Juniper Networks Warrior. A Guide to the Rise of Juniper Networks Implementations - Helion
ISBN: 978-14-493-6172-3
stron: 432, Format: ebook
Data wydania: 2012-11-13
Księgarnia: Helion
Cena książki: 186,15 zł (poprzednio: 216,45 zł)
Oszczędzasz: 14% (-30,30 zł)
In this practical book, Juniper Networks consulting senior network engineer, Peter Southwick, offers unique first-person field studies on designing, configuring, and troubleshooting new systems that are changing the networking world. Each chapter-long "travelogue" follows a team of Juniper Networks warriors as they solve specific needs with emerging network platform architectures.
In these case studies, Southwick and his fellow warriors analyze a client’s particular situation, arrive at an architectural solution, and work through the deployment details. For anyone who operates, installs, designs, or works in IT, this book provides an intimate and entertaining look at what’s changing and why.
Among the case studies, you’ll discover how:
- A service provider protected customers from malicious traffic with Juniper Networks IDP systems
- SRX5800s improved connectivity and security in a data center
- Ethernet WAN technology was chosen as a storage solution, rather than a proprietary design on dark fiber
- An enterprise severed communications between different departments to comply with government personal credit card standards
- Core network and edge devices helped a power company serve local customers and ISPs in the data services market
- A hosting company migrated its core, datacenter, edge, and access domains to a state-of-the-art network
"In this uniquely written book, you will get a detailed view of life in the data center, the edge, the core, and the office of the customer’s CIO."
Steve Fazio, CEO, TorreyPoint
Osoby które kupowały "Juniper Networks Warrior. A Guide to the Rise of Juniper Networks Implementations", wybierały także:
- AWS Certified Developer - Associate Guide 157,37 zł, (29,90 zł -81%)
- AWS Certified Solutions Architect Associate Guide 135,91 zł, (29,90 zł -78%)
- Data Center Virtualization Certification: VCP6.5-DCV Exam Guide 135,91 zł, (29,90 zł -78%)
- Managing Mission - Critical Domains and DNS 135,91 zł, (29,90 zł -78%)
- Architecting Microsoft Azure Solutions Exam Guide 70-535 135,91 zł, (29,90 zł -78%)
Spis treści
Juniper Networks Warrior. A Guide to the Rise of Juniper Networks Implementations eBook -- spis treści
- Juniper Networks Warrior
- Dedication
- SPECIAL OFFER: Upgrade this ebook with OReilly
- Preface
- What Is the New Network Platform Architecture?
- How to Use This Book
- Whats in This Book?
- A Note About This Book
- Conventions Used in This Book
- Using Code Examples
- Safari Books Online
- How to Contact Us
- Acknowledgments
- 1. An Enterprise VPN
- Company Profile
- Network
- Traffic Flow
- Need for Change
- Class of Service
- Design Trade-Offs
- Routing and survivability
- Remote locations
- Main location
- Class of service
- Routing and survivability
- Implementation
- Prototype Phase
- Class of Service
- Cut-Over
- Main Site
- Remote Site JAX
- Remote Sites PHL and IAD
- Backup Site BNA
- Conclusions
- Company Profile
- 2. Maintaining IDP Systems
- IDP8200 Background
- Command-Line Interface
- Web Management Interface
- NSM Management
- Support Tasks
- Daily Tasks
- IDP Policies
- Rulebase Optimization
- Other Tasks
- Updating the detector engine
- Updating IDP appliance OS
- Updating attacks
- Conclusion
- IDP8200 Background
- 3. Data Center Security Design
- Discussion
- Design Trade-Offs
- Decision
- Configuration
- Take One Configuration: Clustering
- Take 2 Configuration: Active/Active without Reths
- Take 3 Configuration: Active/Active with One-Legged Reths
- Testing
- Summary
- Discussion
- 4. Layer 3 to Layer 2 Conversion
- Problem
- Q-in-Q Framing
- VPLS Overhead
- Solutions
- RFC 4623
