Technically Secure
Latest Articles
Simplifying the Data Center

Simplifying the Data Center

Managing a distributed service deployment in a data center network is a big challenge for organizations. Traditionally, data center networks are built upon three tiers of routing and switching:


  • the server access tier, connecting LAN ports to the network;
  • the network aggregation tier, which aggregates FE and GbE from the access tier up to the core network; and
  • the data center core network tier, which interconnects the data center network to the external network and to other data centers.


Network services such as stateful firewalls, intrusion prevention, load balancing & caching are typically deployed at the aggregation tier, since it is best to place services close to the servers and applications they serve. However, this poses a big challenge as businesses deploy these services at scale due to the difficult nature of managing a distributed service deployment. Organizations need to make sure the services are configured uniformly throughout the network and figure out how to redeploy a service to an application while the application moves between physical locations. To date network and security organizations are drowning under the workload of keeping up with the ever changing requirements from the applications and need a way to simplify their data center network.


One approach is to implement a two-tier, high density, high-performance data center network - in which the access tier is solely responsible for connecting the servers to the core network and the core network is responsible for directing traffic the right way. Ideally, an organization would use a large enough firewall that can virtually connect to all the data center networks, while supporting full line-rate forwarding of multi 10GbE and be able to intelligently participate in the network routing protocols.


By taking the core based firewall and service approach, organizations will manage to reduce two of their biggest challenges: 1) application mobility and 2) distributed service deployment.  By having all the intelligence at the core of the network you decouple the physical placement of the server from the logical attributes that are associated to it allowing you to manage from a single unified service element.


Juniper Employee
  • datacenter
Top Kudoed Authors
User Kudos Count
Latest Comments
technicallysecure | 03-27-2009
Re: The Porous Perimeter – Is perimeter protection dead?
technicallysecure | 01-26-2009
Re: Let’s See the Forest and the Trees
technicallysecure | 01-20-2009
Re: The Changing Security Landscape
By  Hubert