Hybrid cloud: What it is, why it matters

The cloud enables companies to offload their back-end architecture into remote, virtual environments. Besides freeing up physical space that would otherwise be used to house server racks, the cloud allows organizations to hand off the responsibilities of setting up, hosting, and scaling back-end architecture to third parties like Amazon Web Services (AWS), Google Cloud, Microsoft Azure, Heroku, Rackspace, Cloudstack, and others. If you’re a brand new startup, this means you can forego the time and expense of setting up a traditional data center. If you’re an established enterprise, it gives you an opportunity to streamline your fragmented and siloed data operations so that your onsite computing power can be devoted to mission-critical problems.

That said, for all its benefits, the cloud isn’t for everyone. The convenience of the public cloud comes with costs, including a reduction in data security and increased latency. For many organizations, particularly those in regulated industries, like finance, or those that require high-performance, low-latency connections for certain functions, the public cloud isn’t a viable option. Many of these organizations have switched to private clouds, which allow them to enjoy some of the benefits of cloud computing without compromising security or performance.

Increasingly, organizations like these are looking to a third option: the hybrid cloud. In this article, we’ll explore what hybrid cloud solutions entail, how they compare to the public cloud, and who you need to set one up.
CLOUD COMPUTING REFRESHER
If you’ve ever used Dropbox for storage, Salesforce for CRM, ADP for payroll, or Gmail for communication, then you’ve used a cloud service (also known as a web service). What ties these different services together is that they don’t require the installation of software (though some services might have standalone apps). Rather than storing data on your own servers and running applications using your own resources, you access cloud services over the internet. The service providers are responsible for building specialized data centers that support their particular service for their clients.

While the above examples are generally considered examples of software-as-a-service (SaaS), there are other cloud services that replace many of the functions of a traditional data center. Amazon Web Services (AWS) is considered an example of infrastructure-as-a-service (IaaS), offering virtual access to storage, computing, scaling, and backup solutions. Additionally, platform-as-a-service (PaaS) providers supply a dev environment, server, and database. What all these cloud services have in common is that they fulfill roles traditionally handled by an on-site data center.

What if your business needs prevent you from using the public cloud? In these cases, many companies opt to create their own private clouds, implemented and managed by their IT departments. These private clouds are fire-walled behind the company’s network, meaning that sensitive information isn’t stored on the public internet.
What Is the Hybrid Cloud?
At its most basic, a hybrid cloud joins together a public and private cloud with an encrypted connection and technology that makes data portable. The key here is that both clouds remain separate, independent entities while also having one or more touch points in common. A hybrid cloud is not the same as simply relying on cloud services for some functions and a private cloud for others.

For some organizations, a hybrid cloud represents an intermediary step between their old on-site data storage and processing setups and transitioning entirely to the public cloud. For others, hybrid cloud solutions enable them to leverage the scalability of cloud computing while maintaining the integrity of their data and ensuring compliance with regulatory mandates and compliance standards.
Architecture of Microsoft hybrid cloud scenarios
Figure 1 shows the Microsoft hybrid cloud stack and its layer, which include on-premises, network, Identity, apps and scenarios, and the category of cloud service (Microsoft SaaS, Azure PaaS, and Azure PaaS).

The Apps and scenarios layer contains the specific hybrid cloud scenarios that are detailed in the additional articles of this model. The Identity, Network, and On-premises layers can be common to the categories of cloud service (SaaS, PaaS, or PaaS).

