We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byScot Caldwell
Modified about 1 year ago
SIMPLY CONNECTED THE NEW CAMPUS NETWORK, MOBILITY CHANGES EVERYTHING Alain Levens Sr. SE Campus & Branch February 14, 2012
2 Copyright © 2012 Juniper Networks, Inc. AGENDA Challenges in the campus network today Becoming Simply Connected Juniper technologies for the Simply Connected network Questions Copyright © 2011 Juniper Networks, Inc.
3 Copyright © 2012 Juniper Networks, Inc. THE WORLD IS ON THE MOVE THE NETWORK CAN’T STAND STILL Clients The Network Becomes a Key Enabler or Barrier to IT Success Mobile Home Branch Campus Corp IT Outsourced Ad-Hoc Chosen Applications Assuring Mobile Accessibility Is Now an Imperative
4 Copyright © 2012 Juniper Networks, Inc. MOBILITY REDEFINES BUSINESS PRACTICES AN OPPORTUNITY, NOT A PROBLEM Business ApplicationsPersonal Applications 42% 42% Increased Productivity 39% 39% Reduced Paperwork 37% 37% Increased Revenue Source : Forrester, Frost &Sullivan, Business week, Gigaom pro, ABI research Pulse
5 Copyright © 2012 Juniper Networks, Inc. Unique Daily Wireless Sessions Large American University ~50,000 Students, Multiple Devices Per Student 6x FallSummerSpring 2011 INCREASED EXPECTATIONS FOR NETWORKS FallSpringSummer 2010
6 Copyright © 2012 Juniper Networks, Inc. THE SOLUTION IS TO BE SIMPLY CONNECTED Switching Security Juniper Simply Connected Portfolio Services Wireless Routing Automated, uninterrupted service Safe and simple mobility while protecting assets An integrated portfolio of resilient wired, wireless and security products that simply enable mobility at scale. Consistent Security Performance at Scale Highly Resilient “All the great things are simple.” - Albert Einstein Consistent Security Performance at Scale Highly Resilient Scalability without complicating the network
7 Copyright © 2012 Juniper Networks, Inc. 1. CONSISTENT SECURITY BRINGING CONTROL BACK TO IT MAG EX Servers AP SRX WLC EX AP Campus Branch Freedom to choose and change Security context and coordination Device, Network and App Security Qualify the Device 1 Provision and Authenticate the User 2 Enforce Security Policies in the User and Application Level 3 Control the Device and Avoid Data Leakage 4 SRX MX
8 Copyright © 2012 Juniper Networks, Inc. 2. PERFORMANCE AT SCALE SIMPLE & COST-EFFECTIVE SCALING MAG EX Servers AP SRX WLC EX AP Campus Branch SRX MX Wired-like Performance Everywhere 1 Designed for Bandwidth Hungry Rich-Media Applications 2 No Performance Tradeoffs as Campus Scales 3 Protection for High Priority Sessions Optimized Distribution of Traffic on APs Low Latency & Increased Throughput
9 Copyright © 2012 Juniper Networks, Inc. 3. HIGHLY RESILIENT FOR NON-STOP PRODUCTIVITY MAG Servers SRX WLC MX Campus MX Designed for Mission-Critical Networks 1 Layers of Protection for Planned and Unplanned Outages 2 Simplified Operations 3 No Single Point of Failure Carrier Class Network for Enterprise 80% Fewer Managed Devices SRX EX AP Branch EX AP
10 Copyright © 2012 Juniper Networks, Inc. SIMPLY CONNECED Becoming Simpler and More Resilient Lets look at a practical example…
11 Copyright © 2012 Juniper Networks, Inc. THE SIMPLY CONNECTED STORY We will show you how a Juniper network manages voice and video calls from non-company owned devices and how our WL and EX series provide a uniquely resilient environment for the mobile user We will detail some of the key differentiating technologies that we have to offer for wireless and ethernet switching A DAY IN THE LIFE of a simply connected user 11 Copyright © 2010 Juniper Networks, Inc. Our technical experts are standing by to take your detailed technical questions on any of the material presented at the end of this seminar
12 Copyright © 2012 Juniper Networks, Inc. ELEMENTS OF A “SIMPLY CONNECTED” CAMPUS Apps Data Finance Video Active Directory/ LDAP MAG Wireless AP’s Junos Pulse Client Wireless LAN Controller Ethernet core switches Ethernet access switches Router Firewall IDP SSLVPN RADIUS Universal Access Control SRX Router/Firewall/IDP Internet Corporate Data Center
13 Copyright © 2012 Juniper Networks, Inc. SIMPLY CONNECTED 1 1 Network Enter the building and associate with WLAN. Start SIP call over WLAN. Start video over WLAN.
