Connected Security Distributed Services (CSDS) Architecture

CSDS Architecture (MX240, MX304, MX480, MX960, MX10004, MX10008, SRX4600, SRX5400, SRX5600, SRX5800, and vSRX 3.0)—The Connected Security Distributed Services (CSDS) Architecture delivers a scalable, distributed security architecture design that fully decouples the forwarding and security services layers. In this design, MX Series routers serve as intelligent forwarding engines for load balancing while SRX Series Firewalls help expand your data centers securely. The solution supports carrier-grade NAT (CGNAT), IPsec VPN, and stateful firewall security services.

The architecture ensures redundancy in forwarding and services layers. It uses ECMP-based consistent hashing for the routers, and Multinode High Availability for the physical and virtual firewalls.

You can manage nodes with Junos Node Unifier (JNU) and orchestrate vSRX Virtual Firewalls with Junos Device Manager (JDM).

[See Connected Security Distributed Services Architecture Deployment Guide, and Release Notes: Connected Security Distributed Services Architecture.]

Junos Node Unifier support in CSDS for unified CLI management (MX240, MX304, MX480, MX960, MX10004, MX10008, SRX4600, SRX5400, SRX5600, SRX5800, and vSRX 3.0)—We support centralized management of devices in the Connected Security Distributed Services (CSDS) Architecture with the Junos Node Unifier (JNU) single-touchpoint solution. The JNU topology uses MX Series routers as JNU controllers, and SRX Series Firewalls and Junos Device Manager (JDM) as JNU satellites. From the controller, you can perform the following operations on the satellites:

• Configure and manage the nodes using Junos OS configuration commands.

• Run Junos OS operational mode commands.

[See Junos Node Unifier for CSDS, request jnu satellite sync, show chassis jnu satellite, and jnu-management.]