On-premises
On-premises infrastructure for hybrid scenarios can include servers for SharePoint, Exchange, Skype for Business, and line of business applications. It can also include data stores (databases, lists, files). Without ExpressRoute connections, access to the on-premises data stores must be allowed through a reverse proxy or by making the server or data accessible on your DMZ or extranet.
Network
There are two choices for connectivity to Microsoft cloud platforms and services: your existing Internet pipe and ExpressRoute. Use an ExpressRoute connection if predictable performance is important. You can use one ExpressRoute connection to connect directly to Microsoft SaaS services (Office 365 and Dynamics 365), Azure PaaS services, and Azure PaaS services.
Identity
For cloud identity infrastructure, there are two ways to go, depending on the Microsoft cloud platform. For SaaS and Azure PaaS, integrate your on-premises identity infrastructure with Azure AD or federate with your on-premises identity infrastructure or third-party identity providers. For VMs running in Azure, you can extend your on-premises identity infrastructure, such as Windows Server AD, to the virtual networks (VNets) where your VMs reside.
WHY GO HYBRID?
Now that we’ve covered what the hybrid cloud is, what are its advantages?

Flexibility. The main reason organizations adopt the hybrid cloud approach is that it gives them maximum flexibility to explore new products and business models. If your business needs are continually changing, your development team can benefit from having a private environment on which to build and test new software without having to dramatically rearrange your IT resources and architecture.
Security. Protected, confidential, and sensitive information can be stored on a private cloud while still leveraging resources of the public cloud to run apps that rely on that data. This is especially important for businesses that store sensitive data for their customers. (Think health care providers and payroll processors, for example.)
Stability. Even the biggest and most reliable cloud service providers have downtime. By keeping certain functions accessible and on-site, organizations insulate themselves from network failures. Another concern (currently hypothetical) involves the erosion of net neutrality, which could lead some ISPs to throttle speeds for certain traffic-intensive sites and services. For services that require an extremely high degree of availability (like social networks), ensuring stability is a major consideration.
Reduced latency. For certain high-speed functions, it’s impractical to run apps in the public cloud. Keeping some processing jobs on-site allows businesses to allocate their computing resources more effectively. Financial firms that handle high-volume trades and businesses that rely on real-time analytics are two examples of organizations that could benefit from keeping certain functions on a private cloud.
Cost effectiveness. As IT’s role has grown, so too have the demands placed on the data center. When data centers are forced to do too many things, efficiency suffers. You could invest money in upgrading your computing or storage, but why not offload the non-essential tasks onto a cloud-storage system? That way, you can dedicate your on-site resources to your most important tasks.
GETTING YOUR CLOUDS TO COMMUNICATE
The main feature of hybrid cloud environments is that applications and services that operate across different systems have to be able to exchange data. Each of these systems may have its own rules about how data can be stored and moved, based on business rules, regulatory mandates, and technical specifications. In order to achieve the efficiencies and savings of the hybrid cloud, these different workloads—which can include daily batch processes, real-time transactions, high-performance analysis, and more—need to behave as if they’re part of a single, unified system.

One of the best ways to integrate different cloud environments is via APIs. APIs allow a piece of software to connect with another piece of software without needing to access the underlying code. It does this via abstraction, presenting just the rules and interfaces needed to connect to the service. For hybrid cloud environments, abstraction provides another key advantage: It controls exactly what parts of your system are visible to outside developers. This way, you can protect the integrity of sensitive data on your private cloud while still allowing web services to access it as necessary.

All the major cloud service providers supply their own APIs to allow their customers to build workloads that take advantage of cloud storage and computing services. However, these APIs may require substantial programming in order to get them working with your system, and in the case where you’re using multiple cloud services, you should expect competing cloud APIs to be incompatible. Services like RightScale, Scalr, IBM WebSphere Cast Iron, and Morpheus provide a further layer of abstraction via templates and management tools that finesse these different APIs in order to integrate workloads.
SOME EXAMPLES OF HYBRID CLOUD ENVIRONMENTS
No two hybrid cloud setups are the same. Here are a few ways different organizations can take advantage of the hybrid cloud.

