Datacenter Design 1.0

8/17/2019 Datacenter Design 1.0

1/25

Saudi Telecom Company – STC

Saudi Telecom Company - STCSaudi Telecom Company - STC

Data Network Infrastructure ToolsData Network Infrastructure Tools

Jan, 2010

CONFIDENTIALITY NOTICE: This material contains inormation that is con!dential and proprietary to "uniper Net#or$s%Inc& E'cept as "uniper Net#or$s other#ise a(rees to in #ritin(% recipient may not disclose or distri)ute any portion o thismaterial to any third party% and recipient may use this material solely or inormational purposes&

Table of Contents

Table of Contents 2


2/25

Juniper Networks Data Center Infrastructure Solutions............6

Executive Summary................................................................................................6

Reduced Complexity..............................................................................................7

Fewer ayer! o" Connectivity................................................................................#

Support "or $i%& 'er"ormance and $i%& Re!iliency...........................................(

Juniper )ata Center *n"ra!tructure Solution +rc&itecture................................11

Juniper Financin% +dvanta%e..............................................................................12

&e Juniper -etwor! +dvanta%e.......................................................................12

Data Centre Reference Architecture................................................1/

)ata Center Con!olidation.................................................................................1/

State o" )ata Center oday ld e%acy )e!i%n............................................13

Juniper $i%& 'er"ormance )ata Center -etwor.............................................14Juniper )ata Center 5lueprint "or SC..............................................................14

ra""ic )e!cription...............................................................................................21

o%ical )e!i%n 'rotocol *nte%ration..............................................................22

)e!i%n +dvanta%e!.............................................................................................2/

Campus AN Reference Architecture...............................................24


3/25

Executive Summary

Juniper -etwor! * Solution &e *deal * Solution "or SC

uniper Net#or$s understands that the selection o ITe*uipment or the STC net#or$ is a strate(ic decisionessential in securin( your success #ith this pro+ect& Our

technolo(ical leadership and pro)lem,sol-in( a)ilities%com)ined #ith our e'perience and undamentalunderstandin( o your re*uirements% ena)le us to o.eryou compellin( competiti-e ad-anta(es―includin( theleast risk and best value.

"

"uniper Net#or$s proudly proposes the ollo#in( productsto meet and e'ceed your net#or$in( re*uirements:

• EX-Series

• MX-Series

• SRX-Series

• J-Series

• M-Series

/e )elie-e there are si(ni!cant di.erences in ourarchitecture% perormance% and unctionality that ma$eour solution the )est !t or the STC net#or$& Theproduction,pro-en a)ilities o "uniper Net#or$s platorms

pro-ide dependa)le% secure% ser-ice,rich capa)ilities that#ill ena)le you to deli-er the hi(h,*uality ser-ices thatyour customers re*uire& In addition% our comprehensi-eand 0e'i)le portolio o technical support% proessionalser-ices% and educational pro(rams #ill help youma'imi1e the -alue o your in-estment&

Junos Operating System: The Power of One

Deployed in the #orld2s leadin( ser-ice pro-ider% enterprise% and (o-ernment net#or$s% "unossot#are is the industry2s only carrier,class% purpose,)uilt 3pure I45 modular net#or$ operatin(system& "unos is undamentally di.erent rom other approaches on the mar$et―not only in itsdesi(n% )ut also in its de-elopment& /e reer to the "unos ad-anta(e as the power of one di.erentiation:


4/25

One operating system #ith a sin(le source )ase o code and a sin(le% consistent implementationor each control plane eature

One software release train e'tended throu(h a hi(hly disciplined and !rmly scheduledde-elopment process

One common modular software architecture that scales across all "unos platorms

"unos is desi(ned to maintain continuous systems and impro-e the a-aila)ility% perormance%and security o )usiness applications& "unos helps to automate net#or$ operations )y pro-idin(a sin(le consistent implementation o eatures across the net#or$ in a sin(le release train thatminimi1es comple'ity% cost% and ris$& This pro-ides net#or$ administrators #ith more time toinno-ate and deli-er ne# re-enue,(eneratin( applications&

The inherent security and sta)ility o "unos% com)ined #ith its modular architecture and sin(lecode source% pro-ides a pro-en oundation or deli-erin( )est,in,class perormance% relia)ility%security% scale% and total cost o o#nership&

