Juniper Mist Wired Assurance Overview

What MIST has done in the enterprise wireless market is change the conversation from network management to AI-driven operations. Using AI and machine learning, MIST has fundamentally transformed the operational experience from reactive troubleshooting to proactive remediation. We're now super excited to bring this AI technology to the broader Juniper wired portfolio, starting with Juniper EX switching.

What we have done differently in the wireless space is instead of focusing on the access point experience or the controller experience or the controller of controller experience, adding more and more boxes like your legacy vendors, we started with a cloud-native, AI-driven, microservices-based architecture intently focused on the end-user experience. Fortune 10 and Fortune 500 customers have told us they have many, many tools to tell them if a switch is up or a port is up. Even our competitors can do that.

What they have challenged us to do is to bring the wireless user experience metrics over to the wired user. So when you plug in an IoT device, a printer, an Apple TV, or a video camera, what is the experience of that device? Is it able to connect to the service? Is it getting the necessary bandwidth? If not, why not? Today, that task of wired user experience measurement and remediation is painfully manual, and IT has to piece the story together across multiple legacy systems. By bringing the Mist AI engine to the wired network, we're now launching the world's first AI-driven wired wireless campus.

Bringing AI across the wired and the wireless user experience alike. So as you build your network of the next decade, we would love to partner with you on your journey. Please sign up for a Mist demo so you can personally experience the excitement of Fortune 10, Fortune 100 customers who are choosing AI-driven switching and Wi-Fi from Juniper Mist.

Hello and welcome to this series on MIST Wired Assurance, AI for the Wired Network. My name is Avi Shamsundar, I'm the product manager at MIST for all things Juniper, MIST and integration. I'm happy to be here talking about this video series about Wired Assurance and this introductory video will focus on why Wired Assurance, what does this video series encompass and how do we bring all of this together in the form of a course series for you.

I hope you enjoy this video series. Wired Assurance is one of our ways for us to say we can help you automate every single step of the way in all things day zero, day one and day two. For us day zero is about automation of provisioning, adoption of devices that are existing on your field, primarily focused on the switching network, deployment day one, talking about templatization, how do you encompass configuration in large scale usage of colored and colorless ports and day two will focus on SLEs, Marvis actions and alerting which will help you troubleshoot your network overall better.

Now, automation in every step of this way was the goal for the origin of MIST Wired Assurance. Let's talk about a few elements of day zero. From a perspective of onboarding devices, you now have existing brownfield devices that already exist on the network.

These are existing Junos devices, 2300s, 3400s, 4300s, 4400s, 4100s now recently, as well as the distribution layer devices, 4650, QFX5120 and also the core devices, which is QFX10Ks, the 9200s as well as the 51700s and 5130s in the QFX line. All of these devices can all be adopted. Why is a brownfield option? But since 2019, we've also been able to actually onboard devices using just a QR code.

And that's the greenfield onboarding process. In a world of cloud managed switches, we'd like for our onboarding to be as console free as possible. And that's the idea behind utilizing the same constructs that we used in the AP world to make the switches onboarding extremely easy as well.

Preview of how you would be able to make this possible using the mobile app in order for you to bring devices on board, MIST delivers an AI app called the MIST AI app, and it's available both on Apple as well as Android app stores. Now, for you to be able to onboard a device, as an installer, the installer role now has abilities for them to log into a mobile app, go into the org of choice, go scan the QR code that is on your devices. This is a QR code on a 4100.

It has been claimed successfully. You can go into the actual switches, take a picture of the switch, attach it to the same device, assign it to a site of choice like we just did, and also provide a name for this particular switch. This is the idea behind making the process of onboarding extremely seamless and simple for especially users who are not very adept with our networking technologies.

When you have a large number of devices to onboard as well, you now have the ability not only just to do claim code, just the way you just saw it in the previous section, but also you can activate them using an activation code every time you place a purchase order, regardless the number of devices, be it APs, switches or WAN devices, all can be combined into one purchase order and also can be claimed onto the dashboard altogether, your thousands of switches or thousands of APs in one shot using one activation code. And that's a combination of all claim codes, to simply put it. So you can onboard greenfield devices either way, using a claim code on a per device basis, onboarding activation code, just one shot, and then being able to onboard devices every time.

Subsequently, when a Juniper switch is connected to an uplink where it can reach the cloud, it will automatically start the process of zero-touch provisioning, go to the cloud, make the initial contact and get the config it requires and is ready for servicing its clients. If you have existing devices on brownfield, you are able to onboard them by using seven lines of code that is available on the dashboard, onboard them automatically and then subsequently move further from there on as well. So both ways are available for you to onboard switches onto the dashboard.

The next part of the story is the actual configuration itself. There's a whole lot of depth that we go into in terms of day zero, day one and in the subsequent. This is a primer on how this is done.

You will be able to configure global parameters like services, radius, stanzas, IP definitions and VLAN definitions. Similarly, anything that that you think of from a routing perspective, as well as spanning tree perspective. All of these form the global piece.

The second pillar of a switch configuration forms the interface configuration themselves. Interfaces for us, if you consider them as personas that come into your interface, then imagine there are multiple personas that attach to your switch and each of them usually have the exact same configuration, be it from the perspective of bringing on board devices. So, for example, the number of APs that connect to multitudes of switches, all of the APs have a very similar configuration.

So you could create one persona or one port profile called as AP and you could apply them across multitudes of switches and across different sites as well. And that's the idea behind templatization, the hierarchy and creation of port profiles in one shot. You subsequently are able to provision them manually.