An e-commerce site relies on Salesforce in the public cloud to manage its customer relationship management (CRM) functions while also using a private cloud to test and build new analytics products based on that data.
A parts manufacturer relies on a private cloud to collect and analyze billions of points of data coming in from IoT sensors but also needs to enable customers on the public cloud to see real-time order-status updates that depend on that sensor data.
A major health care provider needs the ability to compartmentalize patient data in compliance with HIPAA while also enabling patients the ability to access some of their information through the provider’s web app.
A video-streaming service does not have the computing power on-site to handle weekend binge-watching. During these high-traffic periods, the company can “burst” some of their processes onto a public cloud service to ensure availability even as their traffic spikes.
THINGS TO CONSIDER WHEN MOVING TO A HYBRID CLOUD
Moving to a hybrid cloud can save money and make your organization more efficient and agile. That said, changing your IT infrastructure can be a complex and expensive undertaking. Before moving to a hybrid cloud, you should carefully weigh your options and make sure you have the personnel, resources, and time to make the switch.

Setup and customization. Who’s responsible for making sure that your web services are properly connected to your in-house operations? Integration can be a tricky and time-consuming process, so make sure you’ve allocated time for customization and testing.
Data transfer. Organizations should expect to incur a fee when moving their data onto the cloud, especially if there are large amounts of it.
Management. How will you manage your hybrid cloud environment? Especially when your workloads are abstracted from the hardware they run on, it’s critical to make sure that resources are efficiently assigned based on business needs and availability. Modeling out your workloads should give you some sense of how much CPU, disk, and memory resources are needed.
Storage and maintenance. Think carefully about how your data could grow. Are you a Big Data company that needs an extremely scalable storage solution? Or do you just need access to resources during peak times?
Compliance. If you’re in a regulated industry or handle sensitive data regularly, you’ll probably want to audit your cloud service to make sure it meets your specific needs.
Workloads. There are many different types of workloads, some of which are better suited to the cloud than others. Are you running batch workloads that can run in the background or overnight over the public cloud? Or do you need high-powered real-time analytics workloads that require all the computing power in your data center? The answer will help inform how you set up and manage your hybrid cloud.
Load balancing. In distributed computing environments, load balancing ensures that no single machine gets overwhelmed with requests. Typically, the load balancer sits in front of the servers and uses an algorithm to distribute workloads efficiently.

Predicting the Unpredictable

What does the future hold for cyber security?

Cat and mouse. Tit for tat. In cyber security it seems that for every head we cut off, new ones take their place. To understand how this hydra might evolve, we welcomed a panel of some of the leading security thinkers to gaze into the not so distant future. At Symantec’s Crystal Ball event I was joined by a government official, a sociologist, a business leader and a threat insider to see the direction of travel and how we should arm ourselves for tomorrow’s threats.
One point was unanimous; major threats are coming our way, but each had their own take on how the picture will evolve in coming years, and how we could protect ourselves against these threats. Here are some of the insights.

WannaCry was only the tip of the iceberg

One of the most striking predictions to come out of the event was the fact that the UK will inevitably be hit by a cyber incident of massive proportions – even greater than WannaCry - and worst of all, that it will turn out that it was entirely preventable.
According to Ian Levy, Technical Director at the National Cyber Security Centre, government and industry must come together to prevent this. It’s only through sharing data and collaboration that we can build the defences able to withstand these inevitable ‘category one’ threats.
Critically, Ian pointed out that for all too long we’ve treated people as part of the problem. In the future, this will have serious consequences.

The rise of mass social engineering

Social engineering attacks will gain momentum over the next few years. And they won’t strictly target citizens anymore. Corporations, markets and high-profile individuals will all fall victim, according to Dr Jessica Barker, sociologist and Co-Founder of Redacted Firm.
Geopolitical tensions and a more connected society will create a perfect storm where society becomes more vulnerable. Fake news will be part of the problem but it won’t be the whole story – at least in its current form. There will be a wider threat as we continue to trust our networks and take in information from a variety of online sources blindly. Social engineering on a mass scale will influence markets, reshape the political agenda and influence consumer behaviours.
Education will be key. We all have a collective responsibility to encourage critical thinking in the face of this threat.

AI will call the shots but at what price?