"unos scales )oth up and do#n―rom customer,premise e*uipment to multi,tera)it core routers%pro-idin(:

A consistent operatin( en-ironment or many di.erent net#or$ operators

A consistent eature set that acilitates the creation% mana(ement% and deli-ery o ser-ices romed(e to core

4ro-en resiliency% as e-idenced )y 6ni!ed ISS6 support that uses the stateul reco-erycapa)ilities o nonstop acti-e routin(&

7any usa)ility eatures―particularly scriptin( and the a)ility to tie con!(urations to routin(instances and to selected interaces&

An open OS% includin( the 4artner Solution De-elopment 4latorm 84SD49% #hich ena)lescustomers and partners to de-elop speciali1ed applications le-era(in( "unos&

'er"ormance Enalin% Cu!tomer Service! and rainin%

"uniper Net#or$s Customer Ser-ices (i-e you the po#er to choose the ri(ht com)ination oser-ices to meet your e'act re*uirements& /or$in( #ith you% #e com)ine indi-idual ser-ice

elements to )uild a uni*ue ser-ices solution to help you cost,e.ecti-ely implement your net#or$and deli-er hi(h,-alue ser-ices to your users&

Consulting Services help you )uild% e'tend% or up(rade your net#or$& /e are uni*uely *uali!edto help you $eep your net#or$ protected% up,to,date% and perormin( at its )est&

Installation and Conguration Services help you o-ercome )arriers to creatin( and e'pandin(your net#or$% introduce products and ser-ices aster% and a-oid start,up and installation errorsor rapid return on your net#or$ in-estments&

Technical Services com)ine traditional support #ith the po#er o automation and personali1edser-ice& /e help you maintain a competiti-e ed(e% #ith net#or$s that stay up and perorm attheir )est―no matter #hat challen(es your )usiness en-ironment presents& Our #ide array o ",Care ser-ice o.erin(s includes the deli-ery o around,the,cloc$ technical assistance% /e),)ased

tools% sot#are support% and options or parts and onsite support&In addition% Juniper etworks !ducation Services ensure that you ha-e the $no#led(e and s$illsto deploy and maintain cost,e.ecti-e% hi(h perormance net#or$s% as #ell as demonstrate yourtechnical e'pertise―$eepin( you ahead o the technolo(y cur-e& Our e'pert trainin( sta. hasdeep technical and industry $no#led(e% and pro-ides you #ith instructor,led hands,on coursesas #ell as con-enient% sel,paced eLearnin( courses&

8reen9 +dvanta%e! "or Su!tainale $i%& 'er"ormance -etworin%

"uniper Net#or$s corporate citi1enship and sustaina)ility strate(y is the oundation ore-erythin( #e do& /e stri-e to utili1e the po#er o the hi(h perormance net#or$ to connect the(lo)al community and create a sustaina)le ener(y uture& Our community relations pro(rams

le-era(e technolo(y to support (lo)al education and help create opportunities or uture(enerations&

Our solutions support )usinesses communities and (o-ernments in their e.orts to ma'imi1e


5/25

o#nership& ;y creatin( ener(y,ecient products #ith a lon( lie% "uniper Net#or$s aims toreduce ener(y consumption and resource depletion& /e also #or$ #ithin standards )odies tode-elop eciency metrics crucial to the understandin( o net#or$ e*uipment ener(y usa(e or)usiness&

"uniper Net#or$s supports opportunities to help indi-iduals (ro# and sustain the communities in#hich #e operate& /e support community de-elopment% education% and +o) trainin( (lo)allythrou(h employee -olunteer pro(rams% corporate philanthropy% and the "uniper Net#or$sFoundation&

In addition% "uniper Net#or$s #or$s #ith li$e,minded companies% (o-ernments% andor(ani1ations to meet and oten e'ceed international standards or product desi(n% production%and #aste reduction& /e stri-e to lo#er our car)on ootprint% operate as eciently as possi)le%and minimi1e #aste production& Throu(h careul en(a(ement% #e also ensure that our supplychain ollo#s our sustaina)le )usiness practices& /e )elie-e in conductin( )usiness ethically%#ith inte(rity and (ood corporate (o-ernance& /e support a culture o di-ersity% pro-ideon(oin( employee trainin(% and o.er competiti-e compensation to our #or$orce&

