Juniper Networks Contrail Networking is a simple, open, and agile cloud network automation product that leverages SDN technology to orchestrate the creation of highly scalable virtual networks. Combining a scale out architecture featuring open interoperability with physical routers and switches, Contrail can elastically scale infrastructures beyond data center or cloud boundaries to facilitate dynamic workload mobility in a hybrid environment. Service providers can use Contrail Networking to accelerate the deployment of innovative new services, while enterprises can use it to increase business agility by enabling the migration of applications and IT resources to more flexible private or hybrid cloud environments.
For enterprises, Contrail Networking interoperates with OpenStack cloud orchestration platform to enable system-level automation and orchestration. It reduces the friction of migrating to cloud architectures by providing a virtualized networking layer that seamlessly delivers switching, routing, and networking services (security, load balancing, VPNs, etc.) over an existing physical network. It also provides API compatibility with public clouds like Amazon Web Services (AWS) for seamless workload provisioning in hybrid environments.
For service providers, Contrail Networking automates network resource provisioning and orchestration to dynamically create highly scalable virtual networks and to chain a rich set of Juniper or third-party virtualized network functions (VNFs) and physical network functions (PNFs) to form differentiated service chains on demand. Integrated with a cloud management platform such as OpenStack, Contrail Networking enables the agile creation and dynamic scaling of service instances with high availability and reliability. Contrail Networking also makes it really simple to onboard network functions onto the platform without requiring any API integration or modifications to third-party service software.
Switching and Routing: Hypervisor forwarding plane provides line-rate routing and switching in a multitenant virtualized environment that is completely decoupled from the underlying physical fabric switches.
Load Balancing: Load balancing is built right into the hypervisor’s forwarding plane for balancing traffic across application tiers or network services.
Security and Multitenancy: The use of L3VPN to create virtual networks inherently provides a secure multitenant environment, where virtual networks cannot talk to each other without policies. The Contrail Networking vRouter has built-in distributed firewall capabilities that allow users to define security policies between virtual networks. The security policies can specify additional virtualized network services such as the Juniper Networks Firefly Perimeter application-aware firewall; and distributed threat prevention using Juniper Networks WebApp Secure, which can be spun up between virtual networks.
Elastic, Resilient VPN: L3VPN, E-VPN, and site-to-site IPsec are all delivered in software.
Gateway Services: Contrail interoperates with most routing equipment that supports L3VPN or E-VPN with the appropriate data encapsulation standards, including Juniper Networks MX Series 3D Universal Edge Routers to seamlessly connect to legacy workloads and non-virtualized physical services.
High Availability: All Contrail Networking components are made highly available and offer active/active redundancy. Each Contrail Networking VRouter is connected to a set of control planes and gets the same routing table and access control lists (ACLs).
Analytics Services: Rich visualization and diagnostics of virtualized and physical networks enable real-time and historical infrastructure analytics that can be consumed through RESTful APIs. Users can also view live packet capture of traffic between virtual networks.
API Services: RESTful API for configuration, operation, and analytics provides seamless integration with OpenStack or service provider OSS/BSS systems. This includes Virtual Private Cloud (VPC) API compatibility for seamless deployment of applications in a hybrid environment (e.g., private cloud and public cloud/AWS).