Artificial intelligence (AI) and automation will make businesses more productive and is already being implemented. But if businesses don’t know where the kill switch is from the outset, or ready their artificial intelligences for malicious attacks, it could cause major problems further down the line. Graeme K Hackland, CIO at Williams F1 Team discussed the risks of handing over too much power to automated systems.
We’re currently used to having humans make the decisions in our businesses and we’re used to being able to raise the flag and course correct if we see that something is going wrong. ‘black box’ AI or Machine Learning, where data goes in and actions take place or conclusions come out could cause significant problems. Without having insight into the process, it will become increasingly difficult for businesses to identify if data or systems have been tampered with. A hacker could gain access to an AI, or the systems that feed it. Whether changing data, inputs, sources or confusing hard coded and learned rules, attacks could bring businesses to a standstill.

What happens when hackers get their hands on AI?

Automation was also front of mind for Peter Wood, Chief Executive Officer at First Base Technologies. In his work, he can see how hackers are already beginning to make use of automation within the cyber kill chain. As this use expands, hackers will be able to automate all the different stages of an attack. Worst of all, they will be able to commoditise the automated attacks as a service, and carry out increasingly clever attacks faster than ever before. So what happens when machine learning and AI becomes accessible to hackers in the very same way? Adaptive malware, AI social engineers – hacking will become far more efficient and effective.

Power to the people

Fortunately, cyber defence is rapidly evolving and currently the good guys are way ahead on the AI and ML curve. But technology and investment alone will not be enough for us to defeat these attacks. Just as we know the hydra will grow new heads, we know attackers are never far behind industry innovations. New systems will combine both technology and behavioural understanding to help find the solution to these challenges.
Think about it like neighbourhood watch. The more people that are in it, the more eyes on the street and consequently, the safer you are. if we ask users the right questions, we could – at scale – prevent attacks before they even occur.
But people need to be engaged the right away. For too long, we’ve been dragging employees kicking and screaming into becoming cyber experts when they quite simply don’t care. We have to change this approach, and that has as much to do with psychology as it does with the technical resources that we give users. Get this right, and we’ll be better placed to face the challenges of tomorrow.

Darren Thomson

Darren Thomson, CTO and VP of Technology, EMEA

   

New Cybersecurity Platform Enhancements Enable Automated, Adaptive and Simplified Threat Response

Automated. Adaptive. Simplified. Isn’t that what a cybersecurity solution should be? We know that the number one priority for security teams today is detecting and stopping advanced attacks before they cause major damage. Bad actors are operating with increased organizational efficiency and a seemingly bottomless pit of financial backing, not to mention they are constantly turning up the level of technological innovation they use to carry out their exploits. This week we saw that a Russian-Ukrainian organized crime gang in Spain that has collected more than $1.2B with malware that hacked ATMs to spit out money on command. These criminals were investigated and apprehended by Spanish police, Europol and the FBI, as these nefarious activities are large scale, requiring international responses.

We Are Still in an Arms Race
We have encryption, they have encryption. We have automation, they have automation. We have AI, they have AI. They have sophisticated platforms to deliver their payloads … and now we have a unified cybersecurity platform, which is powered by Software-Defined Secure Networks (SDSN), that not only responds to, but helps organizations stay ahead of these attacks. This platform delivers defense across diverse environments and is designed from the ground up to adapt to changing threat conditions.

Not Enough Good Guys
While keeping up with cyber crime is a top concern, we also know that there are not enough of the good guys – the security professionals that are on the front lines day in and day out. These men and women are constantly overloaded with meaningless alerts and struggling with disparate tools that don’t play well with each other. Recently, we sat down with security teams in the US and Europe and heard directly from them about how hungry they are for unification of tools, simplification of manual processes and adaptability of threat detection. They want to protect cloud workloads and hybrid environments dynamically and consistently, and are waiting for the day when they can feel confident that their security architecture is acting as a unified force for good.