&e Juniper -etwor! +dvanta%e

"uniper Net#or$s is the leader in hi(h perormance net#or$in(& Our customers include the top=%=== enterprises―includin( ?? o the @lo)al Fortune


6/25

Juniper Networks Data CenterInfrastructure Solutions

A Simpli!ed Data Center or the i(h,4erormance Enterprise

"uniper Net#or$s Data Center Inrastructure Solutions reduce comple'ity )y simpliyin(the net#or$& These solutions com)ine )est,in,class products #ith #ell,de!ned practicesdesi(ned or the enterprise& The traditional architecture is streamlined to reduce capitaland operatin( costs as #ell as simpliyin( data center operations and mana(ement&

"uniper Net#or$s also helps meet today2s increasin(ly demandin( 3(reen5re*uirements% as consolidated data centers need less e*uipment and use less po#er%

sa-in( additional operatin( dollars&

"uniper Net#or$s Data Center Inrastructure Solutions:

6se B less ener(y than alternati-e solutions

Occupy = less rac$ space

e*uire >= less coolin(

Girtual Chassis con!(uration reduces the num)er and mana(ement o top,o,rac$

access s#itches )y a actor o


7/25

Fe#er Layers o Connecti-ity: The data center is (reatly simpli!ed )y EJ,series

Ethernet s#itches #ith Girtual Chassis technolo(y& This technolo(y reduces s#itchports% lin$s% s#itches and a((re(ation layers #hile impro-in( perormance%resiliency and a-aila)ility usin( less e*uipment&

7ana(ed Space and 4o#er Costs: ;y simpliyin( the architecture and decreasin( the

num)er o de-ices% )usinesses can reduce po#er% space and coolin( e'penses tocreate a (reener% more ener(y,ecient data center&

Support or i(h 4erormance and i(h esiliency: Top,o,rac$ Ethernet s#itches

#ith Girtual Chassis technolo(y% Ethernet Ser-ices outers 8ESs9 and SJ ser-ices(ate#ays let or(ani1ations scale perormance and increase resiliency #hile reducin(the amount o e*uipment in the data center&

Net#or$ Security Ser-ices: SJ Dynamic Ser-ices @ate#ays deli-er inte(rated

ser-ices #ith data center re*uired scala)le perormance to consolidate net#or$security )y re*uirin( e#er de-ices and centrali1ed policy control and -isi)ility toimpro-e operational eciency in the data center&

Reduced Complexity

Le-era(in( the industry,leadin( "6NOS operatin( system% "uniper deli-ers anunprecedented le-el simplicity that no other -endor can match& 6nli$e other solutionsor security and net#or$in( in the data center that re*uires multiple operatin( systems%

"uniper pro-ides "6NOS as one operatin( system or security and net#or$ inrastructurein the data center& "6NOS is enhanced throu(h one release train and de-eloped )asedon one modular architecture to pro-ide e'tremely hi(h a-aila)ility& These undamentaldi.erences ensure on(oin( systems a-aila)ility% automate and simpliy data centeroperations% and allo# you to respond *uic$ly to rapid (ro#th and chan(e% #hilereducin( comple'ity% cost and ris$&

"uniper2s Net#or$ and Security 7ana(er 8NS79 ta$es a ne# approach to net#or$ andsecurity mana(ement )y pro-idin( IT departments #ith an easy,to,use solution thatcontrols all aspects o "uniper routin(% s#itchin(% !re#allKG4N and Intrusion Detectionand 4re-ention 8ID49 de-ices% includin( de-ice con!(uration% net#or$ settin(s% andsecurity policy mana(ement&

6nli$e solutions that re*uire the use o multiple mana(ement tools to control a sin(lede-ice% NS7 not only ena)les IT departments to control the entire de-ice liecycle #itha sin(le% centrali1ed solution )ut also pro-ides -isi)ility #ith a complete set oin-esti(ati-e and reportin( tools& 6sin( NS7% de-ice technicians% net#or$administrators% and security administrators can #or$ to(ether to impro-e mana(ementeciency and security% reduce o-erhead% and lo#er operatin( costs&

"uniper also reduces data center comple'ity )y -irtuali1in( security ser-ices orimpro-ed eciency% mana(ement and threat containment& Other -endors re*uire youto install se-eral security appliances andKor )lades into e-ery s#itch in the a((re(ationlayer& The result is inrastructure spra#l% underutili1ation o resources% and hi(her po#erand coolin( costs&

