1. Copyright 2015 Juniper Networks, Inc.1 2015610 2. Copyright 2015 Juniper Networks, Inc.2 Copyright 2015 Juniper Networks, Inc. LegalDisclaimer: Thisstatementofproductdirec7on(formerlycalledroadmap)setsforthJuniper Networks'currentinten7on,andissubjecttochangeatany7mewithoutno7ce.No purchasesarecon7ngentuponJuniperNetworksdeliveringanyfeatureor func7onalitydepictedonthisstatement. 3. Copyright 2015 Juniper Networks, Inc.3 4. Copyright 2015 Juniper Networks, Inc.4 ! 19962 ! ! CEO ! ) ! 9,600+ ! 47(2014) 19993 3-20-2 45F 130 5. Copyright 2015 Juniper Networks, Inc.5 NW & 6. Copyright 2015 Juniper Networks, Inc.6 RAND RAND10 7. Copyright 2015 Juniper Networks, Inc.7 2016 10% 100% 10%VPN/FW 2015 20%IT 2015 20 20% 10 100 8. Copyright 2015 Juniper Networks, Inc.8 0% 20% 40% 60% 80% 75% 74% 74% 73% 71% 69% 68% 67% 65% 60% Improveperformanceofvirtual infrastructure Decreasecostofdeployingsecurity Consistentsecurityacrossvirtual& non-virtualenvironments MaintainsecureserverconguraGon Increasemanageabilityofsecurity Preventinter-virtualmachineaKacks Preventnewthreatsthatarespecicto virtualenvironments AddanaddiGonallayerofsecurity Gainvisibilityintovirtualinfrastructure NeedsecuritysoluGonscompaGble withSDNrollout 1. 2. 3. Protectvirtualizedservers DeploysoluGonssupporGngmoretotaland concurrentsessions Regulatoryrequirements AddnewthreatprotecGontechnologies Upgradesecurityproductstomatchnetwork performance Upgradetohighspeednetworkinterfacesonsecurity appliances PreventnewDDoSaKacks NeedtoincreasemulG-funcGonsecurity performance Consolidatesecuritytechnologiesintofewer plaTorms Movetocloud/hybrid-cloudarchitecture Environmentalconcerns AddsupportforIPv6 NeedsecuritysoluGonscompaGblewithSDN rollout 0% 20% 40% 60% 80% 78% 77% 74% 73% 70% 69% 68% 63% 62% 61% 3. 59% 57% 60% 2. 1. InfoneGcsResearch,2014 NOTE:ThisgraphonlyreectsthepercentageofrespondentswhogavearaGngof6or7(1meansnotadriver,7meansdenitelyadriver) 9. Copyright 2015 Juniper Networks, Inc.9 vSRX 10. Copyright 2015 Juniper Networks, Inc.10 vSRX UTM(IPS/FullAnG-virus/AnG-spam/Web-ltering/Content-ltering) APPSecure2.0 JunosOSVPN SRXA/ AA/PHA(VMware/KVM) 11. Copyright 2015 Juniper Networks, Inc.11 SRX-vSRX JunosSDK Junos Firewall VPN NAT Rou7ng An7-Virus IDP WebFiltering An7-Spam AppID AppFW AppQoS AppTrack JunosSpaceSecurityDirector&VirtualDirector,CLI,JWEB,SNMP,HA/FT 12. Copyright 2015 Juniper Networks, Inc.12 vSRX (20155) Firewall(UDP1514Bputs) 4.6Gbps 3.6Gbps Firewall(IMIX) 1.1Gbps 221Mbps FirewallRampRate(TCP) 22KCPS 9KCPS FirewallLatency(512BUDP) 107MicroSec 114MicroSec FirewallIPv6(UDP512Bpkts) 1.46Gbps 374Mbps NAT(UDP1514Bpkts) 4.4Gbps 981Mbps NAT(IMIX) 1.1Gbps 218Mbps NATRampRate(TCP) 19KCPS 8KCPS IPSec(3DES+SHA1,1514B) 294Mbps 195Mbps IPSec(3DES+SHA1,IMIX) 132Mbps 99Mbps IPSec(3DES+SHA1,64B) 50Mbps 25Mbps IKERate(3DES+SHA1,V1or2) 71Tunnels/Sec 48Tunnels/Sec EWF(44KBFile) 251Mbps(650CPSLoad) 62Mbps(160CPSLoad) SAV(Allscan44KBFile) 280Mbps(720CPSLoad) 116Mbps(300CPSLoad) HTTPThroughput2(ResponseContent44KBFile) 740Mbps 385Mbps HTTPCPS2(ResponseContent64bytes) 3000CPS 2000CPS Performance1 VMware KVM 1ReferenceplaTormforperformance:DellPowerEdgeR820,ESXI5.1,24Cores,2.899GhzCPUs 2IDPPerformanceisbasedondefaultrecommendedIDPpolicy 1024MaxAddresses/Address-set 256KMaxFirewallSessions 256KMaxPatSessions(SourceNATwithPAT) 8KMAC/ARPTableSize 2GBvRAMRequired/Instance 10MaxvNICs/Instance 128MaxZones 128MaxAddressBooks 10240MaxPolicies 128MaxPolicieswithCount 1024MaxApplica7ons/Policy 4KMaxVLANS 160KMaxOSPFRoutes 2vCPUsRequired/Instance MaxVRsSupported 5 IDPSessionScaling2 32K Scale VMware&KVM 13. Copyright 2015 Juniper Networks, Inc.13 3. 