Unified Cybersecurity Platform
Juniper Networks is rolling out key portfolio enhancements to help customers fortify their security posture with a platform that is open for integration and fueled by automation. These enhancements will empower organizations to protect themselves from fast-moving threats and rapidly adapt to cyber crime tactics. For security teams tasked with finding the proverbial needle in the haystack, this means less hay and more needles – these teams will be hunting down real threats in near-real time, not wading through a sea of false positives.

With a unique timeline view of threat behavior that is integrated with inline blocking, the is now integrated with our SRX Series Next-Generation Firewalls. This integration delivers fast, proactive defense against known and unknown threats and enables security teams to mitigate threats with just one touch.


JATP is further enhanced by joining it with Security Director Policy
Enforcer’s security fabric for truly orchestrated remediation. Adaptive malware detection triggers automated policy enforcement for increased protection across networks and cloud environments.
Extended protection for cloud workloads is now possible with Security Director and Amazon Web Services (AWS) working together to fortify AWS Virtual Private Clouds (VPCs).

Our cloud-delivered anti-malware service, Sky Advanced Threat Prevention (Sky ATP), has expanded its footprint of regional data centers to include not only US and EMEA, but APAC and Canada as well. With these local data centers, customers may experience lower latency and be better able to comply with local data regulations.

Delivering a Multicloud-Ready Data Center

Delivering a multicloud-ready data center

In the enterprise, there isn’t a hotter battlefield for new technology than the data center. It sits at the center of cloud, so it is a natural point of emphasis in virtually every enterprise networking strategy. It garners a big portion of total enterprise networking spend, so it is an area of importance to virtually every networking vendor. And it is ultimately the place-in-network (PIN) on top of which most applications run, so it is a target for many technological innovations.

So how can it be that so many people get the data center discussion wrong?

The data center requires more than just the data center
It’s somewhat paradoxical, but the data center discussion is partly wrong because it’s always about the data center.

The majority of technological changes in this space are happening because of the cloud. More precisely, it’s multicloud. And as workloads move to the cloud—both private and public—for enterprises to take full advantage of the cloud promise, they have to have end-to-end security and automation. This means that while the data center is central, it’s merely necessary, but not sufficient. The constructs that get deployed in the data center must extend out to the cloud on-ramps that exist closer to the user in either the campus or the branch.

But while this seems like a non-data center point to make, it places an important constraint around data center design: whatever is good enough for the data center must also be available in the other PINs that make up the full end-to-end multicloud experience.

Data center networking requires more than just networking
Let’s face it: connectivity is table stakes. Simply connecting pools of resources together and calling it a day is not the best way to start. There was a whole wave of innovation predicated on the notion that the application was central to the entire world. It spawned new architectural proclamations and a whole set of acronyms just to describe it.

But the applications aren’t the center of the IT universe—the data is. And this means that merely connecting application components is only a prerequisite. Security has to be included as a top-tier consideration in any multicloud architecture.

The line between networking and security isn’t even blurring anymore. It’s gone. It’s why every multicloud discussion needs to include security. Without it, the strategy is incomplete.

Data center devices require more than just the device
While the majority of data center discussions still start with the number of ports, they all end with software. In the data center networking space, if the devices are the lock, then the software is the key.

But that key is not just the network operating system. Multicloud only works if security and automation extend across all the PINs in the network, which means there has to be an overarching software layer that facilitates policy management and easily extends visibility and operational domains beyond the boundaries of the data center.

Of course, this places requirements on the data center devices themselves, as they must fit into this enterprise-wide fabric. Streaming telemetry, programmatic interfaces and integration into event-driven automation and DevOps frameworks are not just nice to have—they’re critical.

 Data center portfolios require more than just a portfolio
For enterprises of even moderate size, a single vendor simply cannot be an option. Minimally, it places an unnecessary restriction on the sources of innovation. Perhaps more insidiously, it removes any economic levers that a company might need to ensure the data center remains cost-effective in a time when growth is geometric and budgets are flat.

