Security

 View Only
last person joined: 23 hours ago 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.
Expand all | Collapse all

Join us! Ask the Expert: Apstra

  • 1.  Join us! Ask the Expert: Apstra

    Posted 08-04-2021 13:50

    Want advice on automating data center setup, deployment, and management?

    In our upcoming Ask the Expert, Juniper experts will be here, answering all your questions live within this discussion thread:

    When: Tuesday, August 17 at 9-10AM PT

    Where: Here! Right in this very thread!

    Meet our experts!

    • DJ Spry: Apstra Product Management Director 
    • Jeff Doyle: Apstra Solutions Architect Director
    • Jeremy Wallace: Data Center/IP Fabric Architect - GTM SP Architecture Team
    • Robert Lancaster: Apstra Consulting Systems Engineer

    Please note that this community will open for questions and discussion at 9AM on August 17. If you want to submit questions in advance, please send them to elevate-community@juniper.net

    How to attend:

    1. Join the Elevate Community if you're not already a member
    2. Then join this Ask the Expert community
    3. Return here on Tuesday, August 17 at 9AM PT and start asking your questions and enjoying the discussion!


    ------------------------------
    Michael Pappas
    ------------------------------


  • 2.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 11:56

    Hi everyone! 

    We're about ready to kick things off here! Please feel free to drop your questions within this thread and our experts will help find you an answer!


    Cheers,
    Michael



    ------------------------------
    Michael Pappas
    ------------------------------



  • 3.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 11:58
    Hi, Michael!
    I am looking forward to the discussion!

    ------------------------------
    Robert Lancaster
    ------------------------------



  • 4.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:02

    Hi Experts!

    Will Apstra support both the ERB and CRB model?


    Thanks!




  • 5.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:07
    I can't speak to the future, but for now we support only ERB. While there are certainly arguments to be made in favor of CRB, our decision was to keep things simple by requiring all connectivity to the fabric to be through the leaves. This allows the spine/super spine switches to remain as simple ("dumb") as possible, and have not responsibilities other than forwarding between leaves.

    ------------------------------
    Jeffrey Doyle
    ------------------------------



  • 6.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:09

    Thanks Jeff!

    Do you know if Apstra support DC automation for brownfield environment or is it only support for greenfield environment?




  • 7.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:12
    This is a great question!  Apstra needs to own the configurations all the devices it manages.  So, a greenfield environment is certainly the easiest to implement into.  However,  brownfield environments can be addressed - we have proven methodologies that allow us to migrate existing networks into management by the Apstra solution.

    ------------------------------
    Robert Lancaster
    ------------------------------



  • 8.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:14

    Thanks Robert! I have one more question:

    What would it take to convert and manually build ERB DC to instead being supported by Apstra automation?




  • 9.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:22
    It's hard to address specific procedures, because every DC is different. But essentially at least one spine and leaf need to be brought up "fresh" under an Apstra controller. From there switches and services are carefully migrated from the old environment to the new. It takes careful planning, but it is quite do-able.


    ------------------------------
    Jeffrey Doyle
    ------------------------------



  • 10.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:26
    What integrations does Apstra have to help me with my VMware installation?

    ------------------------------
    Ellen MacDermid
    Communications
    ------------------------------



  • 11.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:30
    We integrate with both VSphere and NSX-T, through a simple menu window.

    ------------------------------
    Jeffrey Doyle
    ------------------------------



  • 12.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:32

    Hi experts!

    We had the following question come through:

    How Can Apstra help me with my Day 2 operation challenges?



    ------------------------------
    Michael Pappas
    ------------------------------



  • 13.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:41
    Apstra has a whole suite of tools built around Intent Based Analytics (IBA). The purpose of the IBA is to assure that the network is functioning based on what the Intent is as defined by the Apstra Blueprint. The IBA toolset includes probes which can monitor specific network and device attributes and widgets that can graphically represent the status of the probes. A great example is the ESI-LAG Imbalance Widget/Probe. The ESI-LAG imbalance probe monitors the links of an ESI-LAG on 2 different Leaf switches to ensure that the LAG is load-balancing the traffic equally. If the traffic distribution goes outside of the defined parameters, the ESI-LAG widget will report the imbalance as an anomaly, which can be clicked on and drilled into to help identify the imbalance within a few seconds.

    Another example of IBA is the Root Cause Analysis (RCA) of Link Connectivity between devices. In this example, if a device has a connectivity issue there are a lot of anomalies that get reported, such as, BGP sessions going down, cabling anomalies, and interface anomalies. The Connectivity RCA parses through all these anomalies to identify the specific devices with the connectivity issue. In this way, the issue can be identified very quickly, without ever having to login to a device to troubleshoot.

    These are just 2 examples of IBA and how Apstra helps simplify Day 2 Operational troubleshooting challenges.

    ------------------------------
    Jeremy Wallace
    ------------------------------



  • 14.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:33

    Hi Experts!

    We had another question come through from a user:

    Apstra has been marketed as a multi-vendor solution, Will Juniper continue to market the product in this manner?


    ------------------------------
    Michael Pappas
    ------------------------------



  • 15.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:43
    Yes.  Apstra has always been committed to providing customers with the flexibility of choosing solutions that best fit their needs.  Juniper is committed to continuing with this approach.  Currently, I am working with customers that are using more than one vendor for equipment in their data centers.  They like the fact that Apstra provides a consistent interface for working with equipment from different vendors.  It's also a great way to introduce new technology while alleviating concerns over the associated learning curve.

    ------------------------------
    Robert Lancaster
    ------------------------------



  • 16.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:36

    Hello again experts! Thanks for your help today. 

    A user submitted this question:

    How can Apstra fit into an overall orchestration strategy, API options, etc?


    ------------------------------
    Michael Pappas
    ------------------------------



  • 17.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:49
    Yes, we have open APIs and an SDK that allow users to integrate Apstra into their orchestration strategy. As one example, we have customers that integrate Apstra and their ServiceNow ticketing system.

    ------------------------------
    Jeffrey Doyle
    ------------------------------



  • 18.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:55

    Here's a Network Field Day video specifically addressing ServiceNow integration.

    https://techfieldday.com/appearance/juniper-networks-presents-at-networking-field-day-25/



    ------------------------------
    Jeffrey Doyle
    ------------------------------



  • 19.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:47

    Experts! When you have a moment can you please help with this submitted question:

    Managing the operating systems on our data center devices is time-consuming and cumbersome. Does the Apstra system address this in any way?


    ------------------------------
    Michael Pappas
    ------------------------------



  • 20.  RE: Join us! Ask the Expert: Apstra

    Posted 08-17-2021 12:56
    The Apstra solution leverages a software agent (on-box or off-box) that facilitates communications between the server and each network device.  Therefore, Apstra can manage the device software version in a couple of ways.  First, it can enforce the desired software version on the front-side.  It can also handle upgrading a device's software after deployment should the need arise.  There is a clever 'Maintenance Mode' that allows a device to be gracefully removed from an operating network for hardware or software maintenance.

    ------------------------------
    Robert Lancaster
    ------------------------------