Juniper Session Smart Routing, which powers the AI-Driven SD-WAN, takes distributed, software-defined routing to a new level. This innovative networking solution provides a service-centric control plane and service-aware data plane that offers IP routing, feature-rich policy management, improved visibility, and proactive analytics. This next-generation SD-WAN solution supports the evolving needs of cloud-enabled enterprise networks.
Juniper® Session Smart™ Routing fuels an advanced, service-centric networking solution that is rewriting the rules for software-defined routing and SD-WAN. Ideal for today’s digital businesses, the solution enables agile, secure, and resilient WAN connectivity with breakthrough economics and simplicity.
The unique combination of Juniper Session Smart Router, Juniper Session Smart Conductor, and Juniper Mist™ WAN Assurance cloud service transcends inherent inefficiencies and cost constraints of conventional networking products and legacy SD-WAN solutions. The Session Smart Router delivers a flexible, application-aware network fabric that meets stringent enterprise performance, security, and availability requirements. The Session Smart Router is software-based and deployable on white-box CPE, data center network servers, and the cloud. It’s also available with the purpose-built Juniper SSR Series Smart Router. It can be fully managed and orchestrated with Juniper’s Session Smart Conductor or through the Juniper Mist WAN Assurance cloud service.
The Session Smart Router is a base component that can be paired with either the Juniper Session Smart Conductor or the Juniper Mist cloud. Together, they form a single logical control plane that is highly distributed and a data plane that is truly session aware. They support a range of use cases, including SD-WAN, which can scale from a small branch office to a high-capacity edge router to a hyper-scale, software-defined data center.
Session Smart Router
The Session Smart Router combines a service-centric control plane and a session-aware data plane to offer IP routing, feature-rich policy management, improved visibility, and proactive analytics. Session Smart Router also provides native zero trust security, leveraging hyper-segmentation. It includes several security features.
- Service-centric, tenant-based security architecture: The unique design enables the Session Smart Router to understand sessions and perform vital business operations.
- Zero trust security: The Session Smart Router follows the principle of “deny-by-default,” which uses a series of checkpoints to validate legitimate network traffic.
- Next-generation firewall capabilities: The Session Smart Router provides network firewall functionality and can be service-function chained with Juniper Networks® SRX Series Services Gateways for next-generation firewall capabilities. Additionally, the following capabilities are available as add-on options for the SSR Series routers:
- Intrusion Detection System/Intrusion Prevention System (IDS/IDP)
- URL filter
- Security at its core: The advanced design of the Session Smart Router replaces the traditional routing plane with one built for security from the ground up.
Session Smart Conductor
The Session Smart Conductor is a centralized management and policy engine that provides orchestration, administration, zero-touch provisioning (ZTP), monitoring, and analytics for distributed Session Smart Routers—while maintaining a network-wide, multi-tenant service, and policy data model. Session Smart Conductor features multiple, flexible deployment models, from on-premises to private or public cloud.
Juniper Mist™ WAN Assurance and AI-Driven Operations
Alternatively, Session Smart Routers can be operated and orchestrated through the Juniper Mist cloud. Mist AI delivers unprecedented automation using a combination of artificial intelligence, machine learning algorithms, and data sciences techniques to save time, maximize IT productivity, and deliver the best experience to digital users.
Juniper Mist WAN Assurance is built on the Mist AI cloud and delivers full life cycle management and operations, including AI-driven insights, anomaly detection, and root cause identification that focuses on end users’ experience. For day-0 and day-1 operations, WAN Assurance also provides orchestration, administration, and ZTP for Session Smart Routers. See the WAN Assurance datasheet for more information.
