That’s more than some approaches, but Brooks said this has to be done to get the value out of SDN;
--Centralizing some management, services and control elements to simplify network design, but leave some of those elements in network devices;
--Using cloud principles for elastic scaling;
--Creating a platform that new applications can be easily built on by Juniper as well as third-party developers;
--Using standardized protocols, including BGP, XMPP and OpenFlow, to link to hardware from other vendors;
--And broadly applying SDN principles from the data centre to the service provider edge.
To give some flesh to these bones, Juniper also set out a path for customers to start their voyage to creating software defined networks.
Initially some of this will require Juniper hardware, but, Brooks said, that will change.
So, it says, organizations can start by
--1. Centralizing network management, either using other software companies’ tools, or Junipers’s Junos Space, a platform for automating the operations of Juniper security and switching networks.
Brooks said Junos Space will be made into an even more robust management tool.
Steps after this, however, will need products or applications not on the market yet.
--2. Extracting networking and security services such as firewalls, network address translation, deep packet inspection and load balancing from appliances, and replacing them with virtual apps that can run on x86 servers.
Juniper will offer this capability by the end of this quarter when the JunosV App Engine is released. The App Engine, which has a Linux operating system and KVM hypervisor, will run these virtual machines.
For the time being, the App Engine will only work with a Juniper MX router. Eventually, Brooks said, the engine will be able connect to other manufacturer’s hardware.
--3. Adding a centralized software controller that allows multiple network and security services to connect to each other.
Juniper’s controller, as mentioned earlier, will be based on technology from its December purchase of Contrail Systems and won’t be on the market until next year.
But, Brooks said, combined with App Engine will allow the creation of “service chains” into the flow of network traffic.
So, for example, a firewall app can be told to look at traffic first, followed by a DPI app and then something else. These could be put in any order, Brooks said, using cloud-based orchestration managers.
Juniper believes this will dramatically reduce the time cost and risk of developing new network and security services.
--4. Using hardware optimized for SDNs. Juniper says its MX and SRX series switches will evolve to do this, in part through its programmable ASIC chips.
To lure customers, Juniper also announced an upcoming software licencing and maintenance scheme for the software components of this vision, which will let customers pay based on traffic throughput. Details will be announced later.