14 Copyright © 2012 Juniper Networks, Inc. WLAN ManagementWLAN Controller COMPONENTS OF A WIRELESS LAN (WLAN) Access Point Trusted Client 802.1x Authentication Encrypted UAC/MAG Access Firewall Wireless LAN CONTROLLER (WLC) Campus Core (Location) WLM1200 WLAN Management
15 Copyright © 2012 Juniper Networks, Inc. OPTIMAL ARCHITECTURE FOR VOICE AND VIDEO Smart Mobile Architecture Centralized AND Distributed Switching Security Management Reliability Performance CENTRALIZED DISTRIBUTED A B C D Local Switching Inter-Module Switching
16 Copyright © 2012 Juniper Networks, Inc. SIMPLY CONNECTED Network AJ walks past a conference room full of visitors who are all using WLAN to do .
17 Copyright © 2012 Juniper Networks, Inc. MANAGING WIRELESS CONGESTION Wired priority is mapped to 4 X WMM access categories for over-the-air QoS Packet prioritization applied to tunneled traffic AP and controllers classify and mark user traffic
18 Copyright © 2012 Juniper Networks, Inc. AUTOMATIC CLIENT LOAD BALANCING 5 GHz capable client ‘encouraged’ to connect at 5 GHz 2.4 GHz only client connects at 2.4 GHz Automatic Load Balancing per RF Band Band Steering
19 Copyright © 2012 Juniper Networks, Inc. WLA532 INDOOR N AP Most Compact 11n AP 3x3 MIMO, 3 stream antenna 450Mbit support Integrated antenna design Highly Integrated Client Access and Spectrum Analysis Encrypted, high speed links to Remote Aps Trusted Platform Module ensures authenticity of HW, SW Energy efficient Under 802.3af power limit Reduces consumption per 802.3az
20 Copyright © 2012 Juniper Networks, Inc. SIMPLY CONNECTED Network Virtual Chassis extended L2 domain transports sessions between multiple APs. Mobility domain allows seamless roaming
21 Copyright © 2012 Juniper Networks, Inc. Multiple switches acting as a single, logical device One switch to configure, one switch to manage Improved resiliency and performance Virtual Chassis VIRTUAL CHASSIS SIMPLIFYING THE NETWORK
22 Copyright © 2012 Juniper Networks, Inc. Dual 10GbE links used to extend EX4200/EX3300 Virtual Chassis across closets; each floor managed as single switch EXAMPLE : HORIZONTAL MULTIPLE STORY BUILDING 10GbE Closet 1.1 Closet 1.2 InternetWAN WLC’s Closet 2.1Closet 2.2 Closet 3.1 Closet 3.2 LAG 10GbE Floor 3 Floor 1 Floor 2 EX3300 Virtual Chassis EX4200 Virtual Chassis EX4200 Virtual Chassis 3xEX3300 4xEX4200 5xEX4200 4xEX4200 2xEX4500 2xEX4200 EX4500 Virtual Chassis provides redundant L2/L3 10GbE collapsed core EX4200/EX3300 Virtual Chassis provides redundant L2 access Access switches connect to core using 2x10GbE LAG AP 1 Gbit connect to Access switch EX4500/EX4200 Virtual Chassis
23 Copyright © 2012 Juniper Networks, Inc. ACTIVE-ACTIVE CONTROLLERS Client Session State Primary controller authenticates/ authorizes client 2 2 Client Session State Primary propagates session details to backup controller for use during failure 3 3 A new client associates to the system 1 1 Member Secondary Seed Primary Seed
24 Copyright © 2012 Juniper Networks, Inc. SIMPLY CONNECTED 4 4 Network
25 Copyright © 2012 Juniper Networks, Inc. L2 and L3 STATEFUL FAILOVER Master RE – EX4200Backup RE – EX4200 Line card – EX4200 EX4500VC WLC2WLC1 Internet/Data Center Line card – EX Normal traffic flow 5 5 AP1 EX-SW4 fails and EX-SW5 and EX-SW3 detect VC port to EX-SW4 is down EX-SW3 immediately switches to backup path WLAN FAIL OVER IN 150 MILLISECONDS All traffic is re-routed Virtual Chassis via Fiber connection to extend range
