools that deliver automation for a large array of devices and applications running on that network.

Deployment of EX Series Switch Innovations/SDN in the Enterprise

Juniper Networks EX Series switch innovations were designed to provide organizations with better reliability, in the form of performance and fault tolerance, simplified deployment and management, the flexibility to scale and provide investment protection, and tighter integration with security and other third-party applications to enable centralized policy enforcement across multi-tenant environments. Today, hundreds of organizations are leveraging Juniper EX Series switches to address the challenges of mobility, social media/internet services, and virtualization/cloud in the data center and campus network to take better advantage of the opportunities they provide. In addition to Junos and Virtual Chassis technology, the Juniper EX Series switches will also enable: Simplified deployments: The ability to deploy a single switch and then add to it as neededto create a Virtual Chassis configuration that consists of up to ten switches but appears as a single, logical switchwill not only simplify management and reduce provisioning times, but will also facilitate any additions, moves, or changes required in the future.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

10

Optimized traffic separation: Juniper EX Series switches will prioritize application traffic to ensure a quality user experience; this is especially true for Unified Communications leveraging video or VoIP. EX Series switches can actually support up to eight Quality of Service (QoS) queues per port. Dynamic real-time adaptive networks: Juniper has been actively supporting technology to enable networks to respond to changes on the fly, including Application Layer Traffic Optimization and Traffic Engineering in BGP. The ability to integrate with Juniper's Unified Access Control (UAC) solution provides dynamic network protection, guest access, and identity-based QoS based on user, device, and location. Resilience and performance: Juniper EX Series switches employ high-performance ASICs, Junos software, and Virtual Chassis technology. Given Junipers vast experience with carrier implementations, all ports deliver wire-speed performance at any packet size. Higher levels of automation: In order to keep up with demand, automation will play a key role in highly virtualized or cloud computing environments. By opening up programmability in Junos, the EX Series can provide an interface to orchestration solutions. Examples of the EX Series in Action Mobility: Consider a campus environment where mobile devices travel from one location to another. It would take individual acts of heroism on the part of network administrators to manually move policies associated with those mobile devices or users every time they moved. However, without the ability to move seamlessly across the campus, productivity could be negatively impacted. Because the EX Series is abstracted and leverages Junos, the entire campus appears as one logical switch and policies can be easily enforced across wired and wireless devices, regardless of the location. vMotion: The promise of highly virtualized/cloud environments is the ability to dynamically adjust to changing IT and business needs. Virtual Machines (VMs) are not tied to a single physical server, but rather they can move where and when required to optimize performance. In VMware environments, this technology is call vMotion and it enables VMs to move across a resource pool. The EX Series switches provide full abstraction of the switch infrastructure using Virtual Chassis technology so the VM only recognizes one logical switch, and can easily move it via vMotion to where it is needed.

Juniper Switch Technologies: A Building Block for SDN

The promise of SDN is very appealing to organizations struggling to keep pace with major IT initiatives such as BYOD, new applications, and highly virtualized and cloud environments. However, as with most new technology introductions, organizations need help determining where and how to get started. Very few organizations have the budget to do a wholesale upgrade to their entire network. Junipers EX Series switches offer solutions today that enable abstraction and programmability to the network. Juniper switch virtualization technologies provide scalability and remove the complexity of managing a multitier network. Virtual Chassis technology enables organizations to scale effectively and provide visibility into the network and applications via OpenFlow or other interfaces in order to meet the demands of a highly dynamic environment. Virtual Chassis technology also offers features that improve on the benefits of SDN. With Virtual Chassis technology, Juniper effectively reduces the number of touch points on the network. With SDN, the management layer needs to establish and interface with each device it manages on the network. A Virtual Chassis configuration consists of one single virtual switch. Touch points do not need to be established, which greatly simplifies network management and scalability. Getting started on the SDN path requires constructing the appropriate foundation upon which to build. In order to effectively manage and scale the network, choosing the right network will be critical to its eventual success. Organizations should look for solutions that offer flexibility and high levels of programmability, either through an OpenFlow or other interface, and can evolve with market requirements. This will allow organizations to deliver innovative services through the network, scale as needed, and optimize investments.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

White Paper: Getting on the Path to SDN

11

The Bigger Truth

A number of IT trends impacting businesses today require the network to respond. They include mobility, social media and internet services, and virtualization/cloud. While SDN has a tremendous amount of potential for the future of networking, organizations need solutions that can be deployed today to solve real problems, while enabling them to evolve their network into a full SDN environment in the future. The SDN ecosystem is just getting started, and both network vendors and software providers are lining up to do their part. But this environment needs time to develop and become robust enough to be deployed in mission-critical networks. Juniper has been working for a number of years on innovative network solutions that provide many of the tenets of SDN and are available today. Junipers Virtual Chassis technology enables switch virtualization and integration with security services and policies, while the Junos SDK offers the ability to program the network. By deploying EX Series switches today, organizations can better enable mobility, new applications, and dynamic cloud computing environments to drive higher levels of productivity and efficiency in their business. EX Series switches are simple to deploy and use, can rapidly scale to meet unexpected demands, and are well positioned to take advantage of future SDN developments.

2012, by The Enterprise Strategy Group, Inc. All Rights Reserved.

20 Asylum Street | Milford, MA 01757 | Tel: 508.482.0188 Fax: 508.482.0218 | www.enterprisestrategygroup.com