Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

New Features

This section describes the features available in Juniper Paragon Automation Release 2.4.0.

Device Life-Cycle Management

Device life-cycle management (LCM) encompasses the entire life cycle of a device, from installing the device onsite, bringing the device under management, monitoring the device when it is in production, and finally decommissioning the device.

Juniper Paragon Automation Release 2.4.0 extends device life-cycle management to the following platforms and provides the following additional features:

  • New device support—You can onboard and manage the following devices to Paragon Automation:

    • ACX2200 (device management functions such as basic device adoption, view device details, upgrade software, reboot device, and view device configuration)

    • EX3400, EX9200 (device management and device observability functions only)

    • QFX5110, QFX5120 (device management and device observability functions only)

    For a list of devices supported in Paragon Automation, see Supported Junos OS Releases, Devices, and Browsers.

  • Assign a site optionally during device onboarding—While adopting a device, configuring a site is optional. If you do not assign a site for a device on the Add a Device page (Inventory > Network Inventory > Add Device) while adopting the device, you can assign a site to the device through the network implementation plan.

    When assigning a site is optional for onboarding a device, you can push the onboarding configuration through ZTP. This simplifies the onboarding process.

    [See Add a Network Implementation Plan.]

  • Configure topology resources for service provisioning in a network implementation plan—Automate provisioning the topology resources required for a service by defining the following parameters in a network implementation plan:

    • Node role

    • Bandwidth that can be allocated to services per node

    • PE-CE access parameters

    [See Add a Network Implementation Plan.]

Observability

You can use Paragon Automation to view your entire network topology in real time, monitor network health, get notified of any anomalies in the network, and also get guidance on how to resolve these anomalies. With observability, Paragon Automation monitors and analyzes the network and its components by using key performance indicators (KPIs), device logs, and metrics, and notifies you about network issues through alerts and alarms. Paragon Automation also runs connectivity tests using synthetic traffic to identify connection issues between devices in your network. Additionally, Paragon Automation provides a routing dashboard where you can actively monitor the overall routing health of your network in real time. The timely detection of anomalies enables you to take prompt action and minimize the impact of any issues that occur.

Juniper Paragon Automation Release 2.4.0 provides the following additional observability features:

  • Routing observability—Use the routing observability feature in Paragon Automation to actively monitor your network's routing health in real time. Use the Route Explorer dashboard to monitor all routing prefixes, track historical route events , and troubleshoot reachability issues and route fluctuations. To use the routing observability feature, you must enable routing protocol analytics, and configure BGP data collection when you add a device profile. See Add a Device Profile.

    [See Routing Observability Overview.]

  • Custom rules and rule instances—Use a rule to extract information from a device. You can upload custom rules and then create rule instances to apply them on devices.

    Note:

    Contact Juniper Networks Professional Services to create a custom rule.

    Upload a custom rule on the Custom Rules tab (Observability > Health > Custom KPI Collection). Create a rule instance on the Rule Instantiations tab (Observability > Health > Custom KPI Collection). Paragon Automation generates alerts after you deploy a rule instance. You can then take corrective measures to address the alerts.

    [See Rules Overview.]

  • Configure alert and custom alert notification—You can view alerts by default on the Alerts tab (Observability > Health > Events > Alerts). To receive notifications of these alerts, you must enable webhook notifications (Send Webhook Notification) for an alert or alert category in an event template.

    [See Manage Event Templates.]

  • Hardware accordion enhancements—Paragon Automation executes tests to determine the health and functioning of device hardware. Use the new accordions on the Hardware Details for Device-Name page (Observability > Health > Troubleshoot Devices > Device-Name > Overview > Hardware (accordion) > data-link) to view graphical representations of the states of the following device hardware components:

    • Power supply units (PSUs)

    • Fans

    • Line cards

    [See Hardware Data and Test Results.]

  • Discover FADs—Use Paragon Automation to discover Flexible Algorithms Definitions (FADs) that you have configured on the devices in your network.

    You can view the list of FADs on the FlexAlgo tab of the Topology page (Observability > Topology). If you select a FAD ID in the flex algo table, then the nodes and links that participate in the selected FAD ID are highlighted on the topology map.

    [See About the FlexAlgo Tab.]

  • View historical data for tunnel delay—You can view historical tunnel delay data on the Topology page (Observability > Topology).

    Tunnel delay is the sum of all link delays in the tunnel path. Use this data to analyze past trends and patterns.

    [See About the Tunnels Tab.]

Trust and Compliance

Paragon Automation helps protect the network from threats and vulnerabilities by periodically checking whether a target's configuration, integrity, and performance comply with predefined security benchmarks. The term target refers to devices and device components. Paragon Automation distills the outcomes of these checks into a single trust score that you can use to determine how trustworthy a device is.

There are no trust and compliance features in this release.

Service Orchestration

Service orchestration is the process of designing, configuring, validating, deploying, and monitoring a network service. Paragon Automation automates the entire life cycle of a network service by providing workflows that execute the tasks to be completed to deliver a service. You can provision various network services by using predefined service designs. The Service Catalog is an inventory of service designs, which are templates that provide guidelines and parameters for instantiating a service. A service instance defines the elements of a service. A service order includes the instruction to create, modify, or delete a service instance. After you initiate a service order and provision it, Paragon Automation activates the automated workflow to provision the service in the network. After provisioning, Paragon Automation automatically monitors network health and measures service quality.

