The New Network
Explore Juniper’s vision for network innovation and how the company and industry are shaping the future with the new network
Showing results for 
Search instead for 
Do you mean 

Decoding SDN

by BobMuglia ‎01-14-2013 10:26 AM - edited ‎01-15-2013 10:35 AM

For the past year, software defined networking (SDN) has been the buzz of the networking world.  But in many ways, networking has always been defined by software.  Software is pervasive within all of the technology that impacts our lives and networking is no different.  However, networks have been constrained by the way software has been configured, delivered and managed – literally within a box, updated monolithically, managed through command lines that are throw-back to the days of mini-computers and DOS in the 1980’s.


The Challenges with Networking Software

Networking software has been a drag on innovation across our industry.  Because each network device must be configured individually – usually manually; literally from a keyboard - networks can’t keep pace with the on the fly changes required by modern cloud systems.  Internet companies like Amazon or Google that dedicate hundreds of engineers to their cloud systems have built their own solution to network configuration but this is not a reasonable approach for most companies to build their private cloud.  As virtualization and the cloud has revolutionized computing and storage, the network has lagged behind.


In the service provider world, carriers struggle to configure and manage their networks.  Like Google, they too have built operational support systems to configure their networks but these systems are often 20+ years old and they are crumbling from the burden placed upon them by networking software.  For a service provider, the network is their business, so they must look to networking vendors to introduce new capabilities in order to enable new business opportunities.  Here again, networking software is failing the industry – it is developed as a monolithic, embedded system and there is no concept of an application.  Every new capability requires an update of the entire software stack.  Imagine needing to update the OS on your Smartphone every time you load a new application.  Yet that is what the networking industry imposes on its customers.  What’s worse is that each update often comes with many other changes - and these changes sometimes introduce new problems.  So service providers must carefully and exhaustively test each and every update before they introduce it into their networks. 


What is SDN?

Enterprise and service providers are seeking solutions to their networking challenges.  They want their networks to adjust and respond dynamically, based on their business policy.  They want those policies to be automated so that they can reduce the manual work and personnel cost of running their networks.  They want to quickly deploy and run new applications within and top of their networks so that they can deliver business results.  And they want to do this in a way that allows them to introduce these new capabilities without disrupting their business.  This is a tall order but SDN has the promise to deliver solutions to these challenges.  How can SDN do this?  To decode and understand SDN, we must look inside networking software.   From this understanding, we can derive the principles for fixing the problems.  This is what SDN is all about.   


Here are six principles of SDN with corresponding customer benefits:


  1. Cleanly separate networking software into four layers (planes): Management, Services, Control, and Forwarding - providing the architectural underpinning to optimize each plane within the network.

  2. Centralize the appropriate aspects of the Management, Services and Control planes to simplify network design and lower operating costs.

  3. Use the Cloud for elastic scale and flexible deployment, enabling usage-based pricing to reduce time to service and correlate cost based on value.

  4. Create a platform for network applications, services, and integration into management systems, enabling new business solutions.

  5. Standardize protocols for interoperable, heterogeneous support across vendors, providing choice and lowering cost.

  6. Broadly apply SDN principles to all networking and network services including security - from the data center and enterprise campus to the mobile and wireline networks used by service providers.

The Four Planes of Networking

Inside every networking and security device – every switch, router, and firewall - you can separate the software into four layers or planes.  As we move to SDN, these planes need to be clearly understood and cleanly separated.  This is absolutely essential in order to build the next generation, highly scalable network.


networkplanes.jpgForwarding.  The bottom plane, Forwarding, does the heavy lifting of sending the network packets on their way.  It is optimized to move data as fast as it can.  The Forwarding plane can be implemented in software but it is typically built using application-specific integrated circuits (ASIC’s) that are designed for that purpose.  Third party vendors supply ASIC’s for some parts of the switching, routing, and firewall markets.  For high performance and high scale systems, the Forwarding ASIC’s tend to be specialized and each vendor provides their own, differentiated implementation.  Some have speculated that SDN will commoditize switching, routing, and firewall hardware.  However, the seemingly insatiable demand for network capacity generated by thousands of new consumer and business applications creates significant opportunity for differentiation in Forwarding hardware and networking systems.  In fact by unlocking innovation, SDN will allow further differentiation from the vendors who build these systems.


