Introduction

The Juniper Networks Cloud Customer Premises Equipment (CPE) solution transforms traditional branch networks, offering opportunities for high flexibility of the network, rapid introduction of new services, automation of network administration, and cost savings. The solution supports both Juniper Networks and third-party virtualized network functions (VNFs) that network providers use to create the network services.

Cloud CPE Solution Release 3.1.4 is a secure software-defined WAN (SD-WAN) solution that builds on the capabilities Cloud CPE Solution Release 3.1. The following are the highlights of the features available in Release 3.1:

• SD-WAN
  • Centralized application, service-level agreement (SLA), and performance management
  • Intent-based advanced policy-based routing (APBR)
  • Traffic visualization and monitoring at a per-application level across branch sites
• Security management
  • Intent-based firewall policies
  • Network Address Translation (NAT) policy management
  • Application visibility and signature management
  • Security reports

The solution can be implemented by service providers to offer network services to their customers or by Enterprise IT departments in a campus and branch environment. In these release notes, service providers and Enterprise IT departments are called service providers, and the consumers of their services are called customers.

The solution offers the following deployment models:

• Cloud CPE Centralized Deployment Model (centralized deployment)

  In the centralized deployment, customers access network services in a service provider’s cloud. Sites that access network services in this way are called cloud sites in these release notes.

• Cloud CPE Distributed Deployment Model (distributed deployment)

  In the distributed deployment, customers access network services on a CPE device, located at a customer’s site. These sites are called on-premise sites in these release notes.

• A combined centralized and distributed deployment

  In this combined deployment, the network contains both cloud sites and on-premise sites. One customer can have both types of sites; however, you cannot use the same network service package for cloud sites and on-premise sites. If you require the same network service for cloud sites and on-premise sites, you must create two identical network service packages with different names.

The Cloud CPE solution uses the following components for the NFV environment:

• When end users access network services in the cloud:
  • Network Service Orchestrator provides ETSI-compliant management of the life cycle of network service instances.

    This application includes RESTful APIs that you can use to create and manage network service catalogs.

  • Contrail Cloud Platform provides the underlying software-defined networking (SDN), NFV infrastructure (NFVI), and the virtualized infrastructure manager (VIM).
• When end users access network services on a local CPE device:
  • Network Service Orchestrator, together with Network Service Controller, provides ETSI-compliant management of the life cycle of network service instances.
  • Network Service Controller provides the VIM.
  • The CPE device provides the NFVI.

The following Contrail Service Orchestration (CSO) components connect to Network Service Orchestrator through its RESTful API:

Note: From Cloud CPE Solution Release 3.1 onward, the Administration and Customer Portals are unified into a single portal with role-based access control (RBAC) enforcement.

• Administration Portal, which you use to set up and manage your virtual network and customers through a graphical user interface (GUI).
• Customer Portal, which is an application that you can provide to customers to enable them to manage sites and services for their organizations through a GUI.
• The Designer Tools, which enable design, creation, management, and configuration of network services through a GUI. Network services are stored in the network service catalog.
• Service and Infrastructure Monitor, which works with Icinga, an open source enterprise monitoring system to provide real-time data about the Cloud CPE solution, such as the status of virtualized network functions (VNFs), virtual machines (VMs), and physical servers; information about physical servers’ resources; components of a network service (VNFs and VMs hosting a VNF); counters and other information for VNFs.

  You can deploy the Cloud CPE solution in a demonstration (demo) or production environment. Table 1 shows the number of sites and VNFs supported for each environment.

  Table 1: Number of Sites and VNFs Supported

  Contrail Service Orchestration Environment Type	Number of Sites and VNFs Supported for a Distributed Solution	Number of VNFs Supported for a Centralized Deployment
  Demo non-HA Configuration	25 sites, 2 VNFs per site	Up to 10 VNFs
  Production non-HA Configuration	Up to 200 sites, 2 VNFs per site	Up to 500 VNFs, 20 VNFs per Contrail compute node
  Trial HA Configuration	Up to 200 sites, 2 VNFs per site	Up to 100 VNFs, 20 VNFs per Contrail compute node
  Production HA Configuration	Up to 2200 sites, 2 VNFs per site	Up to 500 VNFs, 20 VNFs per Contrail compute node