Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Network Activator Overview

    Network Activator initially provisions NFX250 Network Services Platforms (referred to as remote devices in this documentation), which reside at end users’ sites. The remote devices download a boot image and initial configuration files from servers hosting Network Activator, using a process that provides full authorization and authentication for all interactions. When initial provisioning is complete, the remote device communicates with a management server, which then starts to manage and monitor the remote device.

    Network Activator uses a distributed architecture to support remote devices. You install Network Activator on one central administration server (central server) and multiple regional administration servers (regional servers). A device communicates directly with its assigned regional server. The distributed architecture optimizes the efficiency of the initial provisioning process, contributing to high performance and scaling of the network.

    Figure 1 Illustrates the distributed architecture and the components involved in the initial provisioning process.

    Figure 1: Components Involved in Initial Provisioning of Remote Device

    Components
Involved in Initial Provisioning of Remote Device

    The roles of the components in the initial provisioning process are as follows:

    • The remote device sends requests for initial provisioning. The remote device resides at the end user’s location.
    • The Redirect Tool provides authentication and authorization for remote devices to access their assigned regional servers through use of ITU-T X.509 private key infrastructure (PKI) digital certificates. The Redirect Tool resides at the Juniper Networks website.
    • The central server hosts Network Activator and communicates with the regional activator servers. Administrators at a service provider or central enterprise location interact with this server to install and set up Network Activator. The central server is located at a central geographic location for the service provider.
    • The regional server also hosts Network Activator. This server stores information about its assigned remote devices and communicates directly with those devices. This server typically resides at a regional administrative location the provider designates for the end user.
    • The management server continuously manages the remote device after initial provisioning is complete. Service providers supply the management server; although you configure Network Activator to communicate with the management server, you do not configure Network Activator on the management server. The management server is responsible for all ongoing activities, including management of virtualized network functions (VNFs) that run on the remote device. This server may reside at the regional administrative location the provider designates for the end user or at the provider’s central location.

    Figure 2 illustrates the workflow of the initial provisioning.

    Figure 2: Workflow for Initial Provisioning

    Workflow
for Initial Provisioning

    In detail, the provisioning workflow proceeds as follows:

    1. The administrator at the service provider:
      • Installs and sets up Network Activator on the central server.
      • Adds remote devices and regional servers in the Redirect Tool.
    2. The central server forwards the installation to the regional servers.
    3. The end user powers on the remote device, connects it to a computer, and configures a few basic settings on the device that enable it to send a request for initial provisioning.
    4. The device transmits its X.509 certificate and fully qualified domain name (FQDN) as a provisioning request to the Redirect Tool.
    5. The Redirect Tool searches its data store for the regional server that the administrator specified for this device, and confirms that the device’s request corresponds to the X.509 certificate specified for the server.
    6. The Redirect Tool sends contact information for the regional server to the device.
    7. The device sends a request to the regional server for the URL of the boot image and the location of the initial configuration.
    8. The regional server sends the information to the device.
    9. The device obtains the boot image and configuration from the regional server.
    10. The device uses the boot image and configuration to start and become operational.
    11. The device sends a request for ongoing management to the management server.
    12. The management server starts managing the device.

    Modified: 2016-10-19