Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

About This Guided Setup

Guided Setup for Juniper Mist WAN Assurance

In this example, we’ll use the Juniper Mist cloud console (GUI) to provision a simple hub and spoke network that traverses provider equipment via IPSec tunnels and leverages both access policies and traffic shaping rules to segment users and applications on the network. Conceptually, you can think of it as an enterprise with branch offices connecting over a provider WAN to on-prem data centers. For example, an auto-parts store, a hospital, or series of point-of-sale kiosks--anything that requires a remote extension of the corporate LAN for services such as authentication or access to applications.

Physically, our example network includes two hubs and two spokes, all with redundant links to the WAN. We assume that you have the hardware already onboarded to the Juniper Mist cloud and that the physical connections needed to support the configuration are in place (that is, that the cabling is already in place and that you know the interfaces, VLANs, etc. that are in use and/or valid for your sandbox).

Figure 1: Hub and Spoke WAN Assurance Topology Hub and Spoke WAN Assurance Topology

Logically, the Juniper Mist cloud console uses the concepts of sites and templates to vastly simplify the work of provisioning devices. It also supports site-specific variables, which means you can define a given site or network and then clone it to easily expand your network. For the IPsec tunnels running over the WAN between the hub and spokes, the console automates the work of setting up the Public key infrastructure (PKI) so you don’t have to configure the certificate authority (CA) and digital signatures and digital certificates.

Essentially, you use the GUI to build up your network overlay on a logical plane, in the form of network elements, applications, and rules. The GUI stores the configuration commands until they are ready to be pushed to the devices. If the device is an SRX, the console will push Junos commands. If it is an SSR device, the console pushes programmable command line interface (PCLI) commands.

All the abstraction provided by the GUI amounts to some 600 to 700 lines of Junos commands, per SRX device.

You can see how Juniper Mist WAN Assurance simplifies network configuration at scale. Once you push the configuration and the network becomes operational under Juniper Mist, streaming telemetry from the SRX or SSR devices provides the underlying data used in SLAs. The Juniper Mist AI engine takes the automation further by creating Insights into the WAN traffic patterns and automatically providing remediating actions to honor the SLAs when needed.