Juniper Networks Firefly Suite: The Swiss Army Knife of Virtual Security

By Elevate posted 02-19-2014 10:51


While on a road trip in Europe, I stopped by a specialty knife store in Geneva to pick up a Swiss Army knife for my nephew. Swiss Army knives offer a range of tools, including blades, scissors, and other accessories like a toothpick, nail filer, corkscrew, bottle opener, etc. It’s actually amazing how much utility can be packed into one small three-and-a-half inch tool.


What’s also cool is I think the same can be said of the new Firefly suite. Over the last year, my team was heads down working on our own technological version of a Swiss Army knife. And while our three-pronged suite—which includes Firefly Host, Firefly Perimeter, and Junos Space Virtual Director—mightn’t be capable of opening a can of baked beans or bottle of Bordeaux, it offers a compelling new level of cloud security for both enterprises and service providers.


FF image for blog.jpgAs a quick refresher, Firefly Host is our purpose-built firewall embedded in the kernel of the hypervisor to protect communication between VMs; Firefly Perimeter is our proven Junos SRX code in virtual form factor to protect communications to and from the data center; and Junos Space Virtual Director is our lifecycle management solution for Firefly Perimeter VMs.


Back when beta testing began for Firefly suite, I met with customers to solicit feedback and learn how they planned to use the products. I was amazed by how many uses customers were finding for the suite. Some planned to use it for their virtual data center; some for private or public clouds. Others simply wanted the well-established Junos capabilities.


On the enterprise side, many were looking to use it in retail stores or branch offices for secure connectivity and firewall protection. Others planned to deploy it to their remote agencies and manage everything from a central location in order to reduce operating expense and improve productivity.


Service providers were looking to the suite to disrupt the way they offer managed security services. They quickly realized they could provision new customers in a matter of minutes instead of 60 days! What’s more, they saw that they could give customers their own set of policies with the distributed firewall architecture. Previously, they’d been limited to the same set of policies for everyone who shared the same physical firewall.


For service providers, the Firefly suite makes managing the tenant lifecycle much simpler since fault domains are isolated between tenants, disaster recovery is simplified with clean failover, and logging and debugging are segregated. The pre-existing network architecture and IP addresses of one tenant do not impact others. And maybe best of all, each tenant can get their own portal to manage their network if they choose to. Essentially, the suite enables service providers to onboard new tenants faster and more easily manage them as individual accounts.


It took a lot of work to get to where we are today, but we knew we were changing the way the cloud would be protected and have been so happy to have had our customers enlighten us along the way about the power and versatility of what we’ve built.


What I’d like to know now is, which tool from our new Swiss Army knife set will you use? Why? And how?