Control.  If the Forwarding plane is the brawn of the network, Control is the brains.  The Control plane understands the network topology and makes the decisions on where the flow of network traffic should go.  The Control plane is the traffic cop that understands and decodes the alphabet soup of networking protocols and ensures that the traffic flows smoothly.  Very importantly, the Control plane learns everything it needs to know about the network by talking to its peer in other devices.  This is the magic that makes the Internet resilient to failures, keeping traffic flowing even when a major storm like Sandy brings down thousands of networking devices.


Services.  Sometimes network traffic requires more processing and for this, the Services plane does the job.  Not all networking devices have a Services plane – you won’t find this plane in a simple switch.  But for many routers and all firewalls, the Services plane does the deep thinking, performing the complex operations on networking data that cannot be accomplished by the Forwarding hardware.  Services are the place where firewalls stop the bad guys and parental controls are enforced.  They enable your Smartphone to browse the web or stream a video, all the while ensuring you’re properly billed for the privilege.   The Services plane is ripe for innovation.


Management.  Like all computers, network devices need to be configured, or managed.  The Management plane provides the basic instructions of how the network device should interact with the rest of the network.  Where the Control plane can learn everything it needs from the network itself, the Management plane must be told what to do.  Today’s networking devices are often configured individually.  Frequently, they are manually configured using an esoteric command line interface (CLI), understood by a small number of network specialists.  Because the configuration is manual, mistakes are frequent and these mistakes sometimes have serious consequences – cutting off traffic to an entire data center or stopping traffic on a cross-country networking highway.  Service providers worry about backhoes cutting fiber optic cables but more frequently, their engineers cut the cable in a virtual way by making a simple mistake in the complex CLI used to configure their network routers or security firewalls.


networkdevicessmall.jpgWhile the Forwarding plane uses special purpose hardware to get its job done, the Control, Services, and Management planes run on one or more general purpose computers.  These vary in sophistication and type, from very inexpensive processors within consumer devices to what is effectively a high-end server in larger, carrier-class systems.   But in all cases today, these general purpose computers use special purpose software that is fixed in function and dedicated to the task at hand.  That inflexibility is the root of the issue that has sparked the interest in SDN.


If you crawled through the software inside a router or firewall today, you’d find all four of the networking planes.  But with today’s software that networking code is built monolithically without cleanly defined interfaces between the planes.  What you have today are individual networking devices, with monolithic software, that must be manually configured.  This makes everything harder than it needs to be.



So if today’s networking software is the root of the problem, better software is the solution and that’s where SDN comes in.  How do we go from today’s networking software to a modern architecture?  We start by looking at the way cloud providers build their software.  Amazon, Google, and Facebook use racks of industry-standard, x86 servers running software that is designed to scale-out by adding more servers as the need for capacity increases.  The use of industry standard, x86 hardware combined with scale-out software is how modern, highly available systems are built.

centralized.jpgUnlike most cloud applications, networks are inherently decentralized.  That’s really what networks are all about – moving data from one place to another.  So while Facebook can run in a small number of huge data centers, networks are distributed – throughout a data center, over a campus, within a city, or in the case of the Internet, across the entire planet.  That’s why networks have always been built as a collection of separate, self-contained, individually managed devices.  But centralization is powerful; it is a key principle for SDN and it’s very appropriate to apply centralization to networking software.  However, you can’t take this too far.  Centralization only makes sense within a highly-connected, contained geographic area – for example, within a data center, throughout a campus, or in the case of a service provider, across a city.  Even with this centralization, network devices themselves will remain distributed and they must have local intelligence. 


When you add the concept of centralization to networking software, the four planes move around a bit.  Regardless of the number of distributed devices, you’d like to manage the network as a system and Centralized Management does that job.  When you centralize management, it becomes the configuration master; all of the devices keep just a copy.  This is very similar to the way publications work with our Smartphones and tablets.  If you run the New York Times app on your iPad, it pulls down today’s edition.  During the day, it keeps checking for updates and downloads them when they appear.  This is analogous to how Centralized Management works; the full truth lives in the center and only a copy of the configuration data is stored on the networking devices.


Services have historically been implemented within each networking and security device but with SDN, Services can move to the center and are performed on behalf of all devices.  However, this only makes sense in a highly-connected, contained geographic area.  If you’re accessing the Internet from your Smartphone, you want to get onto the Internet highway from the city you’re in, not someplace half-way across the country.