Juniper Paragon Automation Release 2.4.0 provides the following additional service orchestration features:

  • Delete service designs—Keep your environment updated by removing older or unused service designs and installing newer versions. Use the Service Designs page (Orchestration > Service Catalog) to remove a design for an organization. The deleted designs are listed in the Pending Version column and can be reinstalled when needed.

    [See About the Service Designs Page.]

  • Provision EVPN-VPWS—You can use Paragon Automation to provision a point-to-point Layer 2 Ethernet VPN–virtual private wireless service (EVPN-VPWS) for customer edge (CE) devices over the MPLS network. To provision an EVPN-VPWS service (Orchestration > Instances > Add > E-Line EVPN VPWS CSM), define service elements such as site details and site network access parameters. You can monitor the workflow execution status and detailed task logs to troubleshoot and fix errors when a workflow run fails. After you provision the service, Paragon Automation automatically monitors its health and quality.

    [See Add an EVPN or EVPN-VPWS Service Instance.]

  • Manage network resource placement for service provisioning—Use placement to allocate network resources for provisioning services. Use the Update Placements button to automatically assign all available placement options for Layer 3 VPN (L3VPN), EVPN, and EVPN-VPWS services. After you assign placement options, you can allocate network resources, such as provider edge (PE) devices, interfaces, and VLANs.

    Use the Reset Placements button on the Summary page of the service creation wizard to delete all allocated placement options for every site in a service instance. Use the Reset Placements button on the Edit Connection page to delete allocated placement options for an individual site.

    [See Manage Placement Configurations for Service Instances.]

  • Configure VPNV6 IP connection and access diversity parameters—You can configure IPv6 addresses, in addition to IPv4 addresses, when you configure IP connection parameters and static route, OSPF, and BGP routing protocols under Layer 3 VPN (L3VPN) Site Network Access.

    [See Add L3VPN Service Site Details.]

  • Force sync for onboarding and service configurations—Use the Force Sync option to resynchronize the onboarding and service configurations after you restore a device configuration from backup. This approach preserves the original onboarding and service configurations when changes are made to the configurations.

    You can access the Force Sync option from the More options on the Network Implementation Plan page (Inventory > Device Onboarding > Network Implementation Plan) and Service Instances page (Orchestration > Service > Instances).

    [See About the Network Implementation Page and About the Service instances Page.]

Network Optimization

The network optimization use case in Paragon Automation enables you to optimize the utilization of network resources, enhance network performance, and ensure reliable and efficient delivery of data across the network. Paragon Automation optimizes the network by managing the life-cyle of label-switched paths (LSPs) through an intent-based approach.

You can create a path intent using the Paragon Automation GUI. Path intents are specific LSP configurations that define how traffic is steered through the network. In traditional methods, each path in a tunnel must be configured and provisioned individually with all its attributes. With path intent, you can create sub-profiles of attributes that can be reused for creating paths. This modular approach reduces redundancy and streamlines the process of provisioning multiple tunnels.

When you apply the path intent to the network, Paragon Automation interprets these intent-based sub-profiles, and automates the creation, modification, and deletion of tunnels and LSPs. By autonomously executing the required actions, Paragon Automation aligns the network state with the specified intent. Paragon Automation ensures that LSPs are established based on network policies, traffic engineering constraints, and service level agreements (SLAs).

Juniper Paragon Automation Release 2.4.0 provides the following network optimization features:

  • Intent-based LSPs—Use Paragon Automation’s intent-based approach to manage label-switched paths (LSPs) and maximize network reliability. Instead of manually configuring paths, create a path intent and apply it to your network. A path intent includes the following sub-profiles:

    • Tunnel profile—Defines specific properties of the LSP.
    • Optimization profile—Defines when the LSP must be recomputed.
    • Endpoints profile—Defines the endpoints of the LSP.

    You can create intents in the Path Intent tab of the Network Optimization Intent page (Network Optimization > Network).

    [See Network Optimization Overview and Path Intent Workflow.]

  • Assign a color to SR LSPs—You can assign colors to segment routing (SR) label-switched paths (LSPs) for steering traffic.

    Assign a color using the Color Community field when you create an LSP. When a head-end router receives a BGP route with a specific color, the router steers traffic into an SR LSP based on the color.

    [See Add a Tunnel.]

Active Assurance

Active Assurance is a programmable test and monitoring solution, which generates synthetic traffic in the underlay network to gain continuous insights on network quality, availability, and performance. Active Assurance uses Test Agents, which are measurement points in your network. Test Agents generate and receive synthetic traffic, and enable you to continuously monitor and validate the infrastructure. You can deploy the Test Agents at strategic locations in your network and install them on routers running Junos OS Evolved, x86 hardware, or on virtual machines (VMs). Paragon Automation uses RPM to collect metric data for Juniper Networks® MX Series Universal Routers and Juniper Networks® PTX Series Routers.

