Juniper fights back against white-box world with high-performance silicon
Routers, switches, firewalls get revved up
Juniper is touting performance, performance, and more performance in its traditional annual strategy release – at the same time, it probably hopes, pouring cold water on the emerging world of white box players.
The three planks of the strategy – routing, data centre switching, and firewalls – all claim significant lifts in throughput, with the PTX Series router leading the charge.
New custom silicon – “take that, merchant silicon fans!” Juniper may have said but didn't – triples the performance of the carrier-targeted PTX boxen.
Mike Marcellin, Junipers senior veep for strategy and marketing, told El Reg the custom chipset lifts the router from around 1 Tbps per slot to 3 Tbps per slot, between three and seven times the per-slot performance of its competitors.
The aim, Marcellin said, is to offer kit that can cope with the expected growth of carrier traffic (driven by the explosion in connected devices and the anticipated take-off of machine-to-machine traffic) over five years. “Carriers don't want to build something that solves their problem for the next 18 months,” he said.
Software defined networking (SDN) is also on the mind of The Gin Palace in this release, with enhancements to its NorthStar SDN controller.
There's a focus on automation with this release, Marcellin said, to help carriers optimise network infrastructure, traffic and utilisation.
The controller covers both IP and optical network elements in multivendor environments he added.
Expanded data centre switching
Juniper has also added its first data centre spine switch, the QFX10000 range.
While the company was already shipping top-of-rack switches, Marcellin said “we didn't play in the spine switch space”. To remedy this, he said, a lot of effort went into trying to leapfrog existing offerings.
The key requirements for a spine switch are port (and traffic) density, low power, and a small footprint – since any excess in size or power consumption translates to resources that can't be devoted to the application servers that actually make money.
It's down to silicon again, Marcellin said, with the QFX switches using a chipset tagged Q5 “that enables us to have the best 100G Ethernet density and total system capacity of any spine switch out there”.
There are three models in the range:
- The QFX10002 – a 2RU unit in 36 or 72 port (at 40 Gbps) configurations that can upgrade from 40 Gbps to 100 Gbps ports;
- The QFX10008 – an eight-slot unit that supports from just over 1,000 10 Gbps Ethernet ports to 240 x 100 Gbps;
- The 480 x 100 Gbps Ethernet monster QFX10016.
The SRX series physical firewalls have had their performance kicked along to 1 Tbps, and latency has been cut, while the virtual version – vSRX – has had AppSecure 2.0 added to its capabilities.
In a virtualised environment, Marcellin said, the inclusion of AppSecure means the virtual firewall can be wrapped around applications on a per-application basis, rather than having to operate at the relatively-crude per-host level.
The physical SRX5000 gets a capability called Express Path that can apply different security policies to different traffic flows. Hence (for example) a YouTube video might get less security processing than flows associated with sensitive financial application data.
Juniper's release, with links to individual product announcements, is here. ®