26 Copyright © 2012 Juniper Networks, Inc SIMPLY CONNECTED Network
27 Copyright © 2012 Juniper Networks, Inc. ENFORCING NETWORK ACCESS POLICIES PC user Corporate Data Center Apps Data Finance Video Active Directory /LDAP Patch Remediation MAG WLCs Pulse detects device is on corporate network and per user policy disables any active VPN sessions 1 1 During 802.1x authentication. MAG verifies PC meets company software and security policy requirements 2 2 Compliance check fails. Antivirus signatures are out of date and user is quarantined to remediation VLAN. Patch server updates signatures. User is now in compliance and granted network access 3 3 EX4500 VC and EX4200 VC SRX EX4200 VC SRX AppTrack feature combined with MAG data collects per user application information providing detailed reports in STRM SRX AppSecure Polices block non- work related applications 6 6 SRX enforces user policies allowing user basic access to all servers except finance 5 5 MAG pushes role based FW policies to EX and SRX 4 4 Virus SW too old Internet
28 Copyright © 2012 Juniper Networks, Inc. SIMPLY CONNECTED Network
29 Copyright © 2012 Juniper Networks, Inc. Wireless User Tablet/smartphone Corporate Data Center Apps Data Video Active Directory /LDAP MAG with Radius, SSLVPN and UAC modules WLCs User needs to access company intranet over non-corporate network using iPad 1 1 User starts Junos Pulse and initiates a secure VPN session with MAG appliance 2 2 MAG verifies user login, establishes VPN and the device is allowed on the network. 3 3 SRX AppSecure polices block non-work related applications 6 6 EX4500 VC and EX4200 VCs SRX with IDP/ AppSecure SRX AppTrack feature combined with MAG data collects per user application information providing detailed reports in STRM Finance MOBILE DEVICE REMOTE NETWORK ACCESS POLICY AND ACCESS CONTROL SRX enforces user policies allowing user access to all servers except finance 5 5 MAG pushes role based ACL and FW policies to the SRX and EX 4 4 Internet
30 Copyright © 2012 Juniper Networks, Inc. THIS AFTERNOON, USE CASE: BRING YOUR OWN DEVICE (BYOD) More users connect their personal wireless devices to your network. Employees need access to business-critical applications. How do you ensure that corporate information is not compromised? Simple and secure access with point-and-click provisioning Role-based access depending on profile, identity, and role Nested application visibility and security enforcement Coordinated threat control automated for wired and wireless environments including day zero attacks. Juniper’s Differentiation Performance at Scale Highly Resilient Consistent Security Trend Challenge
31 Copyright © 2012 Juniper Networks, Inc. THE STEPS TO SIMPLY CONNECTED Provide consistent security across users, applications and devices 1 Build one general purpose network to better serve your new access devices and rich media applications 2 Design for an always-on wired-like wireless experience 3
32 Copyright © 2012 Juniper Networks, Inc. THE NEW CAMPUS & BRANCH O rchestrated E xperience N etwork
1 MICHAEL BANIC VP ENTERPRISE MAKETING. THE NEW DATA CENTER NETWORK.
JUNIPER TECHNOLOGY UPDATE Debbie Montano Jan 31, 2011.
