Network complexity is growing exponentially. Traffic levels continue to rise thanks to the proliferation of mobile and Internet of Things (IoT) devices being connected to enterprise networks. As a result, management operational costs are also on the rise, placing a tremendous burden on a company’s bottom line.
Abstracting, simplifying, and hiding this complexity is the first step towards realizing Juniper’s bold vision of autonomous networking: the Self-Driving Network™.
Juniper Sky™ Enterprise cloud management service provides centralized visibility into and control over the entire enterprise network through a simple, secure Web portal for managing security and switching devices.
Juniper Sky Enterprise is a cloud-based management portal designed to abstract, simplify, and hide network complexity from branch and campus customers. Distributed enterprises have traditionally run management software on their own IT infrastructure, a process that required long planning cycles, careful pre-staging of devices, onsite IT staff at branch locations during deployment, and ongoing management, all of which contributed to prohibitively high installation and maintenance costs. With Juniper Sky Enterprise, customers no longer need to purchase, install, and maintain servers and management software in their own environment, allowing enterprises to scale capacity up or down based on existing business demands. Juniper Sky Enterprise, which is updated regularly with the latest secure software and features, enables the network to be managed centrally with minimal input from IT, allowing staff to focus on core business activities, and ultimately realize significant CapEx and OpEx savings.
Juniper Sky Enterprise greatly simplifies network operations by automating time-consuming tasks such as pre-staging or applying configurations. New managed devices are automatically and securely onboarded and constantly monitored to ensure the network is operating at the highest possible performance levels.
Juniper Sky Enterprise can co-exist and operate in parallel with other management systems. Experienced IT staff can use Juniper Sky Enterprise to configure advanced Juniper Networks® Junos® operating system features.
Juniper Sky Enterprise provides a secure cloud management portal for Juniper Networks SRX Series Services Gateways, NFX Series Network Services Platforms, QFX Series Data Center Switches, and EX Series Ethernet Switches and includes 24/7 global support.
Juniper devices call home to Sky Enterprise, so no firewall changes are required to establish secure API communications.
Features and Benefits
Juniper Sky Enterprise offers a number of valuable benefits, including:
- Simple, centralized management reduces reliance on skilled resources.
- Network moves, additions, changes, and deletions are dramatically simplified and accelerated.
- Cloud-based zero-touch provisioning (ZTP) eliminates the need for expensive truck rolls.
- Centralized visibility and control for all network devices.
- Operational costs are reduced and customer service is improved.
- Junos upgrades are effortless, with new images delivered directly from Juniper.
- Quick setup requires no Junos OS skills.
- Global networks can be managed from anywhere using just a browser
- Provides CLI access to Junos devices directly from the portal.
Architecture and Key Components
Juniper Sky Enterprise Cloud Architecture
Running in an elastic, multitenant, secure, and reliable cloud infrastructure, Juniper Sky Enterprise leverages geographically dispersed SSAE16 SOC-1/2/3-compliant data centers to deliver best-in-class reliability. The highest levels of physical and infrastructure security ensure that data is kept private—no user traffic passes through the Juniper Sky Enterprise system.
Simplified Setup and Installation
Juniper Sky Enterprise can be added to a network quickly, without the need for professional services. Then, using cloud-based ZTP, branch devices can be deployed easily, eliminating the need for costly truck rolls. Customers can also replace devices under warranty (RMA) using the same process, detailed below and shown in Figure 3.
1) A new device is delivered directly to the site.
2) The device is powered on and phones home to Juniper Sky Enterprise.
3) The device requests configuration authorization from the network administrator for added security.
4) The production configuration is applied to device and the device is deployed.
Juniper Sky Enterprise supports the following production configuration features and functionality:
- ZTP deployment and standard published templates
- Single button “actions” for common remediation tasks such as Set Rescue Configuration
- Bulk updates for configuring multiple devices at once
- Commit compare and rollback
- Junos upgrades with images delivered directly from Juniper
- Configuration change, audit, and backup
Cyber Threat Visibility and Protection
Juniper Sky Enterprise includes detailed reporting capabilities for advanced SRX Series Services Gateways functions like AppSecure , unified threat management (UTM), and Juniper Sky Advanced Threat Prevention. To help users get the most value from these advanced features, Juniper Sky Enterprise provides detailed insights into the threats and risks that SRX Series devices have detected and mitigated.
Sky Enterprise’s Application and Network Risk (ANR) Reports are presented in a clear, colorful, and simple format using charts and tables. These make it easy for administrators to understand the business risks present in their network; and, they demonstrate the value that the SRX Series gateway delivers to critical business infrastructure.
Security Policy Rule Configuration
Users can view all configured security policies and zones through a clean interface. Network Address Translation (NAT) source and destination policy rule sets can be made in one simple action.