[See Beta Features.]

Administration

Paragon Automation Release 2.4.0 provides the following administration features to manage users, sites, and organizations:

  • Assign tags to users and API tokens—You can assign tags to logically group and categorize users and API tokens. To assign tags, you must edit a user or an API token.

    [See Manage Users and Invites and Manage API Tokens.]

  • Use configuration templates to configure Cisco devices—You can use configuration templates to configure Cisco devices. Use the Device Vendor drop-down list on the Basic Information Tab of the Add Configuration Templates page (Inventory > Configuration Templates > Add) to select the device vendor. Paragon Automation supports the OpenConfig/Cisco UM mixed format of configuration for Cisco devices.

    [See Add a Configuration Template.]

Juniper Paragon Automation Installation

Juniper Paragon Automation Release 2.4.0 provides the following installation-related features:

  • Support for Proxmox VE and RHEL 8.10 KVM hypervisors—You can deploy the Paragon Automation cluster on Proxmox VE or Red Hat Enterprise Linux (RHEL) 8.10 kernel-based virtual machine (KVM) hypervisors, in addition to VMware ESXi 8.0.

    [See Create the Node VMs.]

  • Configure separate VIP address for gNMI and NETCONF access—The generic ingress VIP address is shared between the Web GUI, NETCONF, and gNMI. In release 2.4.0, you can configure an additional ingress VIP address and allocate the address for NETCONF and gNMI access.

    [See Network Requirements and Deploy the Cluster Nodes.]

  • Support for multi-subnet cluster nodes and VIP addresses—In release 2.4.0, the Paragon Automation cluster nodes and VIPs can be in different subnets. Access between nodes is configured using BGP-peering.

    [See Network Requirements and Deploy the Cluster Nodes.]

  • Back up and restore the Paragon Automation cluster—You can back up your current Paragon Automation application configuration and telemetry data to a time and date-stamped backup folder using Paragon Shell CLI. You can also restore the configuration from the backed up folder on the same cluster or a new cluster.

    [See Back Up and Restore Paragon Automation.]

  • Preupgrade Paragon Shell—Preupgrade Paragon Shell on the installer primary node before you upgrade your cluster from an older release. This process enables you to use the upgrade command options from release 2.4.0 on older clusters and to manually back up OpenSearch.

    Exercise caution when using this feature.

    [See Preupgrade Paragon Shell Before Upgrade.]

Beta Features

Juniper Paragon Automation Release 2.4.0 provides Beta support for the following features:

  • Paragon Automation Chatbot— Use Paragon Automation chatbot (LLM Connector) to facilitate the use of natural language to query network status and obtain troubleshooting information, without using CLI commands.

    LLM Connector can help you:

    • Retrieve device information.

    • Execute Junos OS operational commands.

    • Save data (configuration and logs) to a file.

    • Retrieve a list of all VPNs in your network and their details, metrics, and health information.

    • Fetch information about customers and service instances associated with customers.

    • Get insights based on the telemetry collected from the device.

    To use the LLM Connector tool, you must set up a large language model (LLM). The recommended LLM model for LLM Connector is GPT-4 and GPT-4o.

    [See LLM Connector Overview.]

  • Support for Test Agent Appliances—Use Paragon Automation to register and run Test Agent Appliances in your network. A Test Agent Appliance is a full-fledged Test Agent with built-in operating system, which allows full control over network configuration and supports advanced functionalities. The Test Agent Appliance is based on the Debian Linux operating system. It is delivered as:

    • Dedicated Test Agent—You can download the Test Agent Appliance Software image and install on a custom x86 hardware.

    • Test Agent Virtualized Network Function (TA VNF)—You can upload a Test Agent Software image to a virtualization platform and run as a virtual machine (VM) on a hypervisor.

    After you install a Test Agent Appliance on a platform, Paragon Automation discovers the Test Agent Appliance. You can view the discovered Test agent Appliance on the Test Agents (Inventory > Active Assurance > Test Agents) page.

    [See About the Test Agents Page.]

  • Install Test Agent Appliance on custom x86 hardware—You can install the Test Agent Appliance on an x86 hardware. To install, create a bootable USB flash drive with the Test Agent Appliance Software image and use the USB flash drive to boot the x86 hardware. After you install, register the Test Agent Appliance with Paragon Automation to start collecting measurements in your network.

    You can use the USB flash drive-based deployment as an alternative to virtual machine-based deployment.

    [See Install Test Agent Appliance.]

  • Monitor device health and temperature using AI/ML—Paragon Automation uses artificial intelligence and machine learning (AI/ML) to monitor key performance indicators (KPIs) related to the health of devices to detect anomalies. The key performance indicators (KPIs) are monitored for the following components:

    • Fans [Revolutions per minute (RPM)]

    • Linecards (CPU utilization, memory utilization, and temperature)

    • Routing Engine (CPU utilization, memory utilization, and temperature)

    Paragon Automation also performs root cause analysis (RCA) of device temperature anomalies.

    [See Automatically Monitor Device Health and Detect Anomalies.]