Juniper upgrades its intent-based software to embrace edge deployments

Juniper Networks has added features to it’s Apstra intent-based networking software it says will help customers secure and support smaller data centers at distributed edge networks. 

The Apstra software keeps a real-time repository of configuration, telemetry, and validation information to ensure the network is doing what IT teams want it to do.

The software includes automation to provide consistent network and security policies for workloads across physical and virtual infrastructures. In addition, its baked-in analytics performs regular network checks to safeguard configurations. 

Typically deployed in larger data centers, Apstra is now suitable for edge data centers, branche offices, and colocation facilities that don’t need the scale a large, centralized data centers.

This means enterprises can overlay flexible Ethernet VPN-Virtual Extensible LANs (EVPN-VXLAN) on top of their physical networks in a configuration made up of only two leaf switches. Additionally, teams can add access switches to the architectue whenever needed. Apstra automatically registers the new devices and applies pre-validated configurations, wrote Mansour Karam, founder and president of Apstra in a blog about the announcement.

Other use cases include better support for industrial automation and augmented reality, which are driving a need to bring data processing closer to the end user to minimize application latency, Karam stated. 

Processing data at the edge can save substantial networking costs by eliminating the need to send traffic back to centralized cloud data centers, Karam stated.

“What Juniper wants to do, spreading the Apstra intelligence and automation to smaller, edge environments makes sense because some of these edge settings are basically mini data centers, where you don’t want to put key IT resources,” said Brad Casemore , IDC research vice president, data center networks.

“That actually weakens the business case for doing edge computing  if you’re going to have to put a bunch of IT people in those places.”

While spreading the intelligence to edge resources is one goal of this Apstra release, extending security to those resources is another. Apstra utilizes a variety of products in Juniper’s Connected Security portfolio, including threat intelligence, workload protection, security audit trails, and templates customers can use for securing the data center.

To those capabilities, Juniper added support for security-policy assurance that features new segmentation capabilities. The idea is to let customers build and apply enterprise security policies centrallly and have them distributed across the network. Apstra can detect security-policy conflicts and duplicated rules, alerting users with suggestions for resolution, Karam stated.

While expanding the role Apstra plays in enterprise environments is the ultimate goal for Juniper, making that process easier for customers is another. 

With that in mind Juniper also added a professional service group called Apstra Deployment and Migration that will help customers migrate or build new Apstra-based environments.

“With IT requirements evolving at an unprecedented rate, constant data center deployments and migrations are inevitable. In addition, the number of data centers in use frequently changes, either increasing due to natural IT growth or acquisitions, or decreasing when older data centers are decommissioned or businesses divest themselves of certain IT requirements or applications,” Karam stated. “These deployments and migrations can be challenging, expensive, and resource intensive. But they don’t have to be.”

Professional services are important especially in new environments where enterprises don’t have as many experts on staff, Casemore said. “This is an effort on Juniper’s part to eliminate concerns and inhibitions and reduce risk for the customer,” he said.