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.
Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
End to End Security Westcon / Juniper 5 daagse Pieter van Dijk Dennis de Leest.
All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
11 Copyright © 2009 Juniper Networks, Inc. ANDY INGRAM VP FST PRODUCT MARKETING & BUSINESS DEVELOPMENT.
Juniper Networks CONFIDENTIAL 1 MIGRATION FROM SCREENOS TO JUNOS BASED FIREWALL PRESENTER NAME JULY 2014.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNP 1 v3.0 Module 1 Overview of Scalable Internetworks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Hierarchical Network Design Connecting Networks.
Leading provider of secure mobility for the enterprise Aruba MOVE Architecture Industry’s most secure WLAN Easiest BYOD & Guest Access Zero-touch.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.
© 2011 Aerohive Networks CONFIDENTIAL WI-FI DESIGN 101: QUESTIONS EVERY MANAGER SHOULD ANSWER BEFORE PURCHASING WI-FI.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
JUNOS PULSE Junos PULSE for Windows Junos PULSE Mobile Security Suite.
EX SERIES SWITCHES KEEPING IT SIMPLE Ing. Stephen Attard Computime Ltd Senior Network Engineer.
Designing for Pervasive Network Security. Designing for Security Our aim in this section will be to concentrate on how campus Networks can be designed.
JUNIPER NETWORKS OVERVIEW March 2012 Ing Stephen Vella Computime Ltd. Head of Technology Solutions.
1 Copyright © 2012 Juniper Networks, Inc. Executive Intro Slide Turn Trends into Opportunities Vertical Wide Michael Tjon-En-Fa Industry,
© 2013 Avaya Inc. All rights reserved Avaya UC Collaboration Solution A complete solution for midsize companies Mobility Video SecurityNetworking.
Chapter 1 LAN Design LAN Switching and Wireless – Chapter 1.
Category 6 Ethernet Cable, Single-mode Fiber Cable, and RJ45 Jacks APC Netshelter SX 48U Racks and NetShelter AV Roof Fan Tray 825mm Cisco 3800 ISR.
Objectives: Chapter 7: Intranet LAN Design * Goals and considerations in LAN design * Understand the steps in systematic LAN design * Design issues associated.
Advanced Computer Networks Lecturer: E EE Eng. Ahmed Hemaid Office: I 114.
1 ABNER GERMANOW DIRECTOR ENTERPRISE MARKETING. 2 NEW ATTACK SURFACES DATACENTER CONSOLIDATIONNEW DEVICESBRANCH LOCATIONS.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Module 5 - Switches CCNA 3 version 3.0 Cabrillo College.
©2013 Check Point Software Technologies Ltd. Small Business. Big Security New SMB Appliances Clinton Cutajar Team Leader – Information Security Computime.
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
Copyright © 2008 Juniper Networks, Inc. 1 Simplifying the Data Center Network Advancing the Fundamentals and Economics of Networking.
Exploring the Network. Objectives Students will be able to: Explain how multiple networks are used in everyday life. Explain the topologies and devices.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Check Point Virtual Gateway Protects Microsoft Azure Cloud Infrastructure with a Full Range of Security Defenses and Threat Prevention Solutions MICROSOFT.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Routing and Switching in the Enterprise – Chapter 1 Networking.
PROPRIETARY © Copyright Aruba Networks, Inc. All rights reserved PROPRIETARY © Copyright Aruba Networks, Inc. All rights reserved Aruba Networks.
The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Provider Opportunities for Enterprise MPLS APRICOT 2006, Perth Matt.
Ch.6 - Switches CCNA 3 version 3.0. Rick Graziani Overview Describe the four major goals of LAN design List the key considerations.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
D-Link Unified Access Point DWL-6600AP Sales Guide July 2011 DHQ.
CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.
Dartmouth’s Wireless Network May 16, 2005 David W. Bourque.
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.
© 2017 SlidePlayer.com Inc. All rights reserved.