- Customer MTU restrictions
- Move the MTU
- RFC 4623
- Configurations
- Management
- lo0.0
- Access
- Protocols
- MPLS
- BGP
- OSPF
- Core Router Configurations
- Distribution Switch Configurations
- Distribution Router Configurations
- Rate Control
- CPE Switch Configuration
- Management
- Conclusion
- Problem
- 5. Internet Access Redress
- Objective
- Design
- Trade-offs
- Routing
- IBR integration
- IDP
- Filter-based forwarding
- Clustering
- Trade-offs
- Configuration
- Clustering
- Security
- Routing instances
- Interfaces, zones, and policies
- NAT
- Security logging
- Routing
- BGP
- OSPF
- Default route
- Out-of-band management network
- Implementation
- Lessons Learned
- Feature interactions
- Network interactions
- Administrative issues
- Lessons Learned
- Conclusion
- 6. Service Provider Engagement
- Company Profile
- Physical Network Topology
- Services
- Design Approach
- MX connectivity
- EX connectivity
- Deployment
- Management network
- Design Trade-Offs
- OSPF
- VPLS
- BGP
- MPLS
- Trade-off choices
- Configurations
- Boilerplate Configuration
- MX Interfaces
- EX Boilerplate and Interfaces
- OSPF
- MBGP
- MPLS
- RSVP
- Layer 3 VPN
- VPLS
- OBM
- Conclusion
- Company Profile
- 7. A PCI-Compliant Data Center
- Introduction
- Client Goals
- Design Trade-Offs
- Firewalls
- Routing
- Addressing
- Survivability
- Recommended Design
- Switching Layer
- Routing Layer
- Firewall Layer
- Virtualization
- Configurations
- EX4200 Configuration
- MX240 Configuration
- Firewall Configuration
- Deployment
- Initial Connectivity
- The Maintenance Window
- PCI Compliance
- Summary
- Introduction
- 8. Facilitating Dark Fiber Replacement Using a QFX3500
- Existing Design
- Introduction to Fibre Channel
- Proposed Design
- Concerns and Resolutions
- Naming
- Network quality
- Network Upgrade
- Advantages and Benefits of the Solution
- Concerns and Resolutions
- QFX3500 Fibre Channel Gateway Configurations
- Management Configurations
- Fibre Channel Gateway Interface Configuration
- DCB Configuration
- EX4500 Transit Switch Configurations
- Interfaces and VLANs
- Transit Switch DCB Configuration
- Verification
- Conclusions
- Existing Design
- 9. MX Network Deployment
- Plans and Topology
- Phase 1
- MX Configuration
- Management Configuration
- Routing Engine Protection
- Policy Configurations
- Prefer to receive an aggregate of the locally assigned addresses
- No subnets longer than /24
- No RFC 1918 prefixes
- Authentication on all BGP links
- The ISPs will ignore the use of MEDs
- The ISPs will respond to local preference
- The ISPs will forward a default route if required
- The ISPs will accept prepending only for the local AS
- The ISP will not act as a transit network for any other traffic except for its customers
- Protocol Configurations
- OSPF
- BGP
- Phase 2
- Final Phases
- Conclusion
- 10. A Survivable Internet Solution for a Fully Distributed Network
- Original Network Architecture
- WAN Connectivity
- Addressing
- Internal Connectivity
- Firewalls
- Problem Definition
- Proposed Solution 1
- Solution 1 Advantages
- Solution 1 Details
- Solution 1 Issues
- Proposed Solution 2: OSPF over Tunnels
- Early Death of Solution 2
- Configuration for Solution 2
- Final Solution: Static Routes over Tunnels
- Solution Advantages
- Solution Issues
- RPF checks
- Default gateway failure detection
- Email Server Address Resolution
- Firewall Configurations
- Conclusion
- Original Network Architecture
- 11. Internet Access Rebuild
- Requirements
- Existing Network
- Routing Protocols
- Solution Options
- Three-Layer Design
- Two-Layer Design
- One-Tier Design
- Configurations
- Deployment Scenario
- Management Staging and Testing
- Top-of-Rack Switch Testing
- ISP Link Testing
- Production Configuration
- Cut-Over
- Conclusion
- Index
- About the Author
- Colophon
- SPECIAL OFFER: Upgrade this ebook with OReilly
- Copyright