"uniper ta$es a completely di.erent approach& "uniper2s inte(rated !re#allKG4N securitysolution lets you partition the net#or$ into multiple% independent -irtual systems that


8/25

appliance& a-in( e#er physical !re#all de-ices simpli!es mana(ement and reportin(%sa-es space% and lo#ers capital and operatin( costs% #hile addressin( the pro)lem oe*uipment spra#l #ithout sacri!cin( perormance% relia)ility or a-aila)ility& "uniper2suni*ue and modular system architecture pro-ides resiliency and hi(h relia)ility&

Fewer ayer! o" Connectivity

Data center consolidation and ser-er -irtuali1ation address the costs associated #ithpo#er% rac$ space% coolin( and utili1ation o ser-er arms% )ut do not address the datacenter net#or$ inrastructure& "uniper is the only -endor to address this #ith the EJM== series Ethernet s#itch and its Girtual Chassis technolo(y& Interconnected EJ M==s#itches act as a sin(le lo(ical de-ice% sharin( a common operatin( system andcon!(uration !le the Girtual Chassis con!(uration is mana(ed and operates li$e achassis,)ased system% (reatly simpliyin( system operations% maintenance andtrou)leshootin(&

In top,o,rac$ deployments% stac$a)le s#itches are deployed in pairs at the top o eachser-er rac$ or redundancy% hi(h a-aila)ility and sucient @i(a)it Ethernet portdensities or ser-er connecti-ity& /ith EJ M== series s#itches in the data center% up to


9/25

re*uires >= percent less coolin(% and ta$es up hal the physical space o competiti-eplatorms& Additionally% the 7J series carrier Ethernet routin( and s#itchin( amilyo.ers ener(y,ecient carrier,class Ethernet solutions that are M& to > times morepo#er ecient than alternati-e products&

"uniper also consolidates security in the data center% re*uirin( e#er security de-ices tourther reduce ener(y consumption and coolin( demands& SJ Ser-ices @ate#ays

consolidate !re#all% intrusion pre-ention systems 8I4S9% Net#or$ Access Control 8NAC9%DoSKDDoS attac$ protection% Net#or$ Address Translation 8NAT9% dynamic routin(% anduality o Ser-ice 8oS9 into one platorm runnin( on the "6NOS operatin( system& Atthe same time% "uniper2s Inte(rated Ser-ices @ate#ay 8IS@9 consolidates data centersecurity )y com)inin( !re#all #ith inte(rated ID4 and G4N&

Support "or $i%& 'er"ormance and $i%& Re!iliency

"uniper2s top,o,rac$ EJ,series Ethernet s#itches #ith Girtual Chassis technolo(y% 7J,series Ethernet Ser-ices outers 8ESs9 and SJ Ser-ices @ate#ays allo# or(ani1ationsto scale #hile reducin( po#er consumption and the amount o e*uipment needed inthe data center – #ithout sacri!cin( perormance and resiliency& No other -endorcom)ines these po#erul capa)ilities into one seamless and uni!ed data centerinrastructure solution&

Juniper '(%series switches, )( 'thernet Services *outers and S*( Services +ateways leverage much of the

same field%proven Juniper technology including high%performance application%specific integrated circuits

-ASICs., system architecture and J/01S2 software that power the world3s 45 largest service provider

networ&s!

"uniper is no# e'tendin( these carrier,class capa)ilities to enterprise data centers& Fore'ample% EJ,series s#itches and 7J,series routers o.er carrier,(rade redundancy toensure resiliency and uptime in the data center& In addition to redundant hot,s#appa)lepo#er supplies and !eld replacea)le an trays% EJ,series s#itches and 7J,series routerssupport dynamic lin$ a((re(ation )ased on the =M&>ad standard as #ell as redundantroute en(ines that ena)le non,stop routin( and in,ser-ice sot#are updates&

EJ,series s#itches and 7J,series routers also eature redundant hard#are architecturesor true carrier,class resiliency& The routin( en(ines and the or#ardin( en(ines arephysically separate entities% each #ith their o#n processors and memory& As a result%e-ents that place hi(h demands on the control plane% such as hea-y net#or$ chan(es%

do not impact the or#ardin( perormance& Li$e#ise% periods o hea-y trac loads thatplace hi(h demands on the or#ardin( plane do not a.ect control plane perormance&

