Session Smart Networking Datasheet

Download Datasheet

Product Overview

The Juniper Session Smart Router (SSR) powers Juniper’s AI-driven SD-WAN solution that is designed to provide users with exceptional experiences. Built on an application-aware and zero-trust secure network fabric, the SSR meets the most stringent enterprise performance, security, and availability requirements.

The SSR overcomes inherent inefficiencies of conventional solutions with a tunnel-free architecture that enables improved performance, fast deployments, and cost savings. The solution can run on customer premises equipment (CPE), data center network servers, and in the cloud for flexible deployments.

 

Product Description

Juniper Networks® SSR Series Routers power Juniper’s AI-driven SD-WAN solution. The software-based solution utilizes a unique, tunnel-free routing protocol called Secure Vector Routing. This innovative networking solution improves application performance, rapidly scales to thousands of sites, and secures users and data with inherent, zero trust access policies.

The Session Smart Router can be managed by either the Juniper Session Smart Conductor or the Juniper Mist Cloud. Together, these platforms create a single logical control plane that is highly distributed, and a data plane that is truly session aware. SSR supports a wide range of use cases, including SD-WAN, SD-Branch, Multi-cloud and IoT and can scale from a small branch office to a high-capacity edge router to a hyper-scale, software-defined data center (Figure 1).

 

Figure 1: Session Smart Router Services, Applications and Network Domains

Figure 1: Session Smart Router Services, Applications and Network Domains 

Session Smart Router

The Session Smart Router combines a service-centric control plane and a session-aware data plane to offer IP routing, feature-rich policy management, improved visibility, and proactive analytics. 

The Session Smart Router also provides native zero-trust security, leveraging hypersegmentation. It also includes several security features:

  • Service-centric, tenant-based security architecture: The unique design enables the Session Smart Router to understand sessions and perform vital business operations. 
  • Zero trust security: The Session Smart Router follows the principle of “deny-by-default,” which uses a series of checkpoints to validate legitimate network traffic. 
  • Firewall capabilities: The Session Smart Router provides Layer 3/ Layer 4 network firewall functionality. 
  • IDS/IPS and URL filtering: Intrusion Detection System/Intrusion Prevention System (IDS/IPS) and URL filtering capabilities are available through the Advanced Security Pack. 
  • Security at its core: The advanced design of the Session Smart Router replaces the traditional routing plane with one built for security from the ground up.

Table 1 details the key features of the Session Smart Router. 

Category Features
System and Network Services SNAT/DNAT, Destination NAPT, Shared NAT pool, IPv4/IPv6, DHCP client, DHCP relay, DHCP server, DHCP server extensions, DHCPv6 PD, DNS client, PPPoE, Proxy ARP, NAT traversal, BFD, Inline flow performance monitoring, Extended firewall Pinhole, Path MTU discovery, MSS auto adjust, DSCP based service identification for IPsec
Advanced Services Secure Vector Routing (SVR), Multipoint SVR, IPv6 SVR, Overlapping IP service segmentation, Ethernet over SVR, Application identification
Routing Service based routing, Static routing, BGPv4, BGP Route Reflector, BGP Graceful Restart, BGP over SVR, BGP route map, BGP prefix list, OSPFv2, BGP VRF, OSPF VRF, Services and Topology Exchange Protocol (STEP)
Traffic Engineering Traffic scheduling and shaping, Flow Policing and Shaping, Packet marking (DiffServ), Service rate limiting
Network Firewall Distributed stateful firewall, Distributed and automated access control, Fine-grained segmentation/tenancy, ICSA network firewall certified, ICMP blackhole
IDS/IPS and URL Filtering Intrusion Detection System/ Intrusion Prevention System (IDS/IPS) and URL filtering capabilities are available through the Advanced Security Pack.
Secure Edge Connectors Seamless connections to Juniper Secure Edge or third-party SSE.
Application Identification HTTP/S domain based identification, O365 identification, DNS based identification, Application categorization
Analytics Session metrics, network metrics, LTE metrics, peer path SLA, MOS score, session analytics, SSL/TLS metrics, session IPFIX records
Session Encryption Session Payload Encryption (AES-256, AES-128), Session/Route Authentication (HMAC-SHA1, HMAC-SHA256, HMAC-SHA-256-128), Adaptive encryption, Rekeying, FIPS 140-2 Validated, Enhanced Replay Attack protection, Transport-based encryption
Session Management Path selection, (SLA, MoS, average latency), Load balancing using proportional and hunt, session migration, session duplication, session duplication for non-SVR, session duplication for inter-node links, MOS for VoIP, Path of last resort, session optimization, session reliability, service health learning, service route redundancy
Monitoring Monitoring agent, SNMPv2, Syslog, audit logs
Management and Remote access GUI, CLI, REST, Remote access over SVR (LTE), Upgrade rollback, Zero Touch Provisioning, Remote service packet capture, User-defined configuration templates, Role based access control
AAA Local registry, LDAP
Interface options Ethernet, LTE Support including Dual LTE and Dual SIM, T1
Platforms Bare metal x86 server, KVM, VMWare ESXi, OpenStack, AWS, Azure, Google Cloud

