Juniper Networks' J-series
The Juniper routers offer compelling advantages over their Cisco counterparts, but their drawbacks must also be considered.
July 28, 2004
It's that time of the year again -- time again for the Juniper dream. You know, the one that pits Juniper Networks as the enterprise savior offering a credible, enterprise-wide alternative to Cisco Systems. Only this time, there's good reason such fantasies could come true. Juniper's acquisition of NetScreen in April gave the routing giant a competitive enterprise-based security offering. Moreover, Juniper was expected to release in June its first suite of enterprise routers (access routers to be exact, but enterprise routers nonetheless) and what it claims is the first commercial-grade DSL firewall.
While both offerings have a decidedly enterprise focus, the reality is that they're more likely aimed at the service provider market. Here, they'll serve as a platform for Juniper's Infranet Initiative, the company's plan for an uber-Internet in the enterprise that will combine the Internet's reach with the predictability and security of a private network.
The new routers may fit in well with largely Juniper networks, the choice isn't so obvious where there's a mix of routing platforms. The Juniper routers offer some compelling advantages over their Cisco counterparts, but their drawbacks must also be considered. The lack of integrated application support (for VoIP, for example) may run against Juniper's whole thrust of enabling service providers to drop-ship a single device that supplies all of a remote office's WAN connectivity requirements.
THE LINEUP
Juniper added three edge routers to fill a critical niche in its enterprise portfolio, labeling them under the J-series moniker. The J2300 is aimed at small offices, the J4300 at small-to-medium-sized offices, and the J6300 at large remote sites. The boxes are equipped with two 10/100Mbit/sec ports and between 4 and 90Mbits/sec of uplink capacity. Pricing ranges from $2,000 for the J2300 to $10,000 for the J6300.Juniper also released the NetScreen-5GT ADSL, the first NetScreen product since it was acquired. The 5GT is a security appliance that offers a stateful inspection firewall implementing Deep Packet Inspection (DPI), a VPN running IPSec support, and anti-virus protection. Juniper places throughput for the firewall at 75Mbits/sec, and the VPN at 20Mbits/sec. An integrated ADSL modem reduces the complexity and cost of remote setup.
THE POWER NETWORK
As mentioned earlier, the new routers will form the basis for Juniper's Infranet Initiative in the enterprise. The Infranet begins with a global IP/Multiprotocol Label Switching (MPLS) WAN and layers on top interprovider reconciliation for transporting QoS traffic across multiple networks.
To make the Infranet Initiative work, Juniper must create a Client Network Interface (CNI) and an Intercarrier Interface (ICI) to connect user and service provider networks to the Infranet, respectively. The CNI provides applications with a way to signal to the network their networking requirements vis-a-vis quality, reliability, and security. The ICI must carry that information between service providers, as well as provide a way to settle charges between them. Whereas the ICI will be implemented in Juniper's existing backbone routers, the J-series gives Juniper a reliable edge router on which to implement the CNI.
Over the near term, expect Juniper to bundle the J-series with NetScreen's security appliances. More specifically, the company will likely pair the J2300 with the NetScreen-25 or the NetScreen-56T, the J4300 with the NetScreen-50, and the J6300 with the NetScreen-204. Over the longer term, expect Juniper to integrate the firewall/IPSec, SSL access, virus scanning, intrusion detection and prevention, and VPN functionality of the NetScreen devices into the J-series.DECISION TIME
For service providers weighing the Juniper routers against comparable Cisco offers-the 1700, 2600, or 3700 series, to be precise-the decision isn't so clear. Juniper's 2300, for example, has greater LAN capabilities than a 1721, but relies on external boxes for key remote networking functions. The 1721 can support a VPN, but is limited to a single LAN connection. Multiple LAN connections are available using 2611XMs, but the internal switch connecting them only runs at 10Mbits/sec.
Pricing on the Juniper boxes may be lower, however. Juniper's routers start at $2,000, while Cisco's 1721 comes in at $3,195, but it's difficult to determine the better value without a more detailed feature comparison. What's more, Cisco gear can often be found online at significantly lower prices than what the company lists.
Beyond box configurations, Juniper's trump card is its OS, JUNOS. Cisco's IOS has outgrown its early roots of providing routing for the enterprise. When we profiled IOS last fall, there were some 42 packages of software under the IOS brand. IOS has other limitations as well. For example, it offers no modularity, so a failure in one process can scrap others. Reboot times may be longer than competitors because of IOS' layers of features.
Cisco has repeatedly claimed that it would address these problems. The recent release of CRS-1, its new top-of-the-line router, employs the latest version of IOS, IOS XR. XR extends the resiliency and scalibility of Cisco's routers by including features such as modularity. Cisco says it's exploring modularity for access routers, though no immediate plans are on the table just yet.Juniper claims JUNOS addresses IOS' problems today. The OS is a modular system, so processes are isolated from one another to improve stability. Then again, Cisco's remote access router can run for several years without failure.
Juniper's dedicated resources mean individual routers can continue to scale even when advanced features are activated. While Juniper, for example, cites the J4300's uplink throughput at a consistent 16Mbits/sec, the 2600's performance is quoted at 70,000 packets per second (pps) when routing, but this number drops to 30,000pps when the VPN is enabled.
JUNOS also uses a single image, simplifying version management. This will be particularly important to service providers or enterprises running many routers.
EXTREME ANTICS
For enterprises, the decision to deploy a Juniper access router is even more complicated. Having a single equipment source provides significant benefits in terms of total cost of ownership. In addition, the ability to mine router logs for business rules, such as compliance with legislation like Sarbanes-Oxley, is much easier when the routing platforms come from a single vendor. Today, Cisco is the only vendor with that breadth of product offering.Juniper lacks the same portfolio breadth, most notably in terms of switching. Although Cisco's router and switch portfolios are hardly integrated, they at least come from the same vendor. It's this lack of a switching story that has prompted periodic rumors that Juniper is planning some sort of merger with or acquisition of Extreme Networks. To date, the vendor has downplayed such talk.
Juniper also has to address the fact that consolidation of functionality also applies to the Application layer. VoIP is a case in point. For example, the ability for IT or a provider to drop-ship a Cisco router with an embedded Call Manager is a powerful incentive, as it helps simplify remote VoIP deployments. Even if a service provider is offering a hosted VoIP service, an onsite IP PBX is still a critical option for failover, one that may be a lot cheaper than a backup leased line. That sort of embedded application functionality isn't offered by Juniper today, but it will become more important as companies look to reduce the cost of maintaining and running their remote offices.
Executive Editor David Greenfield can be reached at [email protected].
You May Also Like
2024 InformationWeek US IT Salary Report
Aug 15, 20242022 State of ITOps and SecOps
Jun 21, 2022