The company has seen declining router and security business revenue over the past couple years and struggled to sell its technology strategy. Now that task falls to Koley. He described this strategy during a keynote at the company’s NXTWORK user’s conference: “Make the network simple.” This involves automation and seamless management and orchestration across a multi-cloud environment. “I’m going to go after one of the most complex problems of today, which is multi-cloud,” he said.
Juniper’s solution to this problem is Contrail as a platform. Contrail will provide network automation and orchestration, and AppFormix will provide a unified view across clouds. During his keynote, Koley also announced a new product: Contrail Enterprise Multi-Cloud. “The idea being we are taking all the power Contrail had and enhancing it with support for underlay and support for public clouds across the board. We have the software to really solve multi-cloud as a common software package.”
SDxCentral Senior Editor Jessica Lyons Hardcastle caught up with Koley to talk about Juniper’s technology strategy. The following interview has been lightly edited for clarity.
It sounds so me like Juniper’s technology strategy is to make the network and its multicloud strategy simple.
Koley: That is a very accurate way of describing it. Really going across the layers of network solutions that Juniper builds, but also looking at the layers that are public cloud, in some cases legacy infrastructure, and other vendors’ gear. The goal is to really make it simple, and we’re not building it just for Juniper solutions. You can describe that as automation. I think it is a lot more than automation. It is a single-policy framework. Single-security posture. Single visibility. And automation ties all of this together.
Tell me more about the role Contrail plays, especially with the new multi-cloud product for enterprise.
Koley: Contrail started its life as a network overlay solution. In building that, they built things that are very key to solving multi-cloud. It’s one of the most, if not the most, scale out overlay solutions out there. It also has a very strong policy language. It has micro-segmentation built in. It has an L4 firewall that is part of the offering. We are taking all those functions, and we are leveraging it to do something more. All of those apply for underlays. Contrail already had multi-cloud support. The idea has been how do you take Contrail and turn that into a platform that allows you to orchestrate anything that involves network or micro-segmentaion or security? How do you take the strength Contrail has, add the other functions and products Juniper has built, and turn it into a solution? So Contrail is becoming a platform.
Is the platform available now?
Koley: We have been announcing pieces of this solution. We already announced Contrail Cloud. We announced Contrail Security this quarter. The product that we announced is Contrail Enterprise for Multi-Cloud. Parts are already in play, and in the first half of 2018 we will actually be rolling it out as a complete product anyone can go buy.
So it bundles existing products and also adds new technologies on top?
What are the new technologies?
Koley: The underlay support is a big one. Contrail always had underlay support, but it was somewhat limited. We’re adding very strong underlay support over both Juniper and non-Juniper products. We are enhancing some of the multi-cloud support. Some part of that is packaging and making it easier to consume. Some part of that is advancing functions.
Which public clouds will it support?
Koley: It already integrates with AWS, Azure, GCP, and [IBM] Softlayer, but we are enhancing that as well.
And AppFormix will provide the single pane of glass view across clouds?
Koley: Yes. For most of our large deployments, AppFormix is already the engine that people have chosen for single-pane visibility. We are adding a few enhancements that are similar to Contrail. We are strengthening its wide support for underlay where it has complete visibility. We are tightly integrating AppFormix into Contrail and other solutions that Juniper builds.
Let’s talk about security. Juniper’s security revenue has been declining over the last few years. How do you turn this around?
Koley: The concept of security has changed for enterprises. Five years back, it was mostly perimeter security. Going forward, it’s perimeter security, it’s application layer security, it’s micro-segmentation, it’s visibility. We are heavily investing into building those technologies. Let me give you an example. Security is both on prem and off prem. For on prem, we acquired Cyphort. It’s becoming part of our advanced threat prevention family. We have taken SRX and turned it into a fairly widely delivered cloud gateway. It runs on AWS, it runs on GCP. All the functions you get on perimeter security you get on a physical device, we have taken all of that and virtualized it. With Contrail, which always had a built-in firewall, we’ve turned it into a security fabric. We are not just staying with what traditional security used to be, we’re very well prepared for where the world is going. I’m personally super bullish about what Juniper can do in this space.
Automation has become a big buzz word in security and also the network as a whole. What makes Juniper’s strategy different than Cisco’s or anyone else’s?
Koley: I don’t like the term automation. I think it trivializes the problem. It almost feels like you’ve already built something, and now you’re building something on top because you forgot to build it in the first place. That’s not what we are doing here. It is a core part of the solution that we are building.
You may have seen the Juniper Bot announcement. Specifically what it means is we are not building them in silos. We are building a platform on which those bots reside and by design, these bots can talk to each other. They are not siloed bots. And the underlying platform is Contrail and AppFormix.
This is fundamentally different from how any of our competitors are doing this. Look at Cisco, for example. ACI is not applicable to core. ACI is not applicable to firewalls. They have automation that is specific to a silo of the network, and you can’t leverage that for something else. If I can apply my policy on my edge but not core, then I haven’t really secured anything. We are building a platform, we are not building silos.
Photo: Juniper CTO Bikash Koley delivered a keynote at the company’s annual users conference.