 

Session Smart Conductor

The Session Smart Conductor is a centralized management and policy engine that provides orchestration, administration, zero-touch provisioning (ZTP), monitoring, and analytics for distributed Session Smart Routers—while maintaining a network-wide, multi-tenant service, and policy data model. The Session Smart Conductor features multiple, flexible deployment models, from on-premises to private or public cloud.

 

Juniper Mist WAN Assurance and AI-Driven Operations

Alternatively, Session Smart Routers can be operated and orchestrated through the Juniper Mist Cloud. Mist AI delivers unprecedented automation using a combination of artificial intelligence, machine learning algorithms, and data sciences techniques to save time, maximize IT productivity, and deliver the best experience to digital users.

Juniper Mist WAN Assurance is built on the the Juniper Mist Cloud and delivers full life cycle management and operations, including AI-driven insights, anomaly detection, and root cause identification that focuses on end users’ experience. For Day-0 and Day-1 operations, WAN Assurance also provides orchestration, administration, and ZTP for Session Smart Routers. See the WAN Assurance Datasheet for more information.

 

Platform Options for the Session Smart Router

SSR100 and SSR1000 Series Appliances

The SSR Series of appliances provide the hardware foundation for the Juniper AI-Driven SD-WAN solution: 

  • The SSR100 line includes small and medium branch platform to support SD-WAN in distributed locations 
  • The SSR1000 line includes platforms for large branch, and small, medium, large and x-large data center and campus deployments

Deployment Locations are shown in Table 2, along with links to the relevant datasheets for more information. 

Table 2: SSR Appliances and Suggested Locations
Appliance Suggested Location Max Throughput (Unencrypted) Relevant Datasheet
SSR120 Small Branch 1.5 Gbps SSR100 Line of Routers
SSR130 Medium Branch 2 Gbps (Line rate on ports)
SSR1200 Large Branch or Small Data Center / Campus 10 Gbps SSR1000 Line of Routers
SSR1300 Medium Data Center / Campus 20 Gbps (Max. throughput on NIC)
SSR1400 Large Data Center / Campus 40 Gbps
SSR1500 Extra Large Data Center / Campus 50 Gbps (Max. throughput on NIC)

The hardware datasheets provide standard specifications such as interface options, number of interfaces, encrypted throughput, memory and hard drive capacity, etc. 

 

White Box Appliances and Juniper NFX Series

The Session Smart Router can run on certified white box platforms. More information on certified white boxes can be found at SSR Certified Hardware Documentation. For Virtual network function (VNF)-based deployments, the Session Smart Router can also run as a VNF using VirtIO and SRIOV network virtualization technologies on the Juniper Networks® NFX150, NFX250, and NFX350 Network Services Platforms.

 

Public Cloud Providers

The Session Smart Router can run as an instance on Amazon Web Services (AWS) and Microsoft Azure. 

Public Cloud Providers

Platform Options for the Session Smart Conductor

The Session Smart Conductor can run on certified white box platforms or on all major public cloud providers: AWS, Google Cloud, and Azure.

Public Cloud Providers

Juniper Service and Support

Juniper ensures operational excellence by optimizing the network to maintain required levels of performance, reliability, and availability. For more details, please visit www.juniper.net

 

About Juniper Networks

At Juniper Networks, we are dedicated to dramatically simplifying network operations and driving superior experiences for end users. Our solutions deliver industry-leading insight, automation, security and AI to drive real business results. We believe that powering connections will bring us closer together while empowering us all to solve the world’s greatest challenges of well-being, sustainability and equality.

 

1000703 - 007 - EN SEPTEMBER 2023