|System and Network Services||SNAT/DNAT, Destination NAPT, Shared NAT pool, IPv4/IPv6, DHCP client, DHCP relay, DHCP server, DHCP server extensions, DHCPv6 PD, DNS client, PPPoE, Proxy ARP, NAT traversal, BFD, Inline flow performance monitoring, Extended firewall Pinhole, Path MTU discovery, MSS auto adjust, DSCP based service identification for IPsec|
|Advanced Services||Secure Vector Routing (SVR), Multipoint SVR, IPv6 SVR, Overlapping IP service segmentation, Ethernet over SVR, Application identification|
|Routing||Service based routing, Static routing, BGPv4, BGP Multi-Path, BGP Route Reflector, BGP Graceful Restart, BGP over SVR, BGP route map, BGP prefix list, OSPFv2, BGP VRF, OSPF VRF, Services and Topology Exchange Protocol (STEP)|
|Traffic Engineering||Traffic scheduling and shaping, Flow Policing and Shaping, Packet marking (DiffServ), Service rate limiting|
|Network Firewall||Distributed stateful firewall, Distributed and automated access control, Fine-grained segmentation/tenancy, ICSA network firewall certified, ICMP blackhole|
|Application Identification||HTTP/S domain based identification, O365 identification, DNS based identification, Application categorization|
|Analytics||Session metrics, network metrics, LTE metrics, peer path SLA, MOS score, session analytics, SSL/TLS metrics, session IPFIX records|
|Session Encryption||Session Payload Encryption (AES-256, AES-128), Session/Route Authentication (HMAC-SHA1, HMAC-SHA256, HMAC-SHA-256-128), Adaptive encryption, Rekeying, FIPS 140-2 Validated, Enhanced Replay Attack protection, Transport-based encryption|
|Session Management||Path selection, (SLA, MoS, average latency), Load balancing using proportional and hunt, session migration, session duplication, session duplication for non-SVR, session duplication for inter-node links, MOS for VoIP, Path of last resort, session optimization, session reliability, service health learning, service route redundancy|
|Monitoring||Monitoring agent, SNMPv2, Syslog, audit logs|
|Management and Remote access||GUI, CLI, REST, Remote access over SVR (LTE), Upgrade rollback, Zero Touch Provisioning, Remote service packet capture, User-defined configuration templates, Role based access control|
|AAA||Local registry, LDAP|
|Interface options||Ethernet, LTE Support including Dual LTE and Dual SIM, T1|
|Platforms||Bare metal x86 server,KVM, VMWare ESXi, OpenStack, AWS, Azure, Google Cloud|
Platform Options for the Session Smart Router
SSR Series Session Smart Router
The SSR Series of appliances provide the hardware foundation for the Juniper AI-Driven SD-WAN solution. The SSR100 line includes small and medium branch platforms to support SD-WAN to distributed locations.
For more information see the SSR Series datasheet .
|SSR120||2 Gbps||1 Gbps||Small branch. Hardware only (120GB SSD, 2x1GbE combo RJ45/SFP, 4x1GbE RJ45) with or without LTE. TAA-compliant option for federal.|
|SSR130||2 Gbps||1.5 Gbps||Medium branch. Hardware only (120GB SSD, 2x1GbE combo RJ45/SFP, 6x1GbE RJ45) with or without LTE. TAA-compliant option for federal.|
Juniper Certified White Box Platforms
Juniper Networks publishes a list of platforms that are certified to run the Session Smart Router. Additional information can be found at docs.128technology.com/docs/about_certified_platforms.
|Bare metal||1-2 Gbps||4C ATOM/8GB RAM|
|2-4 Gbps||8C ATOM/16GB RAM|
|10-20 Gbps||8C XEON/32GB RAM|
|10-20 Gbps||12C XEON/128GB RAM|
|80-100 Gbps||22C XEON/256GB RAM|
Juniper NFX Series Network Services Platforms
The Session Smart Router can run as a virtual network function (VNF) using VirtIO and SRIOV network virtualization technologies on the following NFX Series platforms:
|NFX 150||4C VNF||VirtIO||1170 Mb/s||200 Mb/s|
|4C VNF||SRIOV||1800 Mb/s||210 Mb/s|
|NFX 250||4C VNF||SRIOV||4000 Mb/s||370 Mb/s|
|NFX 350||4C VNF||SRIOV||4500 Mb/s||460 Mb/s|
|8C VNF||SRIOV||4500 Mb/s||1710 Mb/s|
Public Cloud Providers
The Session Smart Router can run as an instance on Amazon Web Services (AWS) and Microsoft Azure.
Platform Options for the Session Smart Conductor
Juniper Certified White-Box Platforms
The Session Smart Conductor can run on bare metal. The recommended hardware sizing depends on the number of Session Smart Routers managed by the Session Smart Conductor.
|Deployment||Number of Managed Routers||Recommended hardware|
|Bare Metal||1-20||2C XEON/8GB RAM|
|20-50||4C XEON/8GB RAM|
|50-200||8C XEON/16GB RAM|
|200-1000||12C XEON/32GB RAM|
|1000-2000||16C XEON/64GB RAM|
The Session Smart Conductor can run on all major public cloud providers: AWS, Google Cloud, and Azure.
Juniper Service and Support
Juniper ensures operational excellence by optimizing the network to maintain required levels of performance, reliability, and availability. For more details, please visit www.juniper.net.
About Juniper Networks
At Juniper Networks, we are dedicated to dramatically simplifying network operations and driving superior experiences for end users. Our solutions deliver industry-leading insight, automation, security and AI to drive real business results. We believe that powering connections will bring us closer together while empowering us all to solve the world’s greatest challenges of well-being, sustainability and equality.
1000703 - 003 - EN DEC 2021