4ro-en hi(h,a-aila)ility eatures and unctionality ha-e )een included in the desi(n othe SJ Ser-ices @ate#ays rom pre-ious "uniper platorms& The SJ architectureeatures independent control and data planes #ith a passi-e )ac$plane% redundants#itchin( a)ric 8


10/25

protected memory space& A ailure or )u( in one module does not cause a system,#ideailure% (reatly impro-in( the relia)ility o the entire system&

In addition% the "6NOS core de-elopment principle o a sin(le release train% no separateeature pac$a(es% no 3customer specials%5 and a sin(le sot#are ima(e or all platormsallo# careul and thorou(h re(ression testin( o all ne# code de-elopments )eore theyreach the customer% resultin( in a amously relia)le operatin( system&


11/25

Juniper )ata Center *n"ra!tructure Solution +rc&itecture

"uniper EJ M== series s#itches unction as a top,o,rac$ s#itch in data center

application ser-er rac$s& These s#itches a((re(ate application ser-ers and reduceports% lin$s and a((re(ation s#itches #ith the inno-ati-e EJ,series Girtual Chassiscon!(uration&

"uniper 7J,series Ethernet Ser-ices outers unction as ully redundant% hi(h,

perormance data center net#or$ core and a((re(ation layer M and layer > de-ices&It ena)les -irtuali1ation o net#or$ resources and accommodates the need or-irtual machine mo-es across routed se(ments&

"uniper SJ Ser-ices @ate#ays scale to o-er = @)ps o I4S throu(hput% ma$in( this the astest inte(rated ser-ices !re#allplatorm in the #orld& The SJ also ena)les identity mana(ement% centrali1ed policycontrol and additional security ser-ices&

The Inte(rated Ser-ices @ate#ay 8IS@


12/25

"uniper Net#or$ and Security 7ana(er 8NS79 is an easy,to,use solution to control all

aspects o "uniper !re#allKG4N% Secure Access 8SSL9% Inranet Controller 8IC9% ",series%EJ s#itches and ID4 de-ices% includin( de-ice con!(uration% net#or$ settin(s% andsecurity policy mana(ement&

Security Threat esponse 7ana(er 8ST79 supports e-ent reportin( and correlation

across the data center& /AN Acceleration 8/JK/JC9 accelerates applications deli-ered o-er the /AN to

remote oces and users&

Juniper Financin% +dvanta%e

"uniper helps companies and or(ani1ations *uic$ly and cost,e.ecti-ely ena)le a hi(h,perormance )usiness throu(h its !nancin( pro(ram% "uniper Financin( Ad-anta(e 8"FA9&

The "FA pro(ram is made possi)le throu(h an a(reement )et#een "uniper and I;7@lo)al Financin(% #hich has M years o e'perience in IT !nancin(&

From ac*uisition throu(h daily use and disposal% "uniper Financin( Ad-anta(e can help:Q Turn lar(e up,ront costs into an a.orda)le and predicta)le monthly payment

Q 4reser-e your cash and credit lines or strate(ic in-estmentsQ 7inimi1e the ris$ o technolo(y o)solescenceQ 7ana(e all e*uipment recyclin( and disposal in an en-ironmentally,riendly manner

&e Juniper -etwor! +dvanta%e

Juniper 0etwor&s was founded in 6 with a singular aim 7 to li$erate the networ& from the severe

constraints imposed on it $y availa$le technologies! 8ith Juniper 0etwor&s, for the first time, operators had

the means to $uild networ&s that were freed from the traditional compromise $etween performance,

intelligence, and scale! "oday, Juniper 0etwor&s delivers a wide range of solutions $ased on purpose%$uilt

technology that support the comple# scale and performance reuirements of the world3s largest and most

demanding networ&s!

Juniper 0etwor&s is recogni9ed as a center of e#cellence in the development of software, hardware, and

silicon technology that support high performance, intelligent networ&s! Juniper 0etwor&s com$ines all three

disciplines to offer intelligent merging of traffic $etween optical $ac&$ones and legacy enterprise routers!

Juniper 0etwor&s glo$al customer $ase is large and diverse, insuring our continued presence within this

mar&et! 1ur customers include government agencies, service providers, mo$ile and ca$le providers, glo$al

:""s, *esearch and 'ducation entities, and information enterprises!

