Today is sort of a coming-out party for Juniper CEO Rami Rahim (pictured) and for Jonathan Davidson, Juniper’s executive vice president of development and innovation (the guy who filled Rahim’s old job). They’re the spotlight presenters at an Innovation Showcase being held for media and analysts at the company’s Sunnyvale, Calif. headquarters.
The crux of the event is a cascade of major product announcements in the big-ticket areas of core routing, data-center switching, and security. There’s a lot to digest, but here’s a first glance at the whole slate.
The ExpressPlus ASIC for core routing. It’s capable of 500 Gb/s throughput in one direction (1 Tb/s if you count both directions at once), and it drives new 30×100-Gb/s line cards for the PTX5000 and PTX3000 systems. A rack fully loaded with these things would have throughput of 24 Tb/s, Davidson said.
Davidson stressed that Juniper has nothing against off-the-shelf chips. “If merchant silicon was able to resolve the issues our customers are facing around growth and scaling and performance, we would use it. But quite frankly, it doesn’t.”
Juniper is also stressing the PTXs’ inclusion of the NorthStar Controller, the company’s software-defined networking play for traffic optimization. NorthStar will be “shipping imminently,” Rahim said.
QFX10000 spine switches, based on another new ASIC, the Q5. One switch is a 2U, fixed-configuration boasting 2.8 Tb/s of capacity, what Juniper claims is the highest 100-Gb/s density on the market. Juniper also announced eight- and 16-slot chassis-based switches in this family, claiming per-slot density “two-and-a-half times greater than what Arista can offer with their 100G,” as Davidson put it.
Junos Fusion, a software enhancement that lets operators run data center infrastructure from a single point of management.
Virtual buffering for top-of-rack switches. This targets the heavy bursts of activity created by applications such as Hadoop. Competitors would say this requires a new top-of-rack switch, Davidson said. Juniper’s virtual buffering, which is part of Junos Fusion, lets current switches handle the burden, he said.
A platform for open policy enforcement. Really, it’s the SRX line of security gateways, but this is a new role Juniper is pitching for them. Juniper is outfitting the SRX line to act on security intelligence feeds from around the network. More dramatically, Juniper is going to let customers do this with third-party security information, turning the SRX into a single enforcement point, “so you don’t have to continually chain devices on and on and on at the edge of your infrastructure,” Davidson said.
Express Path offload for the SRX5000, an offload mechanism that brings latency down to 7 microseconds (from 40) and enables 1 Tb/s of throughput on the gateway.
A virtual SRX, with a new set of features branded AppSecure 2.0. The aim here is to cover the continually expanding attack surface of the network. The vSRX can protect application instances as they spin up, “so you’re going to go from having hundreds of physical firewalls to having thousands of virtual firewalls,” Davidson said.
One top-ten global bank has been deploying vSRX for the past year. And Juniper had a representative from managed hosting provider Expedient on stage to describe how that company has been offering services based on vSRX for the past year, tallying 60 customers so far across Expedient’s 11 data centers.
Davidson also noted that the vSRX could be part of a virtual (vCPE) offering. Someone’s got that in production today, running on the OpenStack/Contrail combination, he said.