Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 

Introduction

Juniper Networks Contrail Service Orchestration (CSO) transforms traditional branch networks, offering opportunities for high flexibility of the network, rapid introduction of new services, automation of network administration, and cost savings. The solution supports both Juniper Networks and third-party virtualized network functions (VNFs) that network providers use to create network services.

CSO Release 3.3.0 is a secure software-defined WAN (SD-WAN) solution that builds on the capabilities of CSO Release 3.2 and the Cloud CPE solution. The following are the highlights of the features available in Release 3.3.0:

  • SD-WAN

    • Dual CPE (spoke redundancy) support

    • Backup link support

    • LTE Modem (USB) support on NFX250 devices

    • High availability for virtual route reflectors (VRRs)

    • Support for traffic type profiles

    • Cloud spoke sites on Amazon Web Services (AWS) virtual private cloud (VPC)

    • SD-WAN reports

  • Security management

    • Firewall policy intents based on users or user groups

    • CSO integration with Active Directory (AD) through Juniper Identity Management Service (JIMS)

    • Offline signature download

  • Infrastructure

    • Device Return Material Authorization (RMA)

    • Upgrade from CSO Release 3.2.1 to Release 3.3.0

    • Multiregion support (centralized deployment)

    • Health check for infrastructure components

    • Provisioning VMware ESXi VMs using the provisioning tool

  • Miscellaneous

    • Personalization of the unified Administration and Customer Portal

    • Single-sign on (SSO) initiated by an identity provider (IdP)

CSO can be implemented by service providers to offer network services to their customers or by Enterprise IT departments in a campus and branch environment. In these release notes, service providers and Enterprise IT departments are called service providers, and the consumers of their services are called customers.

The solution offers the following deployment models:

  • Cloud CPE Centralized Deployment Model (centralized deployment)

    In the centralized deployment, customers access network services in a service provider’s cloud. Sites that access network services in this way are called cloud sites in these release notes.

  • Cloud CPE Distributed Deployment Model (distributed deployment)

    In the distributed deployment, customers access network services on a CPE device, located at a customer’s site. These sites are called on-premise sites in these release notes.

  • A combined centralized and distributed deployment

    In this combined deployment, the network contains both cloud sites and on-premise sites. One customer can have both types of sites; however, you cannot use the same network service package for cloud sites and on-premise sites. If you require the same network service for cloud sites and on-premise sites, you must create two identical network service packages with different names.

CSO uses the following components for the NFV environment:

  • When end users access network services in the cloud:

    • Network Service Orchestrator provides ETSI-compliant management of the life cycle of network service instances.

      This application includes RESTful APIs that you can use to create and manage network service catalogs.

    • Contrail Cloud Platform provides the underlying software-defined networking (SDN), NFV infrastructure (NFVI), and the virtualized infrastructure manager (VIM).

  • When end users access network services on a local CPE device:

    • Network Service Orchestrator, together with Network Service Controller, provides ETSI-compliant management of the life cycle of network service instances.

    • Network Service Controller provides the VIM.

    • The CPE device provides the NFV infrastructure .

The following CSO components connect to Network Service Orchestrator through its RESTful API:

Note: The Administration and Customer Portals are unified into a single portal with role-based access control (RBAC) enforcement.

  • Administration Portal, which you use to set up and manage your virtual network and customers through a GUI.

  • Customer Portal, which is an application that you can provide to customers to enable them to manage sites and services for their organizations through a GUI.

  • The Designer Tools, which enable design, creation, management, and configuration of network services through a GUI. Network services are stored in the network service catalog.

  • Service and Infrastructure Monitor, which works with Icinga, an open-source enterprise monitoring system to provide real-time data about CSO, such as the status of virtualized network functions (VNFs), virtual machines (VMs), and physical servers; information about physical servers’ resources; components of a network service (VNFs and VMs hosting a VNF); counters and other information for VNFs.

    You can deploy CSO in a trial or production environment. Table 1 shows the number of sites and VNFs supported for each environment.

    Table 1: Number of Sites and VNFs Supported

    Contrail Service Orchestration Environment Type

    Number of VNFs Supported for a Centralized Deployment

    Number of Sites and VNFs Supported for a Distributed Solution

    Number of Tenants

    Number of Sites Per Tenant

    Number of Sites Supported for an SD-WAN Deployment

    Trial environment without HA

    10 VNFs

    25 sites, 2 VNFs per site

    5

    1

    Up to 5 full mesh sites

    5

    Up to 25 hub and spoke sites

    Trial environment with HA

    100 VNFs, 20 VNFs per Contrail compute node

    200 sites, 2 VNFs per site

    10

    5

    Up to 50 full mesh sites

    20

    Up to 200 hub and spoke sites

    Production environment without HA

    500 VNFs, 20 VNFs per Contrail compute node

    200 sites, 2 VNFs per site

    10

    5

    Up to 50 full mesh sites

    20

    Up to 200 hub and spoke sites

    Production environment with HA

    500 VNFs, 20 VNFs per Contrail compute node

    3000 sites, 2 VNFs per site

    50

    10

    Up to 500 full mesh sites

    50

    60

    Up to 3000 hub and spoke sites

Modified: 2018-07-29