Juniper 0etwor&s e#ecutive team delivers dynamic leadership and successful management e#perience,

reflecting the latest management thin&ing! ;rom a financial standpoint, Juniper 0etwor&s continues to focus

on our o$


13/25

Data Centre Reference Architecture

)ata Center Con!olidation

A continuin( enterprise trend is the consolidation o data centers and the centrali1ationo ser-er resources #ithin the data center&

Data center consolidation is t#o,old% !rstly the Enterprise inrastructures ha-e (ro#nconsidera)ly and ha-e deployed company data assets in a lar(e num)er o locations&

This has ollo#ed the (lo)ali1ation trend o the re*uirement to conduct )usiness on a

(lo)al scale% openin( oce locations remote rom the traditional corporate &Additionally% ac*uisitions ha-e increased the (eo(raphic scope o enterprises% #ithcom)ined company data assets distri)uted o-er multiple locations& In order to reduceoperational costs 8securin( and adherin( to compliance – )e they re(ulatory orother#ise9 and mana(ement o-erheads associated #ith dispersed corporate dataassets% a mo-e to consolidate these resources into e#er% lar(er locations is an on(oin(trend& Data resources are mo-ed rom multiple data center locations into e#er% lar(erdata centers #ith (lo)al access to users&

Secondly% the num)er o users accessin( the corporate data resources has shited romusers in corporate or re(ional oce locations to a trend to#ards smaller )ranchoce or remote #or$er locations& In addition to this shit o employees a#ay romcorporate data resources% there are re*uirements to allo# access to partners and(uests& In order to ease mana(ement o the net#or$% pro-ide consistent access to anyuser% any#here% at anytime% a physical simpli!cation o the corporate data resources isre*uired& Ser-ers pre-iously located in re(ional or )ranch oce locations ha-e )eencentrali1ed into the data center en-ironment&

Ne# data centers are )uilt as part o the consolidation trend% #here it is not possi)le to(ro# #ithin any o the e'istin( data centers& The limits to (ro#th #ithin e'istin( DCscould arise rom – lac$ o support in the acilities inrastructure to house more po#er,hun(ry de-ices andKor to cool them% lac$ o a)ility to deli-er more po#er to the e'istin(acilities% cheaper po#er and real estate or data center )uildout outside o the ma+or

metro areas etc&

The relia)ility and impro-in( economics o #ide,area communication is helpin( thetrend in the increase in mo)ile #or$ers& These mo)ile #or$ers #ill no# accessapplications in the consolidated Data Centers usin( their client de-ices&

In Summary% Enterprise R ser-ice pro-iders are loo$in( or consolidatin( DCs or theollo#in( reasons:

Lo#er cost o po#er and real estateH= less outside ma+or metro areas

Ne# acilities #ith latest construction% po#er and coolin( technolo(ies

Easier to secure and ul!ll compliance in e#er locations


14/25

State o" )ata Center oday ld e%acy )e!i%n

The dra#in( )elo# depicts the current and old le(acy desi(n layers:

As the data centers ha-e e-ol-ed% customers may e'perience one or more o theollo#in( issues #ith their data center inrastructures R Desi(n:

Too much power- increasin( num)ers o de-ices dra# more po#er& As the cost

o po#er increases and in some cases% is monitored and limited in locations%customers ha-e )ecome more sensiti-e to po#er and coolin( speci!cations#ithin the data center

Space, a(ain% more de-ices e*uates to more rac$s as #ell as the silo

architecture deployments means an inecient use o rac$ space& Cost o 0oorspace in the data center )ecomes a concern as IT attempts to dri-e do#n thecost o operatin( the net#or$&

Comple! to mana"e- multiple deployed instances #ith a -ariety o -endor

components has resulted in numerous operatin( systems&

#ro$isionin" time- as a result o numerous operatin( systems and

mana(ement applications% )rin(in( up a ne# application or a ne# rac$ o ser-ershas )ecome time,consumin( and o-erly comple'&

Too many de$ices- resultin( in increased po#er increased coolin(% architecture

comple'ity% increased space, all resultin( in increased o-erhead&

Too many connections- as ser-er utili1ation increases% le(acy net#or$

inrastructure de-ices pro-e incapable o maintainin( the user e'perience%resultin( in lost producti-ity& @reater num)ers o ports and )and#idth arere*uired to support the )usiness% increasin( comple'ity&

