Welcome to the Juniper Cloud Infrastructure Solutions module. By the end of this module, you should be able to identify Juniper solutions for cloud infrastructure. Contrail is a software-defined networking (or SDN)-enabled management and control software offering from Juniper Networks for simplified service delivery. It offers intelligent networking, increased security, and advanced analytics, all with automation for multicloud and telco cloud. The Contrail family of products include: Contrail Networking—Which is an open SDN solution that improves flexibility, security, availability, performance, automation, and elasticity for cloud and network functions virtualization (or NFV) environments; Contrail Service Orchestration—This tool orchestrates the entire service life cycle from creation to delivery in a modular and open framework; and; Paragon Insights—Which is a highly automated data collection and network analytics solutions that use machine learning algorithms to provide actionable operation intelligence across your entire network. Contrail simplifies operations by automating virtual network resource provisioning, configuration, and operation of networking and security resources. This minimizes manual intervention while improving operational efficiency and cutting operational costs. The additional benefits of Contrail include: On-demand customization through dynamic service chaining, which creates policy drive, software controlled on-demand service chain customization based on business policies; Scalability and stability such that the software architecture expands elastically and handles failures gracefully, providing anytime cloud availability for operating, activating, and managing your application workloads; and, detailed analytics through a high speed data collection engine which produces comprehensive and prescriptive analysis. You can also get real time and historical data availability using simple Representational State Transfer (or REST) APIs. To know more about Contrail products visit the Juniper Networks website. You can access this website from the Reference Links document in the Resources section. A high performance next-generation firewall, the vSRX provides scalable and secure protection for private, public, and hybrid clouds. It has the same offerings as the physical SRX Series firewalls, but in a virtualized form factor delivering security services that scale on demand. The given list highlights the key benefits of vSRX. vSRX provides core firewall capabilities, robust networking, and automated lifecycle management. It supports Juniper Contrail, OpenContrail and third-party SDN solutions and integrates with cloud orchestration tools such as OpenStack; Protection against the lateral spread of advanced threats between VMs across your private cloud; In public cloud space, the vSRX works as a VPN gateway to provide remote users safe access to their workloads and as a segmentation gateway to protect public cloud workloads by blocking lateral threats using application policies to maintain security and compliance. cSRX is a compact footprint, high density, container firewall that secures cloud-native applications. It protects your containerized environments with advanced security services including content security, intrusion prevention system (or IPS), AppSecure, and unified threat management (or UTM). Key benefits of cSRX include: Additional visibility into securing applications that run in your containers; Security policies that limit access to specific applications while IPS protects applications that are not easily patched; Microsegmentation support with security policies at Layers 4 through 7 to control and protect applications from east-west traffic. vMX is a carrier-grade virtual routing for enterprises and service providers which runs Junos OS and maintains complete feature and operation consistency with physical MX Series 3D Universal Edge routers. It provides routing services that support business and broadband services, route reflection, and customer premises equipment (or CPE) applications. It is available as a licensed software for x86-based servers on AWS and AWS GovCloud (U.S.) as well as on Microsoft Azure. It also supports granular, perpetual, and subscription-based licensing options. The key features and benefits of a vMX router are: consistent, compatible, and complementary to physical MX Series routers; true carrier-class router that supports broad set of IPTV4 an IPV6 capabilities, comprehensive VPN support at Layer 3, and a variety of multicast techniques; comprehensive broadband network gateway (or BNG) capabilities for extending broadband services to residential customers and extending network access to wholesalers; independent control plane and forwarding plane scale, enabling very large forwarding tables and a high number of flows to be supported; flexible implementation models, and a 60 day free trial; and, automation and program ability support through Juniper Extension Toolkit (or JET). Containerized routing protocol daemon (or cRPD) offers deployment-hardened, feature-rich routing functionality in a container for cloud-native deployments. It is a Docker container that packages all Junos modules and their related routing stacks. It supports high-performance control plane stack for both offbox use cases (such as host-based routing) and onbox use cases with SONiC-enabled network hardware. Key use cases of cRPD include: Host-based Routing— Junos cRPD reduces the complexity and deployment changes by replacing Layer 2 connectivity with Layer 3 connections between server and leaf nodes; Egress Peer Traffic Engineering— Junos cRPD enables egress peer traffic engineering to select the best advertised egress route and map the route to a specific egress point. Load balancing is implemented at the ingress, ensuring optimum utilization of the advertised egress routes; Route Reflector— Junos cRPD resolves scaling issues that arise when adding a new internal BGP (or iBGP) node to networks that require full meshed iBGP neighbors. If deployed as a route reflector, cRPD reflects all address families supported by BGP. Key features and benefits of cRPD include: End-to-end Simplicity— cRPD container can run on a whitebox with SONiC or a server running Linux providing a single routing stack across the infrastructure, independent of the underlying hardware; Rich Routing Technology— fully functional routing stack that supports protocols such as OSPF, IS-IS, BGP, multiprotocol BGP (or MP-BGP) and more, as well as the key use cases; Operational Efficiency— cRPD provides a standardized routing stack across Juniper and non-Juniper hardware, reducing both OpEX and CapEx. High Performance Routing Solution—designed to maximize routing performance, for example, it can reflect 10 copies of Internet routes to 100 BGP peers in less than 60 seconds; Elastic Scalability— cRPD is rapidly scalable across the infrastructure by easily adding new instances. It has a fast startup and a small software footprint supporting up to 200 million IPv4 or IPv6 routes; Open Programmability—existing support for OpenConfig and SONiC proves Juniper Networks commitment to open programmability; Advanced Automation and Management— cRPD can be orchestrated by Kubernetes and OpenShift, and supports JET API, Network Configuration Protocol (or NETCONF), RESCONF, and more. It also provides OpenConfig-based telemetry for accurate decision making. Junos Evolved is a native Linux-based, cloud optimized, network OS and microservice architecture that has an advanced infrastructure for improved quality, velocity, and scalable networking applications. The key benefits include: Quick base OS upgrade; deployment of new features by upgrading only the required components; seamless support for new hardware and software; extension of functionality with third-party applications; support for standard Linux tools in the base OS; and management interface such as CLI, NETCONF, streaming telemetry, same as Junos OS.