Juniper Sky Enterprise supports the following security configuration features and functionality:
- Security policies, zones, NAT, intrusion detection and protection (IDP), and UTM
- IPsec VPN creation and monitoring
- Application steering using advanced policy-based routing (APBR) to optimized business performance
- Real-time performance monitoring (RPM) with automated link failover
- Dynamic Host Configuration Protocol (DHCP) management and static routes
- Security feeds that enable device subscription to dynamic lists (such as AWS and Office365 infrastructure lists)
Switch Infrastructure Management
Juniper Sky Enterprise provides a simple interface for configuring and managing switches, VLANs, and routes, as well as for monitoring switch resources and capacity. Juniper Sky Enterprise also provides full access to Power over Ethernet (PoE) switch settings, including enabling and disabling PoE on individual ports, configuring PoE priority, and monitoring PoE-connected devices. Juniper Sky Enterprise also recognizes and displays EX Series switches deployed in a Virtual Chassis configuration, which allows interconnected platforms to operate as a single, logical device.
Juniper Sky Enterprise supports the following switch infrastructure configuration management features and functionality:
- Ability to view, search, and edit all interfaces, including Ethernet switch, Link Layer Discovery Protocol (LLDP) neighbor, and Address Resolution Protocol (ARP) tables
- Ability to create and edit VLANs and ranges, as well as aggregate Ethernet interfaces (link aggregation group)
- Spanning Tree Protocol management
- PoE visibility and configuration
Cloud-Based Junos Software Image Upgrades
Juniper Sky Enterprise streamlines the Junos image upgrade process using only a browser. Simply select a target device from the dashboard, select the Junos image version you want to upgrade to, and click “Upgrade.” Sky Enterprise delivers the image directly from Juniper, making the process fast and efficient.
Monitoring and Reporting
Juniper Sky Enterprise offers real-time visibility into key metrics for Juniper devices, highlighting performance trends and potential security issues on the network. Advanced SRX Series reporting for AppSecure, UTM, and Juniper ATP Cloud provide granular insights into applications and threats.
Juniper Sky Enterprise supports the following monitoring and reporting features and functionality:
- PoE monitoring
- Real-time topology views
- License tracking and updating
- System alarms and SMTP device availability alerting
- Site location visualization
- Ethernet switch tables, LLDP neighbor tables, and ARP tables
- Device performance trends
- SRX Wi-Fi mPIM access point visibility, including client details
- Visibility into Mist Wi-Fi access points using simple API integration
- Diagnostic tools including ping and traceroute
- Detailed asset reports available for download on demand
- Per-interface application usage reporting
- Real-time performance graphs
- Tags for categorizing and grouping devices
SRX Series Wi-Fi mPIM Management
Juniper Sky Enterprise supports the configuration and management of the SRX Wi-Fi mPIM access point cards. Adding Wi-Fi to Juniper Networks SRX Series Services Gateways creates a powerful branch-in-a-box solution, ideal for small offices and pop-up service locations.
|Juniper Supported Platforms||Junos Releases|
|EX Series Ethernet Switches||17.x and later, 15.x, 14.x, 13.x, 12.x|
|SRX Series and vSRX Virtual Services Gateways||18.1 and later, 17.3, 15.1X49, 12.3X48, 12.1X47, 12.1X46, 12.1X45 12.1X44|
|NFX Series Network Services Platforms||18.2, 15.1x|
|QFX Series Ethernet Switches||14.1x and later|
Juniper Networks Service and Support
Juniper Networks is the leader in performance-enabling services that are designed to accelerate, extend, and optimize your high-performance network. Our services allow you to maximize operational efficiency while reducing costs and minimizing risk, achieving a faster time to value for your network. Juniper Networks ensures operational excellence by optimizing the network to maintain required levels of performance, reliability, and availability. For more details, please visit www.juniper.net/us/en/products-services/network-management/skyenterprise.
|1 Licensing is per device. Other hardware platforms may be supported. Refer to support documentation|
|Small Site (Group A)|
|- EX2200, EX2300, EX3300, EX3400
- SRX100/110/210/220; SRX300/320; vSRX
|1 year subscription: SKY-ENT-GROUPA-1YR
3 year subscription: SKY-ENT-GROUPA-3YR
5 year subscription: SKY-ENT-GROUPA-5YR
|Medium Site (Group B)|
|- All Group A devices
- EX4200, EX4300
- SRX240, SRX340/45, SRX550/550M, SRX380
- NFX150, NFX250
|1 year subscription: SKY-ENT-GROUPB-1YR
3 year subscription: SKY-ENT-GROUPB-3YR
5 year subscription: SKY-ENT-GROUPB-5YR
|Campus (Group C)|
|- All Group A and Group B devices
- EX4550, EX4600, EX9200, QFX5000 line, QFX10000 line
- SRX650, SRX1500, SRX4100/4200, SRX5400/5600/5800
|1 year subscription: SKY-ENT-GROUPC-1YR
3 year subscription: SKY-ENT-GROUPC-3YR
5 year subscription: SKY-ENT-GROUPC-5YR
About Juniper Networks
Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. The company serves customers and partners worldwide. Additional information can be found at www.juniper.net.