#oor a$ailability- le(acy de-ices are not up to today2s hi(h a-aila)ility

standards% resultin( in lost producti-ity&

;and,Aid mentality to security, separate appliances #ith a multitude o operatin(

systems are deployed in numerous locations across the data centerinrastructure& /ritin( and deployin( consistent policies across a di-erse ran(eo products is comple' and not cost,e.ecti-e&


15/25

Too many operatin" systems- e*uirin( increased administrator $no#led(e%

increased tome to con%"ure and maintain% and inhi)itin( )usiness speed and0e'i)ility& Each operatin( system in turn has a set o releases re*uirin(mana(ement&

Juniper $i%& 'er"ormance )ata Center -etwor

"uniper2s i(h 4erormance Net#or$ or the data center sol-es customer2s issues in the

data center #ith a simpli!ed architecture% reducin( not only capital costs% )utoperational costs throu(h the simpli!cation o operations and mana(ement o theinrastructure& Additionally% simpli!cation o the net#or$ architecture results in lesspo#er and coolin( re*uirements to sa-e additional operatin( dollars& "uniper2s desi(ntenants o hi(h,perormance% hi(hly scala)le% inte(rated platorms operatin( under asin(le operatin( system #ith a sin(le mana(ement inrastructure ena)le customers toma'imi1e producti-ity at a minimal cost&

The dra#in( )elo# summari1es ho# "uniper platorms address the pre-ious mentionedde!ciencies o old le(acy desi(n R inrastructure:

Juniper )ata Center 5lueprint "or SC

The dra#in( )elo# depicts the DC desi(n layers proposed in our solution:


16/25

&

The proposed access desi(n #ill )e the same #ay in all three DC2s% #here EJ mem)ersare part o sin(le Girtual,Chassis connected to(ether -ia GC,ports e'ists% GC desi(nsupports )oth desi(n as illustrated )elo#:


17/25

Due to the 0e'i)ility o GC technolo(y% the GC connections )et#een mem)ers can )edone either )y the )uilt,in M'B@ GC ports andKor #ith the


18/25


19/25

Core ayer

"uniper proposes 7J?B= as Core Data Center or all models only the num)er o

ser-icessuch as GLANKtransparent LAN% LMKL> G4Ns% Goice o-er I4 and Gideo o-erI4o-er Ethernet #ith the a)ility to pro-ide (uaranteed SLAs&

Ser-ice 0e'i)ilty – "uniper Net#or$s Carrier Ethernet portolio le-era(es the industry

leadin( "6NOS operatin( system that po#ers o-er M%=== "uniper Net#or$s 7, and T,series routers currently deployed in hundreds o ser-ice pro-ider net#or$s#orld#ide& "6NOS pro-ides the 7J?B= #ith eature richness% sta)ility% and ser-ice)readth not typically ound in Carrier Ethernet platorms&

Simple non,disrupti-e deployment – 6tili1in( the same "6NOS operatin( system%

"uniper Net#or$s Ethernet portolio ena)les ser-ice pro-iders to immediately ta$e


20/25

ad-anta(e o the latest Ethernet technolo(y #ithout the cost and ris$s associated#ith introducin( a ne# operatin( system to the net#or$&

The 7J?B= pro-ides up to t#el-e = @)ps slots in a sin(le chassis and supports "uniperNet#or$s ne# D4C cards allo#in( customers to ta$e ad-anta(e o unprecedented portdensityup to = @i(a)it Ethernet ports and ports o

/irewalls 6 ID#

7AN Routers M M ,

Core-Core links M M M

Total No3 of +* M=


21/25

ra""ic )e!cription

eerence to the proposed solution or all models% the dra#in( )elo# #ill )e used todemonstrate the trac 0o# in the net#or$:

Accordin( to the meetin( #ith Security department% and study the security policy #ithinSTC% #e can classiy the trac into the ollo#in(:

Intra GLAN trac

Inter GLAN trac

Inter Girtual Fire#all trac

*ntra


22/25

There mi(ht )e t#o actions here depend on security purposes:

I the communicatin( GLAN2s )elon( to the same security 1one and they are allo#ed

to communicate directly% then communication #ill occur usin( L> interace on the7J% other#ise intra,1one communication can )e achie-ed rom the !re#all itsel&

