Juniper Networks has added features to it’s Apstra intent-based networking software in a move designed to help customers secure and support smaller data centres at distributed edge networks.
The Apstra software keeps a real-time repository of configuration, telemetry, and validation information to ensure the network is doing what IT teams want it to do.
The software includes automation to provide consistent network and security policies for workloads across physical and virtual infrastructures. In addition, its baked-in analytics performs regular network checks to safeguard configurations.
Typically deployed in larger data centres, Apstra is now suitable for edge data centres, branch offices, and colocation facilities that don’t need the scale a large, centralised data centres.
This means enterprises can overlay flexible Ethernet VPN-Virtual Extensible LANs (EVPN-VXLAN) on top of their physical networks in a configuration made up of only two leaf switches. Additionally, teams can add access switches to the architecture whenever needed.
Apstra automatically registers the new devices and applies pre-validated configurations, wrote Mansour Karam, founder and president of Apstra in a blog about the announcement.
Other use cases include better support for industrial automation and augmented reality, which are driving a need to bring data processing closer to the end user to minimise application latency, Karam stated.
Processing data at the edge can save substantial networking costs by eliminating the need to send traffic back to centralised cloud data centres, Karam stated.
“What Juniper wants to do, spreading the Apstra intelligence and automation to smaller, edge environments makes sense because some of these edge settings are basically mini data centres, where you don't want to put key IT resources,” said Brad Casemore, IDC research vice president, data centre networks.
“That actually weakens the business case for doing edge computing if you're going to have to put a bunch of IT people in those places.”
While spreading the intelligence to edge resources is one goal of this Apstra release, extending security to those resources is another. Apstra utilises a variety of products in Juniper’s Connected Security portfolio, including threat intelligence, workload protection, security audit trails, and templates customers can use for securing the data centre.
To those capabilities, Juniper added support for security-policy assurance that features new segmentation capabilities.
The idea is to let customers build and apply enterprise security policies centrally and have them distributed across the network. Apstra can detect security-policy conflicts and duplicated rules, alerting users with suggestions for resolution, Karam stated.
While expanding the role Apstra plays in enterprise environments is the ultimate goal for Juniper, making that process easier for customers is another.
"With IT requirements evolving at an unprecedented rate, constant data centre deployments and migrations are inevitable," Karam stated. "In addition, the number of data centres in use frequently changes, either increasing due to natural IT growth or acquisitions, or decreasing when older data centres are decommissioned or businesses divest themselves of certain IT requirements or applications.
"These deployments and migrations can be challenging, expensive, and resource intensive. But they don’t have to be."
Professional services are important especially in new environments where enterprises don't have as many experts on staff, Casemore said. “This is an effort on Juniper’s part to eliminate concerns and inhibitions and reduce risk for the customer,” he said.