When SDN enters the picture and some things are centralized, the changes to the Control plane are the most complex.  The control plane is the cop that directs the traffic.  The way the Control plane works is each networking device talks to the networking devices they directly connect with.  They tell each other what they know about the network.  Think about it as an electronic version of smoke signals.  Each device passes information about the network on to the next device.  This works incredibly well in the highly connected, networking world.  Many years of work across the entire networking industry ensure that networks continue to do their job even when things go wrong.  When a major router goes offline, there is a buzz of chatter between the networking devices as they scurry to restructure their view of the network – and keep you connected. 


But sometimes having a central, birds-eye view of traffic also makes sense.  That’s where the Centralized Controller comes in.  The Centralized Controller has a broad view of the network and can connect things together in a way that optimizes the overall traffic.  


Forwarding is one plane that always stays decentralized in an SDN world.  This makes sense because Forwarding actually moves the data – and this is by-definition decentralized. 


Getting from Here to There

So how do we go from today’s fully decentralized networks to a new world where some things are centralized with SDN?  You can’t start with a clean sheet of paper because networks are actively running and must continue to function as SDN is introduced.  SDN is like a remodel; you need to do it one step at a time.  Like most remodels, there is more than one way to get to the SDN result, but here is a reasonable set of steps to reach the goal:


Step1.jpgStep 1: Management is the best place to start as this provides the biggest bang for the buck.  The key is to centralize network management, analytics, and configuration functionality to provide a single master that configures all networking devices.  This lowers operating cost and allows customers to gain business insight from their networks.


Centralizing Management does several things, each of which provides significant value.  You start by creating a Centralized Management system.  Similar to cloud applications, this centralized management system is packaged in x86 virtual machines (VM’s) running on industry standard servers.  Those VM’s are orchestrated using one of the commonly available orchestration systems such as VMware’s vCloud Director, Microsoft System Center, or OpenStack.  


In the case of the service provider, their operational and business systems connect to the centralized management VM’s which configure the network.  Similarly within a data center, that same data center orchestration system (VMware vCloud Director, OpenStack, etc.) can now directly manage the network.


Configuration is performed through published API’s and protocols; where possible these protocols are industry-standard.  As SDN is still nascent, industry standard protocols are still emerging but it is very important that moving forward these standards get created.


Networking and security devices generate huge amounts of data about what is happening across the network.  Much can be learned by analyzing this data and like other aspects of business, “Big Data” analytics techniques applied to networking and security data can transform our understanding of business.


Step2.jpgPulling management from the network device into a centralized service provides the first step to creating an application platform.  Of greatest urgency is simplifying the connection to the operational systems used by enterprises and service providers.  But as this platform takes shape, new applications will emerge.  The analytics provides insight into what’s happening within the network, enabling better business decisions and new applications which will dynamically modify the network based on business policy.  Centralized management enables changes to be performed quickly - enabling service providers to try out new applications, packages and plans, quickly expanding those that work and dropping those that don’t.  In fact, like other new platforms we’ve seen over the years, the possibilities are endless and the most interesting applications will only emerge once that platform is in place.


Step 2: Extracting Services from network and security devices by creating service VM’s is a great next step because Services are an area that is terribly underserved by networking.  This enables network and security services to independently scale using industry-standard, x86 hardware based on the needs of the solution. 


Creating a platform that enables services to be built using modern, x86 VM’s opens up a whole new world of possibility.  For example, the capacity of a security firewall today is completely limited by the amount of general-purpose processing power you put into a single networking device – the forwarding plane is faster by an order of magnitude or more.  So if you can pull the security services out of the device and then run them on a bank of inexpensive x86 servers, you dramatically increase capacity and agility.


Step3.jpgAs a first step, you can tether, or connect these services back to a single networking device.  You can put the x86 servers in a rack next to the networking device or they can be implemented as server blades within the same networking device.  Either way, this step opens up the possibilities for a whole new set of network applications.  