I the communicatin( GLAN2s )elon( to the di.erent security 1one% then

communication has to )e done throu(h the !re#all&

*nter Firewall tra""ic

Description: This is the trac )et#een t#o di.erent GLAN2s that )elon(s to di.erentGirtual Fire#all 8Conte't9&

This trac has to cross the -irtual !re#all to the Core 87J9% then to the other -irtual!re#alls&

o%ical )e!i%n 'rotocol *nte%ration

The dra#in( )elo# depicts the lo(ical desi(n o the net#or$ desi(n% and this section #ill

illustrate ho# 74LS )et#een Core s#itches #ill )e used to separate the trac )et#eenGLAN2s&

Inter-VLAN – within Virtual Router

#ants to communicate #ith ser-er in GLanU 8sameGirtual outer% di.erent or same Security Vones9&


23/25

M& 6se G4LS multi,homin( techni*ues to multi,home a GLAN on Girtual,Chassis to t#odi.erent Core s#itches&

>& No spannin( tree in G4LS case% the core s#itches #ill )e con!(ured so one o thes#itches #ill )e or#ardin( site or GLAN and the other s#itch as ;ac$up&

& Girtual,Fire#all #ill ha-e t#o GLAN2s )elon( to t#o di.erent G4LS instance% so this(uarantees the LM separation )et#een GLAN2s&

& ;y Con!(uration% the !re#all connected to the or#ardin( Core s#itch #ill )e

con!(ured to )e acti-e !re#all and the second #ill )e stand)y&B& Acti-eKActi-e desi(n or the !re#alls is also achie-a)le% )y con!(urin( the !re#all in

acti-e or one -irtual,!re#alls and stand)y or the others&

& i(h A-aila)ility upon ailure o:

6plin$ lin$ )et#een the Access layer 8Girtual,Chassis9 R the or#ardin( core

s#itch: in this case the 74LS #ill disco-er the ailure o the interace and theother Core s#itch #ill )e the or#ardin( s#itch or those GLAN2s% then the trac#ill cross the inter,core s#itch lin$s to reach the !re#all&

Acti-e Fire#all ailure or lin$ ailure on the acti-e !re#all: the !re#all #ill ail to

the stand)y !re#all% and the trac #ill cross the lin$s )et#een the core s#itches

to reach the stand)y !re#all&

Core,S#itch Failure: G4LS sites #ill )e or#ardin( on the second core and the

!re#all #ill also ailo-er as #ell% so trac #ill continue&

& Load)alancer #ill )e connected to the core s#itches% and #ill )e con!(ured in a#aythat GLAN #ill )e mapped to the correspondin( G4LS% so that it has direct access tothe ser-ers&

?& The outside interace 81one9 o the !re#all #ill )e con!(ured to )elon( to GF ore-en to (lo)al routin( ta)le&


24/25

elia)le desi(n dependin( on mature operatin( systems and platorms&

A)ility to pro-ide any -irtuali1ation R communication matri' )et#een LM R L>

domains% or e'ample i LM communication is re*uired )et#een any t#o GLAN2s%then G4LS o-erlappin( can )e con!(ured so that 7AC can )e lea$ed )et#een theinstances to achie-e this&

Fle'i)le desi(n% or e'ample i LM communication is re*uired )et#een t#o Data

Centers or some applications that still re*uire LM% 74LS #ill help STC to e'tend the

G4LS )et#een t#o DC% as sho#n )elo#:

Access s#itches does also support GF,lite 8-irtuali1ation9 to separate the GLAN2s at

access i re*uired&

Trac )et#een ser-ers #ithin the same GLAN% can )e achie-ed )y con!(urin(

pri-ate GLAN2s and allo# communication #ith !re#alls only&

Scala)le Desi(n% the core has more than B= ree or uture e'pansion% GC has >=

ree or addin( additional mem)ers and the core s#itches can accommodate morethan M GC2s 8X


25/25

Campus AN Reference Architecture

4lease reer to the ollo#in( documents or details:

• Campus LAN Desi(n @uide&pd

• Campus Net#or$s eerence Architecture&pd

• Distri)uted Enterprise Solutions&pd

• EJ,Series Ethernet S#itches Solution ;rie&pd

• Deployin( I4 Telephony #ith "uniper Net#or$s EJ Series Ethernet S#itches&pd

• Data Center M Cloud Computin(&pd

Documents

Datacenter Design 1.0