A lot of people have a lot of discipline or colored ports as they call in to say you can assign port ranges port 1 to 10 as AP ports, 10 to 20 as camera ports and so on. Or you could also use dynamic port provision. And that is unique to a deployment from a standpoint of saying a device can automatically identify itself or using a set of rules and you don't need to be in the business of provisioning a port.

Every single device comes online. Rather, let the device identify itself and we can auto assign the port profile that you've already created. For example, if an AP matches a particular LLDP rule, you can actually put them into the AP profile.

Mist AP start with LLDP description starts with Mist. So you match that and you put that put any device that matches that to an AP profile. Similarly, you can do cameras and as a catch all, you could also use just the MAC addresses.

So some simple examples as to how dynamic port provision can also make your life easier in order to provision at scale. One of the most important things that we will cover as part of this video series is also campus fabric deployments. The the the the templatization and our ability to scale from a perspective of onboarding distributed enterprises, be it switch onboarding, client devices onboarding, make that simple using dynamic port profiles, zero touch provisioning.

Now, the larger the campuses, the more the advent of the technology of EVPN/VXLAN in order to make life simpler, in order to make the right architectural choice for us to say large campuses going forward, especially given the IoT presence, requests for L2 to be stretched across multitudes of buildings. Now there is a need in large campuses for us to use VXLAN and and with a control plane of EVPN, we're able to achieve scaling to the tune of larger and larger campuses. With MIST, although the technology is new for a lot of campus customers, we've made the ability for us to configure these campus architectures simple.

We'll talk about three important architectures and how you're able to very easily provision them. The first one is EVPN multi-homing. This is our ability for us to use the technology of ESI lag or Ethernet segment identifier lag from an access device perspective, connecting to do different distribution devices or a collapse score, as you may call it.

And from an access switch, you will still be a basic lag using LACP, but from a distribution switch perspective, although it's coming from a single device, you will treat them as the same lag or ESI lag, as we call it, and then achieve similar results as you did with some of the technologies like MCLAG, which was formerly used in the same case. So a move ahead in the direction. So try and limit the number of spanning tree instances just to the access switch itself and not go beyond.

So if there are any loops that may persevere in the network, that will only be within this closet. The construct of the EVPN/VXLAN for a campus fabric also extends to core and distribution switches, which is the green blob that actually identifies to where they are. And that's the middle architecture.

So you could use the middle architecture as well for us to bring devices on board in terms of and also scale campus wide. And your L2 switching still need not be refreshed in order for you to get to this architecture. You get the advantages, most advantages of EVPN/VXLAN as a technology, barring one important one, which is covered in the last architecture, which is the IP CLO architecture, which also brings in the construct of micro segmentation, segmentation enforced all the way at the access, utilizing what the technology of GBP or group based policies.

All of that, all of these are discussed in great detail. But the idea behind wire assurance, though, is we are able to deploy these aspects as well using campus fabric deployment. So choose your topology, define the physical connections, define the networks of interest.

These are all things that you do today. We're not asking you to do anything from a perspective of enabling VNIs, which are a construct of VXLAN, but rather we'll still focus on elements that you care about and then we apply the intent for you. So in a gist, before we get into day two, we spoke about automation being the heart of all things that we do and how we make your life simple.

We spoke about day zero onboarding using zero touch provisioning of devices. We spoke about day one, templatization, as well as the hierarchies, including how you'll get be able to onboard devices, the client devices using dynamic port profiles. Day two is the last piece of the puzzle.

How are we able to not only address the day zero and day one, and as well as day two is the focus of wired assurance courses as well. There's a lot of ask about do we need assurance on the wired network? Is there an actual need? There's a host of problems that can persist on the wired network as well. And these are just a subset that you see in the word cloud here.

Congested interfaces, speed issues, negotiation mismatches, bad cables, physical layer one issues, CPU spikes, congestion on your network. Many, many, many multitudes of issues. And these are run across thousands of ports that you run in your networks.

How are we able to pinpoint exactly what you care about and bring that about to you is the answer in the form of what we call the SLE or the service level experience framework. Subsequently, Marvis actions, as well as the conversational interface framework. So these are the tools that will enable you and make your life easy in terms of troubleshooting, monitoring and alerting.

Identify all such issues and also ask simple questions to the Marvis conversational interface or Marvis CI, as we call it, wherein you can ask questions about, hey, troubleshoot the switch, troubleshoot this particular client and how are we able to address and gather information for that? And that's all things wired assurance. You'll hear more about, you know, day zero onboarding in detail, day one configuration in detail, campus fabric configurations, as well as why you would move to campus fabric, if at all, if there is a need for you and justification for so. And ultimately, we'll focus on the day two aspects as well, the service level experiences, Marvis actions, conversational interface.

This was these and this entire piece of bringing assurance to the wired side of the house is one piece of the puzzle that Mr. Addresses, as you know, missed has Wi-Fi assurance, wired assurance as well as van assurance. Our end goal is to answer that important question. Why is my application experience bad? As you see, why is my Zoom callback bad? Our breaking up is a question that we had started on our journey to answer.

And wired assurance is a significant piece of it. Van assurance and Wi-Fi assurance in different courses as part of this also addresses how we collect information on those vectors as well. Eventually, Marvis is our AI engine that brings together all pieces of the puzzle together.

And that's the journey we are headed. And wired assurance is a critical piece towards this. Hopefully, this was a good introduction as to what you could foresee with what's to come along this course.

And I'd like to thank you for starting this course journey with us.