Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

CSDS Solution Architecture

Read this topic to understand the components of CSDS Architecture.

The CSDS Architecture primarily consists of the following components:

  • Forwarding layer—The forwarding layer includes MX Series routers that receive and return traffic of the underlying network and distribute upwards to the different services layer devices. The MX Series routers in this layer serve as the single pane of glass responsible for synchronizing and distributing the configuration to the devices in the service layer. You can deploy the MX Series routers in 1:1 redundancy.
  • Services layer—The services layer includes SRX Series Firewalls and provides security services. The layer supports different SRX Series Firewalls but a group of identical firewall models together offer a security service such as carrier-grade NAT (CGNAT), IPsec VPN. Note that multiple groups, each hosting a different security service can also co-exist. The guide covers configuration examples with one group of SRX Series Firewalls.
  • Distribution layer (Optional)—The distribution layer is placed between the forwarding layer and the services layer. The devices in this layer primarily provide additional port count, if needed, when enough ports are not available on the devices in the forwarding and the services layers. The devices can also offer different port speeds and port types that are not built in into the devices in the forwarding or services layer. These devices serve as a switch fabric that interconnects all the different devices in the architecture. You can use QFX Series devices in this layer for large-scale deployments.
  • Management layer—The management layer provides a management platform for the entire CSDS solution and connects to the forwarding layer as a single pane of glass. The management layer includes the capability to monitor the utilization of the services layer devices. In the management layer, you can optionally use EX Series switches for the device management.

Figure 1 depicts the high-level architecture of the CSDS solution.