Thursday, January 16, 2014

Juniper Unveils Firefly Virtualized Security Suite

Juniper Networks unveiled its Firefly Suite, a virtualized security portfolio that provides granular, dynamic and secure connectivity for the private and public cloud. The goal is to proactively protect virtual workloads and applications in real-time with security intelligence, automation and unified control over virtual firewalls.

The suite introduces Firefly Perimeter, a virtual version of the Juniper Networks SRX Series Services Gateway, as well as Junos Space Virtual Director, an application that automates the management and deployment of Firefly Perimeter. When combined with enhancements to Firefly Host, which provides hypervisor-based protection between virtual machines, the suite secures traffic within a virtualized data center as well as traffic to and from it.

Key elements include:

  • Firefly Perimeter -- a new virtual and software-based version of the Juniper Networks SRX Series Services Gateway. It delivers high availability, granular security with segmentation capabilities between zones, organizations, lines of business and applications, as well as rich connectivity features like Network Address Translation (NAT), routing and VPN. Firefly Perimeter can be easily deployed and managed centrally or individually as a security VM for each department, application or tenant.  The solution is optimized to leverage multiple virtual CPUs to maximize packet processing and overall throughput in the virtual environment.  Juniper said its Contrail SDN controller seamlessly integrates with Firefly Perimeter to dynamically provision service-chained virtual and physical security services in cloud environments.
  • Junos Space Virtual Director -- a new Junos Space application delivering full lifecycle management of Firefly Perimeter VMs. It enables organizations to automate provisioning and resource allocation of virtual machines associated with Firefly Perimeter VMs. It provides oriented workflows, pre-tested configuration, and open APIs for integration with third-party management platforms.
  • Firefly Host (formerly named vGW Virtual Gateway) -- a purpose-built firewall for virtualization designed to protect intra-VM traffic. It provides hypervisor-based stateful firewall for East-West traffic between virtual machines, including integrated intrusion detection (IDS), virtualization-specific antivirus (AV) protection and compliance tools, with management scale. Firefly Host is tightly integrated into the VMware hypervisor and VMware management framework. Synchronization of security policies across Firefly Host management centers provides automated policy management and granular control of VMs for multi-tenant environments with unparalleled performance in the industry. 

"Juniper's Firefly Suite allows companies to attach, create and manage security policy across physical and virtual firewalls with a high level of flexibility supporting error-free, fast scale out deployment for the most demanding environments. We provide complete protection for the cloud and from the cloud," stated Michael Callahan, vice president global product marketing, Security Business Unit, Juniper Networks.

Firefly Perimeter and Junos Space Virtual Director will be released in Q1 2014.

In September 2013, Juniper Networks announced the commercial launch of its Contrail software-defined networking (SDN) solution for enterprise data centers and Service Provider networks. 

The company said the primary benefit of Contrail is that it provides a simple way to connect physical networks with a virtual environment and provision underlying services, reducing the time, cost and risk for customers when configuring the network. In addition to virtualizing network resources, Contrail promises automated configuration for Network Functions Virtualisation (NFV). The launch represents the third step in Juniper's SDN strategy announced earlier this year (see below)

Juniper Networks Contrail, formerly known as JunosV Contrail, is comprised of an SDN controller, vRouter, and analytics engine.  It creates a virtual network, enabling seamless integration between physical and virtual networks.  Contrail's hypervisor forwarding plane provides line rate routing and switching in a multi-tenant virtualized environment that is completely decoupled from the underlying physical fabric switches. Contrail enables a variety of VPNs in software, including L3 VPNs, E-VPNs, Site-to-Site IPSec, and SSL VPNs.