2. 1. vSRX vSRX/1 25vSRX 100vSRX (@~25Mbps) 500vSRX3 (@~25Mbps) 8Cores@2.66GHz 64GBRAM 2x10GNICs 40Cores@2.393GHz 256GBRAM 4x10GNICs x42U2 80Cores@2.8GHz 512GBRAM(x4) 2x10GNICs(x4) 1ThisisafuncGonofnetworkI/O,memoryandCPU) 2SuperMicro2027TR 3Thisserveris~$40Kwhichtranslatesto$80persubscriberforiniGalservercost 14. Copyright 2015 Juniper Networks, Inc.14 vSRX MSSP ! ! 22% ! VM2 ! vSRX 40,040 ! vSRX182,000 ! ! ! VM2 ! vSRX ! vSRX 85,800 15. Copyright 2015 Juniper Networks, Inc.15 1TB FW 16. Copyright 2015 Juniper Networks, Inc.16 SRX5000 17. Copyright 2015 Juniper Networks, Inc.17 SRX40G/100G 40G/100GFW 100GFW 100G 18. Copyright 2015 Juniper Networks, Inc.18 SRX Express path data pathFast data pathFirst packet path NG -SPC NG -SPCSCB 1 NG -IOC Traffic 10 x100 G + 4x40G + 4x10 G = 1200 G = 1.2 Tbps NG -IOC NG-IOC 100 /40 /10 G/1G MIC 100/40/10G/1G MIC XF 1x100 G or 2x40 G or 10 x10 G LU LU SCB 0 NG-SPC CP SPU SPU SPU LU LU XM Security Services Offloaded from SPU to IOC First packet " Fast data path " Express (hardware fast) path 19. Copyright 2015 Juniper Networks, Inc.19 10Gbps@64bytelinerate~14MPPS1xSPCII Hardware Pricelist Qty Subtotal SRX5400E-B1-AC $180,000.00 1 $180,000.00 TOTAL $180,000.00 10Gbps@64bytelinerate~14MPPS3xSPCII Hardware Pricelist Qty Subtotal SRX5600BASE-HC-AC $65,000.00 1 $65,000.00 SRX5K-SPC-4-15-320 $100,000.00 3 $300,000.00 SRX5K-MPC $89,500.00 1 $89,500.00 SRX-MIC-10XG-SFPP $45,000.00 1 $45,000.00 TOTAL $499,500.00 A SRX B SRX C SRX 7-9 6410G 14MPPS IPS 7SPC 20. Copyright 2015 Juniper Networks, Inc.20 100G/40Gbps 10G/ 40G/ 100G /LAN (DTC) SRX Y DTN X (DTN) DMZ / FW / DMZ 10G/ 40G/ 100G 100G/40G DTN/DTCTCP 100GbpsLargePacket3xSPCII Hardware Pricelist Qty Subtotal SRX5600BASE-HC-AC $65,000.00 1 $65,000.00 SRX5K-SPC-4-15-320 $100,000.00 3 $300,000.00 SRX5K-MPC $89,500.00 1 $89,500.00 SRX-MIC-10XG-SFPP $45,000.00 1 $45,000.00 TOTAL $499,500.00 100GbpsLargePacket1xSPCII Hardware Pricelist Qty Subtotal SRX5400E-B1-AC $180,000.00 1 $180,000.00 TOTAL $180,000.00 21. Copyright 2015 Juniper Networks, Inc.21 SRX5400 SRX5600 SRX5800 NormalModeFWPerfMax(G) 64 137 320 ExpressPath(SOF)FWPerfMax(G) 240 480 1200 0 200 400 600 800 1000 1200 1400 MaxThroughput(G) ()() 22. Copyright 2015 Juniper Networks, Inc.22 ! Inter-PFE(Inter-IOC) ! L7ALG 60G 60G 60G60G 100G 100G 100G 100G 23. Copyright 2015 Juniper Networks, Inc.23 IOC2 @50% @50% @50% 64B 512B 1514B Inter-PFELatency (Between2x100GIOCII) 15 17 17.8 15 17 17.8 13.5 14 14.5 15 15.5 16 16.5 17 17.5 18 18.5 Latencyinmicroseconds Inter-PFE(PFE) 100G-MIC2xIOC2 @50% @90% @50% @90% @50% @90% 64B 512B 1514B Intra-PFELatency(with1xIOCII) 7 7.4 7 8.5 7.5 9.5 7 7.4 7 8.5 7.5 9.5 0 1 2 3 4 5 6 7 8 9 10 Latencyinmicroseconds Intra-PFE(PFE)100G-MIC1xIOC2 *1 24. Copyright 2015 Juniper Networks, Inc.24 Copyright 2015 Juniper Networks, Inc. 1TB2TBFW RSA2015IXIAIOC 2TBFW https://www.youtube.com/watch?v=D3w0XN2SzSA 25. Copyright 2015 Juniper Networks, Inc.25 vSRXSRX5k 26. Copyright 2015 Juniper Networks, Inc.26 vSRX :A vSRXVM GW VM App Server VM Web Server VM DB Server VM Other Server A B C B A C IPSecVPN SRX240 App Server DB Server AIT 27. Copyright 2015 Juniper Networks, Inc.27 SRX5000: SRX5600 100G FW IPSec SRX5800 40G/100G FW 9 28. Copyright 2015 Juniper Networks, Inc.28 FW 10 vSRX 2TBFW vSRX 29. Copyright 2015 Juniper Networks, Inc.29 THEPOWEROFA CONNECTED WORLD CONNECT EVERYTHING. EMPOWER EVERYONE.