Juniper Cloud new.pdf - Contrail Service Orchestration(CSO Designs secures automates and runs the entire service life cycle across NFX Series Network

Juniper Cloud new.pdf - Contrail Service Orchestration(CSO...

This preview shows page 1 - 9 out of 316 pages.

Contrail Service Orchestration (CSO) Designs, secures, automates, and runs the entire service l ife cycle across NFX Series Network Services Platforms, MX Series Routers, and SRX Series Services Gateways. along with the vSRX Virtual Firewall available in public cloud marketplaces. Scanned with CamScanner
Image of page 1
Network Functions Overview Services plane is a fundamental networking software plane Examples of network functions or services: o Stateful firewall o Network Address Translation (NATI c Intrusion detection and prevention (IDP) o Load balancing -, Caching .o WAN acceleration Historically, network services have been deployed using c Physical appliances or servers c Service cards installed in routers or switches Scanned with CamScanner
Image of page 2
Orchestration Platforms: OpenStack Applications 0~ ~6 QI -----, Monitoring ofi. 1 °6 9 and Tools Dashboard iQ ,~ APls API API Scanned wi th Camscanne r
Image of page 3
Report Generation Project/Tenant Reporting o Resource usage o Histori ca l instance creation and termination o Billing and costs ,- Downloadable HTML, comma-separated values (CSV), PDF formats Scanned with CamScanner
Image of page 4
Scanned wi th CamScanner
Image of page 5
Ju nos Control Adv Services Plane ( JCP /v RE) + Flow Process ing IMGD I RPD I + Packet FWD (JEXEC) 119t•M .,.~- -1~,l,ZP Single Sou r ced Codebase > CLI/Netconf/ RESTCONF nsd IPS flowd PacketlO Mgmt Appld Scanned with CamScanner System daemons /
Image of page 6
Network Security Evo lution Key developments o Artificial intelligence and machine learning enable security analysis To shift away from traditional static signatures To move toward behavior analysis of applications and network functions o Security threat designers hide security threats within codes o Bigdata Leverages and analyzes pools of security threat information to determine behaviors of the security threats and then real-time network patterns o Security threats are self-propagating, so the traditional model of identification is no more sufficient Automation Enables security threat remediation to take place at the speed of the systems that are infected Scanned with CamScanner
Image of page 7
OpenFlow 1.5 Previously, Open Flow flow processing was always done in the context of the packet ingress port. In Open Flow version 1.5, the addition of egress tables enables the processing of flows in the context of the output port When a packet is output to a port. the packet will be processed by the egress tables, which take some action or redirect the packet to another egress table. Open Flow had been an Ethernet-only protocol until version 1.5, when packet type identification was added to the specification. New type, length, and values (TLVs) were added that identify the packet type and can be used in matches and now acts as a prerequisite for header fields. The packet type field can be used in various other types of Open Flow protocol messages to identify their payload.
Image of page 8
Image of page 9

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture