Juniper Networks wants to assure the enterprise that the company is serious about the campus. The company’s most recent product announcements are meant to signal its commitment to campus networking, and hint at its longer-term strategy.
However, if Juniper really wants to be successful here, the company has to make up ground in wireless and SD-WAN.
EVPN And VXLAN In The Campus
Today’s Juniper announcement aims to unify data center and campus operations by extending Juniper’s data center fabric, which is based on EVPN and VXLAN, to campus networks.
To that end, the company is releasing a new campus switch.
The EX4650 is a 25/100GbE access switch that supports EVPN and VXLAN. Juniper positions it as a complement to the EX9000 campus core switch, which already supports the two protocols.
Juniper says extending an EVPN/VXLAN fabric to the campus is one piece of a larger architectural vision of building an enterprise-wide fabric.
“You can use VXLAN for L2 applications, but use EVPN as the control plane across the fabric, with the objective of providing a common architecture across the campus and the data center,” said Michael Bushong, VP of Cloud and Enterprise Marketing, in an interview.
He noted that Juniper knows that if it wants to compete in the enterprise, it has to be able to insert itself into a multivendor environment. By embracing open protocols such as EVPN and VXLAN, Juniper hopes to make that insertion a little easier.
“As a challenger brand we can’t tell you to replace every switch in your infrastructure,” said Bushong. “We’re trying to push out interoperable protocols to insert beside Cisco and other vendors.”
“Using common technologies and topologies puts us in a better position to unify policy, management and control.”
However, there are other components required for Juniper to realize its full vision of a unified enterprise fabric, and those components are still forthcoming.
To my mind, that makes this announcement more about being a sign of its campus commitment rather than a substantial product release. It’s also to indicate to customers that something more substantial for the campus is probably coming down the pike.
The company also announced enhancements to its Contrail SD-WAN portfolio, including the ability to measure link performance and direct applications to the best-performing link, as well as the ability to run SD-WAN branch devices in active-active pairs.
Juniper says it has added “Application Quality of Experience” to its SD-WAN devices. The devices probe branch links to measure latency, jitter, and other performance metrics. Based on those measurements, administrators can set policies to move an application from link A to link B if the performance quality of link A falls below a desired threshold.
The company also announced that its NFX and SRX branch devices can be paired in active-active clusters. Rather than have one device in standby, customers can use both devices simultaneously while also being able to fail over quickly should one device go down.
One Ring To Rule Them All
You can see the big networking companies all lumbering toward a grand unified theory of operations, management, and orchestration for the enterprise network, one that encompasses the data center, the campus, the WAN, and the cloud.
Cisco is headed that way with SD-Access, DNA Center, ISE, ACI, and Viptela. VMware wants to string it all together through NSX and VeloCloud. Aruba Networks rolled out a campus chassis switch last year, and this year announced an SD-WAN/branch management solution. Even Arista is getting in on the act by extending into the campus.
And now Juniper is moving its own pieces into position.
I think Juniper is right to recognize it will have to exist in a multivendor environment, and so maybe it aims to play the role of uber-controller, selling you the software (along with the occasional switch or router) that handles operations, orchestration, management, monitoring, and policy.
One problem for Juniper is that for a long time the company has had a wireless-sized hole in its campus portfolio.
The wireless layer is a key enforcement point for access and security policies, so any enterprise-wide management and orchestration platform needs hooks into wireless (and wired) access control. In addition, APs gather valuable data on application usage and network performance that can inform monitoring, troubleshooting, and policy enforcement.
Now Juniper is taking steps to fill that hole. The company has announced a reseller agreement with Aerohive Networks, including the integration of Juniper Sky Enterprise, its cloud-based network management offering, with Aerohive’s Cloud Services APIs and HiveManager Network Management System.
Juniper says the reseller agreement enables it “to provide a unified cloud managed campus and branch networking solution from Ethernet switches to wireless access points.”
I think this reseller agreement aligns with Juniper’s strategy of finding ways to insert itself into multivendor environments.
However, wireless is so integral to the campus that I think if Juniper is really serious about being a campus player, it needs to have a legitimate contender to to Aruba’s ClearPass and Cisco’s ISE. It shouldn’t just rely on reseller agreements and partnerships in this area—it needs to control its own destiny.
I also feel like Juniper has fumbled SD-WAN. The company has built its SD-WAN strategy around service providers, in the hopes that providers will help drive Juniper’s presence in the market.
As Fierce Telecom reported in May 2018, Juniper CEO Rami Rahim said on an earnings call “We are initially targeting our service provider customers as a way of enabling them to go after the SD-WAN market opportunity. That way we get to leverage the great relationships we have with our service providers.”
“We also can leverage their go-to-market muscle that can complement our own in going after the enterprise end users.”
To my mind, that strategy has made Juniper an also-ran in the SD-WAN market. Perhaps that status will change over time as service providers and telcos build out their SD-WAN offerings.
In the meantime, Cisco, VMware, Silver Peak, Aryaka and others aren’t waiting for service providers. Instead they are locking up revenue and market share today.