Step 3:  Creating a Centralized Controller is a big step forward.  The Centralized Controller enables multiple network and security services to connect in series across devices within the network.  This is called “SDN Service Chaining” – using software to virtually insert services into the flow of network traffic.  Service chaining functionality is physically accomplished today using separate network and security devices.  Today’s physical approach to service chaining is quite crude; separate devices are physically connected by Ethernet cables; each device must be individually configured to establish the service chain.  With SDN Service Chaining, networks can be reconfigured on the fly, allowing them to dynamically respond to the needs of the business.  SDN Service Chaining will dramatically reduce the time, cost and risk for customers to design, test and deliver new network and security services.  



Here are several examples of SDN Service Chaining.  The first example is a cloud data center connection between the Internet and a web server.  In this example, the Stateful Firewall service protects the application and the Application Delivery Controller provides load balancing of network traffic across multiple instances of the web server.  SDN Service Chaining allows each service within the chain to elastically scale based on need; the SDN Service Chain dynamically adjust the links within the chain as instances of the services come and go.


SDNServiceChain2.jpgThe second example is between two components of a cloud application; in this case between the web server and the middle-tier application VM’s.  The traffic between these application components must be isolated from other traffic within the cloud data center and the load needs to be balanced across application instances with an Application Delivery Controller service.   With SDN Service Chaining, all of this is done in software – the chain forms a virtual network where the end-points are the virtual switches within the hypervisors of the servers that run the application VM’s.  The SDN Service Chain dynamically adjusts the links in the chain when the data center orchestration system moves a VM from one physical server to another.  Of course, there is still a physical network underneath the SDN Service Chain but it does not need to be reconfigured when changes are made within the SDN Service Chain.


While the first two SDN Service Chain examples apply to the cloud data center, the third example is in a completely different domain – the mobile service provider edge.  In this case, the network traffic is coming from a cell phone tower; it moves through an edge router and then a set of processing steps are performed in series.  The Evolved Packet Core extracts the Internet Protocol (IP) sessions from the network tunnels connected to the cell tower base stations.  Immediately this traffic is analyzed and protected by a Stateful Firewall.  Deep Packet Inspection is used to determine traffic patterns and generate analytics information.  The Policy Charging & Enforcement Function applies subscriber SDNServiceChain3.jpgpolices such as enhancing the quality of service for premium subscribers.  Finally as the traffic heads out to the Internet, Carrier Grade Network Address Translation (NAT) provides the traffic with an IP address.


In the third example, both end-points of the SDN Service Chain are edge routers.   While the specific application in the mobile service provider edge is very different from the data center, the SDN Service Chaining architecture is exactly the same.


SDN Service Chaining dramatically increases the flexibility of service deployment.  Most significantly, it allows network and security devices to be managed and upgraded independently from the services within the SDN Service Chain.  SDN Service Chaining enables services to be treated like applications on your Smartphone – the network can still operate when new services are installed.  This is a huge advance over the current situation where these upgrades are highly disruptive, thus requiring immense care and planning. 


SDN Service Chaining is a new innovation and thus extensions to existing protocols and new protocols will need to be defined.  As these emerge, it is important that they are established as industry standards to enable multi-vendor interoperability.


Step4.jpgStep 4: The final step of optimizing network and security hardware can proceed in parallel with the other three.  As services are disaggregated from devices and SDN Service Chains are established, network and security hardware can be used to optimize performance based on the needs of the solution.  Network and security hardware will continue to deliver 10x or better Forwarding performance then can be accomplished in software alone. The combination of optimized hardware together with SDN Service Chaining allows customers to build the best possible networks. 


The separation of the four planes helps to identify functionality that is a candidate for optimization within the Forwarding hardware.  This unlocks significant potential for innovation within the ASIC’s and system design of networking and security devices.  While an x86 is general purpose, the ASIC’s within networking devices are optimized to forward network traffic at extreme speeds.  This hardware will evolve to become more capable –every time you move something from software into an ASIC, you can achieve a 10x performance improvement or more.  This requires close coordination between ASIC design, hardware systems, and the software itself.  As SDN becomes pervasive, the ability to optimize the hardware will create lots of opportunity for networking and security system vendors.



SDN is major shift in the networking and security industries.   Its impact will extend far beyond the data center and is thus actually much broader then many predict today.  SDN will create new winners and losers.  We will see new companies successfully emerge and we’ll watch as some incumbents unsuccessfully struggle to transition.  But like any major industry trend, the customer benefit is real and we’ve now reached a tipping point where the technology shift is inevitable. 

on ‎01-27-2013 08:41 PM

Great Article!


