Data Center Directions
MichaelLeonard

Juniper’s Internet Edge Implementation Guide is Here

by Juniper Employee ‎09-10-2012 09:30 PM - edited ‎09-11-2012 11:09 AM

Juniper has created an implementation guide that will help network designers create a simplified Internet edge solution using Juniper Networks MX Series 3D Universal Edge Routers, SRX Series Secure Services Gateways, and EX Series Ethernet Switches. This guide details specific design considerations, best practices, and Juniper tools that can be used to build the optimal solution. It concludes with a real-world deployment example that illustrates the solution and recommended configurations in detail.

 

The Role of the Internet Edge

The Internet edge acts as the enterprise’s gateway to the Internet. It provides connectivity to the Internet for data center, campus, and branch offices, and it connects remote workers, customers, and partners to enterprise resources. It can also be used to provide backup connectivity to the WAN for branch offices, in case the primary connection to the enterprise WAN fails.

 

Today’ s Internet edge must enable access to a variety of applications such as cloud computing solutions, mission critical applications, and bandwidth hungry applications such as video. The Internet edge must also scale seamlessly to support growing application performance and bandwidth needs, while supporting a rich set of routing and security features. This guide will help you reach this goal. 

 

Scope of the Guide

This Internet edge implementation guide discusses design concepts and articulates implementation details to help WAN architects and engineers deploy an Internet edge solution. Although the specific implementation will vary, the fundamental building blocks provided here can help accelerate any deployment.

 

The guide covers design considerations such as routing, security, resiliency, and quality of service (QoS) that must be addressed in designing an Internet edge deployment. It describes the factors driving the need for these considerations and provides a high-level background applicable to the solution described.

 

It also covers details the actual implementation of the Internet edge, starting with a high-level overview of the topology and business considerations, which is followed by a more detailed explanation of the three parts of the topology (border routers, security devices, and core and DMZ).

 

Target Audience

This guide is well suited for organizations that are:

 

• Designing robust, highly scalable, and resilient Internet edge infrastructure

• Simplifying management by consolidating devices and eliminating single purpose devices in the Internet edge

• Improving security within the Internet edge solution

 

This guide serves as a reference tool for the following audience:

• Network engineers

• Network architects

• Security managers

• System test engineers

 

The New Network Platform Architecture

In a previous blog I wrote about the New Network Platform Architecture and how Juniper is delivering network designs that will enable our customers to optimize their network investments. With these designs Juniper’s goal is to help customers overcome technology limitations so that they can deliver greater efficiency, and increased business value, by leveraging their networks more effectively.

 

As enterprises rely on the Internet edge to provide access to cloud computing applications, mission critical applications, and video feeds, they need a network that can seamlessly scale for increasing application performance and bandwidth needs, while at the same time supporting a rich set of routing and security features. The Juniper solution described in this guide is designed with these objectives in mind. It will enable customers to drastically reduce deployment time and minimize errors by using the steps and best practices described in this guide, as well as the architecture guidelines and validated configurations outlined in it.

 

For more information see the, Internet Edge Implementation Guide

 

Wanedge.png

 

Comments
by Juniper Employee on ‎09-13-2012 10:37 AM

Recently we had a question on why reth instead of L3 and OSPF. Here's why:

"reth" is sophisticated redundancy feature that offers either Active/ Active or Active/ Passive redundancy between the SRX devices that are part of a cluster. What this allows is bundling either one or more physical interfaces into redundant (reth) interfaces and redundant groups.  You can add OSPF/ VLANs/ L3 and other interface relevant configuration to an reth just as you would with a regular interface. So now, you have the capability to add L2/L3 configuration to it like a normal interface with the added advantage of redundancy between SRX devices.

 

With the Internet Edge type of scenario described in the post, it is highly critical to keep the Enterprise or private network and data secure. reth fits here to ensure the high availability of SRX cluster while providing L2/L3 network connectivity.

Another example of how “reth” can be used within the Data Center is illustrated in this implementation guide: SECURING FLOWS WITHIN THE CLOUD-READY DATA CENTER http://www.juniper.net/elqNow/elqRedir.htm?ref=http://www.juniper.net/us/en/local/pdf/implementation...

 

We would like to hear from you if there is any particular reason or condition where you think that L3 and OSPF will be better in the Internet Edge scenario.

Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
About Data Center Directions

Subscribe to Data Center Directions RSS Icon

Follow Michael on Twitter

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.