Technically Secure
Showing results for 
Search instead for 
Do you mean 

Simplifying the Data Center

by Juniper Employee on ‎11-09-2008 11:43 PM

Managing a distributed service deployment in a data center network is a big challenge for organizations. Traditionally, data center networks are built upon three tiers of routing and switching:


  • the server access tier, connecting LAN ports to the network;
  • the network aggregation tier, which aggregates FE and GbE from the access tier up to the core network; and
  • the data center core network tier, which interconnects the data center network to the external network and to other data centers.


Network services such as stateful firewalls, intrusion prevention, load balancing & caching are typically deployed at the aggregation tier, since it is best to place services close to the servers and applications they serve. However, this poses a big challenge as businesses deploy these services at scale due to the difficult nature of managing a distributed service deployment. Organizations need to make sure the services are configured uniformly throughout the network and figure out how to redeploy a service to an application while the application moves between physical locations. To date network and security organizations are drowning under the workload of keeping up with the ever changing requirements from the applications and need a way to simplify their data center network.


One approach is to implement a two-tier, high density, high-performance data center network - in which the access tier is solely responsible for connecting the servers to the core network and the core network is responsible for directing traffic the right way. Ideally, an organization would use a large enough firewall that can virtually connect to all the data center networks, while supporting full line-rate forwarding of multi 10GbE and be able to intelligently participate in the network routing protocols.


By taking the core based firewall and service approach, organizations will manage to reduce two of their biggest challenges: 1) application mobility and 2) distributed service deployment.  By having all the intelligence at the core of the network you decouple the physical placement of the server from the logical attributes that are associated to it allowing you to manage from a single unified service element.


About Technically Secure
Welcome to Technically Secure, the Juniper Networks blog dedicated to trends and innovation in the world of IT risk management and security. Here we'll offer technical perspectives on network security, covering things happening within Juniper Networks as well as issues across the industry as a whole. Our mission is simple: explore ideas, share information, and provide insight that will help you take a proactive stance on threat and risk mitigation.

Our primary objective is to explore technical IT security issues as business and technology challenges that could compromise the effectiveness of enterprises and service providers. We'll share our strategies for staying ahead of today’s rapidly changing threat landscape and focus in particular on innovation in network security technologies.

We’ve assembled a great team of bloggers to kick off these conversations with you, but we encourage your participation. If there's a topic that you'd like us to cover, let us know by commenting on the blog. We’re not just talking — we’re listening.

Our Bloggers Krishna Narayanaswamy,
Distinguished Engineer

Krishna is a Distinguished Engineer in the Service Layer Technologies group at Juniper. He is currently working on DPI technology initiatives in products targeted at service providers and enterprise markets.

Krishna has 19 years of experience in data networking involving Ethernet, ATM, IP, Switching and Security technologies. He has authored 10 patents in the areas of switching, security and QoS. He was actively involved in the IEEE 802.1 and ATM Forum standards committees.

Prior to Juniper, he was the co-founder and System Architect at Top Layer Networks where he played a pivotal role in bringing multiple products to the market. He has also held senior engineering roles at Digital Equipment Corporation and Fore Systems.

Michael Rothschild,
Senior Manager
Solutions Marketing

Michael Rothschild is the senior manager of solutions marketing at Juniper Networks, responsible for security solutions for the enterprise.

When he’s not busy helping customer’s understand the importance of a solutions focus to address the new security threats affecting business, Michael is a professor of marketing and volunteers as a paramedic.

Lior Cohen,
Solutions Architect

As a Solutions Architect and Leader of Enterprise Solutions Engineering at Juniper Networks, Lior Cohen is responsible for developing reference architectures and best practices utilizing Juniper products. In his free time, Cohen enjoys mountain biking and spending time with his children.

Rich Campagna,
Senior Product Manager

Rich Campagna,
Senior Product Manager in the Access Business Group at Juniper Networks is responsible for driving the business strategies, product development, partner interactions and customer engagements to help drive the growth of Juniper Networks' Unified Access Control and Secure Access SSL VPN solutions. Rich is also an avid snowboarder and motorcyclist (not at the same time).

Juniper Networks Technical Books