From my personal perspective, it would be great if we:

1. are able to 'customize & solutionise' this concepts to our clients

2. have a ballpark figure/budget on this

3. able to provide training engineers to administer and setup the solution

4. address post-sales support topcs/concerns (troubleshooting, backup and upgrading...)


Is there a demo lab on this currently?




by N Shravan
on ‎01-29-2013 07:12 AM



SDN seems to have a lot of potential for everyone.


I have a few questions though:


Principle 5 of SDN is interesting. What sort of new protocols do we see coming into the networks as a result of SDN?

Do we plan to have any head start in that area?


As and when SDN is deployed by enterprises, and they actually begin to enforce their business rules dynamically over their network in using software, who/what would ensure the following:

The business rules do not overwhelm the physical (speed) limitations of the network.

The business rules do not compromise any network or data security

The business rules make the best use of the network resources


In short how do we make sure that the SDN ready/SDN capable network is 'fool-proof'? Is that possible?


Thanks and Regards,


N Shravan

by Jag Brar
on ‎02-08-2013 04:08 PM



Excellent article.  Thanks.


I think one of promises of SDNs is the ability to think of the network end-to-end and to apply policies across the network - as opposed to thinking about one device at a time.  This would require new abstractions for interfacing with network - as opposed to simply configuring interfaces, peer, prefix lists and route-maps (something I have been doing for a very long time).  And "this" aspect of SDNs is not applicable to Cloud Datacenters alone - it applies to any network, I think.



by Ed Roberto
on ‎03-01-2013 01:04 PM



Thank you for authoring a thoughtful treatment on the state of SDN. Several facets read directly from the business plan of Lagrange Systems and our focus on Layer 7 and traffic management associated with high availability applications. In your future analysis, I'd be curious to get your view on the integration between SDN and ADN.


Best Regards,


by Charuhas
on ‎04-18-2013 07:03 PM

Hi Bob,


Thanks for a great article!


SDN has among other things, great potential for solving the management headaches that the tradiional management systems (whether based on SNMP/CLI or even XML) have failed (partially). Since SDN is centralized, an 'end-to-end' (this is that dreaded and over used word again!) view as well as orchestration will be extremely poerful and useful.

