«Publication Date: 25 Nov 2015 | Product code: TE0006-001145 David Krozier Juniper Automates Service Delivery with NFV and Cloud CPE Ovum view Summary ...»
Juniper Automates Service Delivery
with NFV and Cloud CPE
Publication Date: 25 Nov 2015 | Product code: TE0006-001145
Juniper Automates Service Delivery with NFV and Cloud CPE
On November 3, 2015, Juniper announced its Cloud CPE solution. Cloud CPE is a networking
framework based on NFV and cloud technology that delivers virtualized network and security services
on demand from the cloud to the customer edge. With Cloud CPE service providers can select either a centralized cloud deployment model or a distributed deployment model with a virtualized intelligent device on the customer premises for automated delivery of IP services. Juniper expects revenues for its security products to see a boost as customers take advantage of the optional security features for Cloud CPE that are provided by Juniper’s virtualized SRX (vSRX) software. Juniper is initially targeting Cloud CPE at telcos to deliver managed IP access and IP VPN services to small and medium businesses (SMBs), and it has announced it is working with three large service providers (AT&T, Orange Business Services, and Colt Technology Services) to deploy the solution. The company also sees a follow-on market for Cloud CPE among large enterprise network operators to support managed services at branch offices. Cloud CPE will become available in December 2015, with CPE components of the solution available in 1H2016.
Ovum view Juniper has been looking for a way to penetrate the customer premises equipment (CPE) market. It has been working with service providers for over three years to develop virtualized CPE (vCPE) capabilities and now, with the addition of a virtualized customer service platform and service orchestration, has packaged an end-to-end solution as Cloud CPE.
Cloud CPE is a networking framework based on network functions virtualization (NFV) and cloud technology that delivers on-demand virtualized network and security services from the cloud to the customer edge. Cloud CPE consists of a management and orchestration (MANO) software stack based on the Contrail software suite, a new customer premises product (the NFX250), and virtual network functions (VNFs), including Juniper’s vSRX virtualized security platform and its virtual router, vMX.
Cloud CPE provides service automation. This means true zero-touch provisioning.
Automation also means customers can initiate service requests from a self-service portal and services can be turned up automatically in minutes – a convenience that service provider customers are willing to pay a premium for.
The NFX250 is the first in a series of Juniper products to deliver virtualized managed services at the customer premises. The initial implementation of the NFX250 will become available in 1H2016. When used as part of a Juniper Cloud CPE solution the NFX250 can run multiple virtualized functions on a single customer premises device, eliminating the cost of purchasing multiple discrete boxes and allowing customers to reclaim floor space and save on their power bill.
The money in NFV is in selling software, particularly VNF software, as network infrastructure migrates towards a disaggregated model. Juniper is going to market with two © Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 2 Juniper Automates Service Delivery with NFV and Cloud CPE initial VNFs for Cloud CPE: vMX, a virtualized implementation of Juniper’s MX edge routing platform, and vSRX, a virtualized implementation of its SRX security gateway.
Juniper’s Cloud CPE strategy Service providers typically deploy managed services with multiple single-function appliances installed at each customer service location. These appliances are typically sourced from a variety of manufacturers, with different vendors supplying discrete functions such as switching, routing, network address translation (NAT), firewall, intrusion prevention/detection system (IPS/IDS), and web filtering.
The service provider takes responsibility for designing, deploying, configuring, and managing all of the individual functions that make up a customer’s service. Because of the many manual tasks involved, service turn-up can take weeks or months, and any customer requests for service changes can mean truck rolls to multiple customer locations for equipment upgrades or installation of additional equipment. As a result, the customer premises location is usually operationally costly for service providers.
Juniper has been looking for a way to extend its portfolio into the CPE market. It has been working with service providers for over three years to develop virtualized CPE (vCPE) capabilities and now, with the addition of a virtualized customer service platform and service orchestration capabilities in its Contrail management and orchestration software suite, it has packaged an end-to-end solution as Cloud CPE.
Juniper’s Cloud CPE approach delivers virtualized network and security services with a fully automated platform. This means customers can initiate service requests from a self-service portal and services can be turned up automatically in minutes. Cloud CPE can minimize capex for service providers, and with automation service providers can cost effectively deliver managed network services to small and midsize businesses (SMBs). More importantly, automation provides the network with agility for rapid service innovation, something SMB customers are willing to pay for as a premium service.
A number of vendors (e.g. Accedian Networks, Anuta Networks, Overture Networks, and RAD) have announced vCPE products over the past two years. There have been trials and proofs of concept for vCPE at several major service providers including Telefonica (with NEC), China Telecom (with Huawei), and Telekom Austria (with NEC).
Ovum believes there has been limited market traction for available vCPE solutions because the service orchestration issue was not effectively addressed until now. AT&T’s announcement that it would extend its Network on Demand platform with a virtualized router architecture to deliver managed IP services for SMBs shows the true potential for vCPE technology, and Ovum expects other service providers to follow AT&T’s example in serving this market.
In September 2015 AT&T announced Universal CPE (uCPE), the terminology it is using with customers to describe vCPE, in conjunction with its announcement of Managed Internet Services (MIS) on Demand. Instead of installing and configuring a physical router at the customer premises, uCPE delivers services with a simple Linux-based platform. With NFV technology, AT&T can activate multiple VNFs within a single uCPE device or deliver services through the uCPE from the AT&T cloud.
AT&T demonstrated its uCPE to Ovum in October 2015, using a customer premises platform developed to AT&T specifications by Juniper. AT&T told Ovum that Cisco is also developing a uCPE © Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 3 Juniper Automates Service Delivery with NFV and Cloud CPE platform, but it used the Juniper product for the demonstration because the company was ready first.