This means that the protocols and technologies that drive the data center must be open and easily interoperable. This is why technologies like EVPN-VXLAN are so critical. They ensure that the data center remains a hospitable place for all innovation, regardless of its origins.

Delivering a multicloud-ready data center
Understanding that the multicloud data center must 1) integrate with the campus and branch, 2) must include both networking and security, 3) must have multi-domain security and policy constructs and 4) has to all be built on open technology, Juniper Networks is focused on helping ensure that enterprises are multicloud-ready. In the data center, Juniper’s solution includes:

• QFX10002-60C—This scalable data center switch can be used as a spine or edge device or for data center interconnect (DCI) making it a true “universal switch”. It features 60 100GbE deep-buffer interfaces in a compact 2RU form factor.

• QFX5210-64C—This 64x100GbE port data center lean spine switch offers low power consumption and high density in a compact 2RU form factor.

• QFX5200-48Y—This data center top-of-rack switch features 48 native 25GbE interfaces with 100GbE uplinks to provide a seamless transition for enterprises migrating from 10GbE to 25GbE NICs. 

• QFX MACsec line card—This MACsec line card addition to the QFX10k modular switches provides 30-port 100GbE connectivity for encrypted traffic in and between data centers. 

 The entire data center portfolio runs Junos software, which means that the streaming telemetry, programmatic interfaces and tooling integrations required to support automated operations are commonly available. Just as important, these automation capabilities are the very same that exist across Juniper’s security portfolio and the other PINs, allowing enterprises to bridge operational practices end-to-end in support of a true multicloud architecture.

Junos software also extends Juniper’s industry-leading EVPN-VXLAN implementation across the entire data center. The multicloud will undoubtedly be multi-vendor, and Juniper’s commitment to industry standards means that being multicloud-ready doesn’t come with unnecessary constraints. In fact, EVPN simplifies insertion, as it guarantees interoperability with competitor switches so that evolution doesn’t have to mean throwing away existing assets.




Migrating to multicloud
Multicloud isn’t a one-step proposition for anyone. Enterprises don’t have the budget or resources to make chasm-crossing changes in one effort. The key is intercepting natural refresh or expansion projects and then using the normal course of business to become multicloud-ready.

Juniper Networks believes this evolution begins with extending security and automation across all PINs, which places a new set of architectural considerations on the data center. By delivering more than just a data center, more than just a router or switch, more than just the hardware, and more than just a Juniper-only architecture, Juniper is ensuring that all enterprises can take a meaningful step towards a multicloud future.

Juniper Networks Named as a Leader in Data Center Hardware Platforms for SDN by Independent Research Firm

During a time of enterprise IT disruption when cloud and multicloud are changing the way enterprises must approach their networking architecture, Forrester has named Juniper Networks as one of the leaders in its recent report, The Forrester Wave™: Hardware Platforms for Software-Defined Networking, Q1 2018.

An Era of Uncertainty Demands a Flexible Networking Platform
It’s difficult to navigate transitions during the best of times. But when the market is fragmented and the technology landscape is confusing, plotting out a successful course forward can be extremely time consuming and confounding.

It’s not surprising that Forrester highlights these challenges in their latest Forrester Wave report. Here’s what can be learned from their research findings:

• There is not one path forward. Even amongst the most advanced companies anywhere in the world, there is no consensus on the approach or technology that will carry the industry forward. The major cloud and XaaS players, including Facebook, Google and other tier-1 cloud platforms, have different technological theses behind their plans. When the future is uncertain, flexibility is more important than ever.
• Uncertainty leads to confusion. It’s somewhat expected that an unclear future leads to confusion in the marketplace as the industry wields buzzwords with impunity. The proliferation of basic definitions makes it even harder for enterprises to make sense of the technology landscape.
• Not everyone is charging forward. During times of disruption, some companies will play defense, using the confusion to protect an incumbent base. Incrementalist thinking protects installed bases, but at the expense of progress.
• Incumbency is losing its grip. Innovative companies are breaking away from incumbent approaches. Technology-forward companies are demonstrating that while the adage “no one ever got fired for buying [x]” might be a good defensive position, it does nothing to ensure a stronger future.
• The future requires both hardware and software. While it’s common to hear the refrain software is eating the world, the future requires a combination of both hardware and software. Overlays are important, and they need to be paired with underlying infrastructure capable of delivering against the software-defined promise.
• Overlays may not solve every challenge. According to Forrester: “Tunneling and encapsulation technology have helped overcome some challenges with SDN, SDWAN, virtualizing the network and virtual machine (VM) movement. Overlay technology can go only so far. Ultimately, SDN must manipulate the network’s physical infrastructure, especially because many of today’s enterprise data center servers remain on bare metal and are therefore unable to use [some] SDN overlays.”

The real punchline here is that times are changing, and this demands a different way of thinking about the network. And a different way favors the bold: both on the enterprise customer side and the vendor side.

The Evolution of Open and Programmable Data Center Networking Hardware
The changing technology climate is forcing an evolution within the market. According to the report, the market for data center hardware platforms for SDN is growing because more Infrastructure & Operations professionals see these platforms as a way to address their top challenges. Importantly, that evolution requires a recommitment of sorts to open and programmable networking hardware.

The most important takeaways from the report are:

• The future is a journey. It’s not just that companies have different objectives, but they also have different paths to get there. Solutions will need to be suitably open to accommodate the path forward and enterprises will need to ensure they are always keeping their options open. Enterprises will need to consider how they evolve not just their products, but also their people and processes.
• Networks will be businesswide. It simply will not be the case that a data center will be bounded by four walls. Workloads will span physical and virtual environments in both public and private clouds. This puts an emphasis on end-to-end monitoring, orchestration and automation.
• Automation and programmability will be key. As the network becomes more dynamic and multi-domain, abstraction and automation will command skills in programming. The operational architecture will necessarily include a diverse set of tools, which will mean that networking equipment will need to support a broad range of integrations and capabilities.
• Risk needs to be balanced. Perhaps most importantly, because of the uncertainty, companies need to manage risk by choosing flexibility at every step of the journey. Forrester points out that platforms should be open and flexible to maximize functionality and interoperability.

Forrester’s Five Tenets of Virtual Networking Infrastructure (VNI)
Forrester five tenets are:


Juniper as a Leader in Data Center Hardware platforms for SDN
Forrester evaluated the strengths and weaknesses of top vendors in this category. In this evaluation, Juniper joins a list of nine vendors.

Built on a mix of general CPU, merchant silicon and custom silicon, Juniper allows companies to select a form factor that fits the economics and physics that their business demands. Whether it is the flagship Juniper Networks® QFX Series Switches in a private cloud or a virtual router in a public cloud, enterprises can leverage a common operating system to simplify enterprise networking. Junos has been purpose-built to support telemetry and programmability, both of which are prerequisites for a highly automated infrastructure.

Additionally, Juniper has developed an open orchestration platform in the Juniper® Contrail® Enterprise Multicloud to facilitate multi-domain policy management with end-to-end visibility. Juniper’s approach allows workloads to run wherever they need to satisfy economic or experience requirements. In a future where multi-tenant access across a distributed enterprise is key, Juniper is delivering a solution that is both open and flexible.

And perhaps most critical, Juniper’s common OS and orchestration layer extends beyond the data center, allowing IT teams to leverage a seamless multicloud architecture that stretches from the campus or branch to both the private and public cloud—all built in a way that supports an open, multi-vendor ecosystem.

Juniper believes that policy and security should be managed in the same way, regardless of whether the underlying resource is bare metal or virtual, underlay or overlay, running on merchant silicon or custom silicon, on-premises or off-premises, in a public cloud or a private cloud and even Juniper or non-Juniper.