Juniper Networks Technical Books
About the Author
  • Prior to Juniper acquisition, Ankur was the Founder and CEO of Contrail Systems Inc - a pioneer in standards based network virtualization and scale-out networking software. Ankur has over 15 years of experience in building world-class networking products and leading high performance teams. Prior to Contrail, Ankur served as Chief Technology Officer and VP of Engineering at Aruba Networks, where he played critical roles in the rapid expansion of team, products, and global businesses. Before Aruba, Ankur helped drive Juniper’s initial entry into and expansion of the Ethernet Switching market. Ankur received his MSEE from Stanford University & BSEE from the University of Southern California.
  • I am an experienced leader in the Information Experience (iX) industry. For over 20 years, I've led information organizations at Juniper, Microsoft, Cisco, and Oracle to deliver quality technical documentation and information products to customers and partners across the globe.
  • Bob Dix currently serves as the Vice President of Government Affairs & Critical Infrastructure Protection for Juniper Networks. During his career, he has served in senior leadership roles in industry and government, including serving as Staff Director for the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census during the 108th Congress. He represents Juniper on the Industry Executive Point of Contact for the President's National Security Telecommunications Advisory Committee ( NSTAC ), where he chaired the Cybersecurity Collaboration Task Force in 2009. He served as Chair of the Information Technology Sector Coordinating Council ( IT SCC ) from 2008 – 2010 and currently remains a member of the Executive Committee. Mr. Dix was elected in May, 2011 as Chair of the Partnership for Critical Infrastructure Security ( PCIS ). He also serves on the National Security Task Force for the U. S. Chamber of Commerce. He is a member of the AFCEA Cyber Security Committee and Chairs the Supply Chain Assurance Subcommittee for TechAmerica. Additionally, Dix has actively worked to insure and coordinate private sector participation and collaboration with the National Exercise Program, intended to test our nation’s preparedness and resiliency. He served as Chair of the National Private Sector Working Group for National Level Exercise 2011 and 2010. In 2007 and 2009, Dix was honored with a prestigious Federal 100 Award, and was recognized in March, 2010 as the recipient of the annual FCW Industry Eagle Award. Dix also served as a local government elected official in Northern Virginia for 12 years and in his spare time coaches AAU/Travel girls basketball.
  • Jennifer Blatnik is vice president of cloud, security and enterprise portfolio marketing at Juniper Networks with focus on enterprise deployments of security, routing, switching, and SDN products, as well as cloud solutions. She has more than 20 years of experience helping enterprises solve network security challenges. Before joining Juniper, Jennifer served multiple roles at Cisco Systems, Inc., including directing product management for security technologies aimed at small to medium enterprises, as well as supporting managed services, cloud service architectures and go-to-market strategies. She holds a B.A. in Computer Science from University of California, Berkeley.
  • Jerry oversees all aspects of OpenLab which serves as a catalyst to spark the development of new innovative software applications or solutions that leverage the power of SDN/network programmability and intelligence. OpenLab is unique within Juniper and with its polished facility, globally accessible lab, and educational programs – such as the SDN “hackathons,” it serves as a tool for customer, partners, and academia. Prior to this position, Jerry led the development, management and marketing of the company’s strategic partnerships for video/unified communications, optical networking, and content/media delivery. In addition to handling the day-to-day oversight of the partnerships, he established new cross-partner go-to-market processes to drive and manage joint field opportunities. Before joining Juniper, Jerry led the Lucent Technologies application hosting/service provider marketing organization. He has over 25 years of experience in the data networking field with a focus on strategic alliance development, marketing, and technical field support. Jerry possesses a BS degree in Computer Science from St. John’s University in New York. He is active as a Juniper ambassador within the technology and academic community which includes advisory board positions with both NJIT and Rutgers in New Jersey.
  • Kevin Walker is the Security Chief Technology and Strategy Officer for Juniper’s Development and Innovation (JDI) organization. He is responsible for driving the security strategy both internally within Juniper, and externally with investors, partners, influencers, and customers. He provides the guidance required for JDI to conceive, develop and create momentum for industry-leading security solutions. Working closely with the Security Engineering team, Walker identifies the opportunities for improved security, growth, and innovation to deliver the scalable, reliable, and compliant security architecture needed in today’s security landscape. Before joining Juniper, Walker was VP and Assistant Chief Information Security Officer (CISO) at He has served as a Chief Information Security Officer (CISO), Chief Security Strategist and Director of Information Security across a number of notable companies including Intuit, Cisco, Symantec and VERITAS Software. With over twenty-five years in various computer science and information technology disciplines, focusing on enterprise applications, network design, and information security, Walker possesses research and engineering expertise across of range of technologies including networking protocols, securing applications at the atomic level, cryptography, and speech biometrics.
  • As Juniper’s Senior Vice President of Strategy and Product Line Management, Kevin Hutchins is responsible for defining and enabling Juniper’s strategy from company vision into product execution. This includes driving the company’s inorganic growth through strategic partnerships, venture investments and acquisitions/divestitures. In addition, he is responsible for driving key strategic imperatives, including Juniper’s software strategy and transformation. Hutchins joined Juniper in 2010 as Vice President, Portfolio Management & Business Operations for Juniper’s Development & Innovation team where he led business planning, portfolio rationalization, new product introduction and execution of strategic programs across Juniper’s portfolio of routing, switching and security products.