AT&T’s performance requirements for this device cannot be met by currently available commercial bare metal platforms targeting the hyperscale data center market. However, Ovum expects that as the opportunity for these CPE devices grows, both Cisco and Juniper are likely to be competing with such devices for this application.
It is clear to Ovum that AT&T plans to deploy Network on Demand services with a multivendor strategy. As network software and hardware become disaggregated, vendors will have to compete on a best-of-breed basis with their component hardware and software products. For example, AT&T has announced three vendors involved with its Network on Demand platform: Cisco, Juniper Networks, and Brocade. Each of these vendors has virtual router software that can be deployed in the uCPE platform as a VNF. What is certainly different from the appliance model with AT&T’s Network on Demand services is that the end user will have a bigger voice in selecting virtualized functions, which means VNF vendors will have to market directly to these customers to capture vCPE software revenue.
Juniper’s Cloud CPE platform Juniper’s Cloud CPE is an NFV implementation that consists of a management and orchestration (MANO) software stack based on the Contrail software suite, a new customer premises product (the NFX250), and virtual network functions (VNFs) including Juniper’s vSRX virtualized security platform and its virtual router, vMX. Each component of Juniper’s Cloud CPE solution can be deployed individually or as part of a fully integrated solution.
The Contrail software suite Juniper’s Contrail software suite includes Contrail Networking, Contrail Cloud Platform, and Contrail Service Orchestration (a new software product announced in November 2015 along with the NFX250 Network Services Platform). The Contrail software suite incorporates open source software, open standards, and open interfaces with REST-based APIs.
Contrail Networking is Juniper’s SDN controller software. It abstracts an existing physical network to provide a virtualized networking layer. Contrail Networking automates and orchestrates the creation of scalable virtual networks. It can be used to chain VNFs and physical network functions (PNFs) to build service elements. The commercial version of Contrail Networking includes full service and support while Open Contrail, the open source version, is available for download on GitHub.
Contrail Cloud Platform is an element of Juniper’s NFV solution that was jointly developed with Canonical. Contrail Cloud is a carrier-grade cloud orchestration and automation package based on Contrail Networking and the Canonical distribution for Ubuntu OpenStack. The Contrail Cloud Platform automates the orchestration of compute, storage, and networking resources to create federated clouds that enable an elastic infrastructure.
Contrail Service Orchestration is a new component of Juniper’s Contrail software suite. It includes software modules for service creation, automation, and activation, enabling customers to select services from a catalog of available options with a GUI self-service portal.
The use of standard YANG data models and open APIs simplifies integration with OSS/BSS systems. Contrail Service Orchestration will be available in December 2015.
© Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 4 Juniper Automates Service Delivery with NFV and Cloud CPE A new software-driven CPE platform The NFX250 is the first in a series of Juniper products to deliver virtualized managed services at the customer premises. Combining features of a server and a router, it is a 1RU-high physical device that that can run multiple VNFs and is equipped to deliver compute performance that is significantly beyond what is currently commercially available in bare metal switch platforms.
Juniper’s vCPE platform was developed to AT&T requirements. It is based on a six-core Intel Xeon processor and incorporates merchant switch silicon from Broadcom. The NFX250 is configured with up to 32GB RAM and 512GB of solid state storage. It runs the Wind River Linux kernel, with the Junos Operating System installed as a virtual machine (VM) under the KVM hypervisor. Juniper’s vSRX security software is integrated into the platform and can be activated with the appropriate license.
In addition to vSRX, the initial NFX250 implementation can host up to six additional VNFs. Juniper will produce additional Network Services Platform form factors to support a range of VNF capacities. The NFX250 will be available in 1H2016. When used as part of a Juniper Cloud CPE solution the NFX250 can run multiple virtualized functions on a single customer premises device. This eliminates the need for multiple discrete boxes and enables customers to reclaim floor space and save on their power bill.
The real opportunity is in software The money in NFV is in selling software, particularly VNF software, as network infrastructure migrates towards a disaggregated model. Juniper is going to market with two initial VNFs for Cloud CPE: vMX, a virtualized implementation of Juniper’s MX edge routing platform, and vSRX, a virtualized implementation of Juniper’s SRX security gateway. Over time, the portfolio of virtualized functions supported by Cloud CPE will grow. Juniper has existing relationships with over 25 third-party VNF vendors and is in the process of qualifying VNFs from those vendors for compatibility with Cloud CPE.
Juniper may introduce additional VNFs in the future that are derived from its modular Junos Network Operating System. It estimates that there are 100 network, security, and applications feature packages within Junos that could be monetized as VNFs.
Security is a key component of Juniper’s Cloud CPE business model. The vSRX Virtual Firewall was introduced in January 2014 as a virtualized implementation of Juniper’s SRX Services Gateway security appliance. It provides firewall, intrusion detection and protection systems (IDS/IPS), and other security capabilities for building managed enterprise services. Juniper has integrated vSRX within its NFX250 Network Services Platform, making it easy for customers to license and use the software as part of their network security solution. Although Juniper has lost traction in the network security market over the past few years, the company expects vSRX revenues to help grow its overall security business starting in 2016.
Three deployment models The centralized NFV deployment model Juniper sees three deployment models for Cloud CPE. The first is a centralized model where network intelligence is placed in a service provider data center or an edge POP that looks like a data center.
This thin-client delivery model locates the NFV framework and the VNFs that provide customer services in the service provider cloud. A simple and inexpensive network interface device (NID) installed at the customer premises provides the network demarcation point for cloud-based managed services.
© Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 5 Juniper Automates Service Delivery with NFV and Cloud CPE Centralizing service delivery components within service provider facilities means the centralized deployment model can be easier to manage. Juniper’s early efforts in developing vCPE focused on a centralized delivery model, and the company has deployments with Colt and Orange.