  • Mike Marcellin is Senior Vice President and Chief Marketing Officer, leading the global marketing team responsible for marketing Juniper’s product and services portfolio and stewarding the brand, driving preference for Juniper in the market, training our partners and account teams, and developing a differentiated information experience for our customers. Before joining the global marketing organization, Marcellin led business strategy and marketing for Juniper’s industry-leading portfolio of high-performance routing, switching and security products. Prior to joining Juniper in 2010, Marcellin served as Vice President of Global Managed Solutions for Verizon, where he oversaw product development and marketing of its managed IP networking, hosting, security and IT solutions for businesses around the world. He also served as Vice President of Global Product Marketing for Verizon Business, executive director of Verizon Business’ IP and Ethernet portfolio as well as leading the company’s eCRM marketing division. Marcellin began his career with MCI in 1994. Marcellin is a Board Member for the Telecommunications Industry Association and a Board Member of US Ignite, an NSF-sponsored initiative. Marcellin holds two patents and was a Rodman Scholar at the University of Virginia, where he received a bachelor of science degree with distinction in systems engineering. He is based in Sunnyvale, California.
  • Masum Mir is Vice President of Product, Solutions & Technical Marketing at Juniper Networks. Masum is responsible for the Switching product line, network management product line and optical technologies. Beside product leadership Masum also leads cloud strategy and solution architecture. Masum has 19 years of experience in communication and data networking industry with Expertise in Ethernet Switching, Data Center, Carrier Ethernet, Routing, overlay & network segmentation, Fabric technology & photonics technology.
  • Paul Obsitnik is Vice President of Service Provider Marketing for Juniper Networks Platform Systems Division (PSD), responsible for the marketing of Juniper’s portfolio of high performance routing, switching, and data center fabric products to Service Providers globally. Paul's team is responsible for marketing strategy, product marketing, go-to-market planning, and competitive analysis worldwide for the Service Provider segment. Obsitnik has extensive experience in marketing, sales and business development positions with a proven track record in creating technology markets. He has served in senior marketing and sales management positions at several companies including BridgeWave Communications, ONI Systems, NorthPoint Communications and 3Com. Paul holds a Bachelor of Science with Honors in Electrical Engineering from the United States Naval Academy and a Master of Business Administration from the Harvard Graduate School of Business. Obsitnik is based in Sunnyvale, California.
  • Pradeep Sindhu founded Juniper Networks in February 1996, and has held several central roles in shaping the company. He currently serves as Vice Chairman of the Board and Chief Technology Officer, and is responsible for the company's technical roadmap as well as day-to-day design and development of future products. He served as Chairman and Chief Executive Officer for eight months when he founded the company. During that time, he played a central role in the architecture, design, and development of the M40 router.
  • Rami Rahim is Chief Executive Officer of Juniper Networks and a member of the company’s Board of Directors. Rahim was appointed CEO in November 2014. Rahim began his Juniper career in early 1997, as employee No. 32, and worked as an engineer on Juniper’s first breakthrough product, the M40 core router. Rahim has progressed through a series of technical and leadership roles at Juniper, applying his engineering acumen to the design and development of Juniper’s industry-leading product portfolio. He most recently served as Executive Vice President and General Manager of the Juniper Development and Innovation (JDI) organization, overseeing the company’s entire product and technology portfolio. His responsibilities included driving strategy, development and business growth for routing, switching, security, silicon technology, and the Junos operating system. Other leadership positions held over the years include: Executive Vice President and General Manager of Platform Systems Division for routing and switching, Senior Vice President of the Edge and Aggregation Business Unit (EABU), and Vice President and General Manager of EABU.
  • As Chief Customer Officer, Vince Molinaro is responsible for driving the strategic and operational elements of the Sales, Marketing, Partners, Services and Support functions at Juniper Networks. He leads a global organization of more than 3,500 professionals that includes direct and indirect sales, systems engineering, advanced technologies and field operations. Molinaro brings more than 25 years of professional experience in engineering, product management, marketing, sales and operations to his worldwide role. He joined Juniper in 2009 and led the strategy and go-to-market execution for the company’s global service provider business. He was named EVP, Worldwide Sales in 2013 before assuming his current role in February 2014. Prior to joining Juniper, Molinaro held senior leadership positions at a number of technology companies including Bell Laboratories, Lucent Technologies, Alcatel-Lucent and Internap Network Services. He has extensive domestic and international experience having lived and managed large organizations throughout Europe and the U.S. Molinaro holds a bachelor of science degree in biomedical engineering from Boston University and a master of science degree in electrical engineering from University of Bridgeport. He is based out of the Juniper Networks facility in New Jersey, home of OpenLab, The Junos and SDN Center for Innovation.
About The New Network

Exploring the vision for the networking industry and the issues shaping its future.

Subscribe to The New Network    RSS Icon

Our Bloggers

Rami Rahim
Chief Executive Officer

Profile | Subscribe

Pradeep Sindhu
Vice Chairman of the Board & CTO

Profile | Subscribe

Mike Marcellin
Chief Marketing Officer

Profile | Subscribe

Ankur Singla
Vice President of Engineering

Profile | Subscribe

Bob Dix
Vice President
Government Affairs &
Critical Infrastructure Protection

Profile | Subscribe