Text Size:        

• What's New
• Introducing the Juniper Networks E320 Platform

• Product Icons
• E-series Platform Visio Icons

• Additional Information
• Datasheets
• Juniper Networks E-series Portfolio of IP Edge and Broadband Service Routing Platforms
• E320 and E120 Broadband Services Routers
• 3-D Model
• 3D Model of ERX-310

• Testimonial
• "The new E320 Broadband Services Router will enable us to scale our network as required to support TELUS' Future Friendly Home suite of services and address our growing customer base, while also reducing over time our capital and operational expenditures."
  
  Ibrahim Gedeon,
  CTO
  TELUS

• More Customer Quotes
• E-series Customer Quotes

• Product Icons
• Juniper Networks Product Icons and Visio Stencils

IP Services - VPN

Whether you want to offer your subscribers scalable corporate services, wholesaling for carrier partners, Layer 2 migration, or remote user support, the ERX delivers a comprehensive VPN offering, such as: wire-speed performance and support for a number of varied VPN technologies in a single chassis, including Multiprotocol Label Switching (MPLS), Virtual Routers, and Layer 2 Tunneling Protocol (L2TP), IPsec, and Generic Tunnel Encapsulation (GRE). From these, you can implement the proper technology to create the best service offering for your customers.

Benefits

As IP becomes more common to corporate networks and applications, the market opportunity for IP-based VPNs, which provide connectivity between corporate sites and access to Application Service Providers (ASP), is expanded. The economy of scale of the service provider's network results in cost savings for corporations. Corporations are able to optimize capital investment and operations, and revenue opportunities for the service providers, as they are able to proceed to the next step in the value chain.

The power of the E-series router enables service providers to offer VPNs that meet their subscriber needs:

• Scalable, native IP VPNs for corporate users who are ready to upgrade to IP networking
• Scalable, corporate-based VPNs that allow subscribers to migrate from Frame Relay-based networks to IP-based networks
• Wholesale VPNs that support backhauling and subscriber transport in a secure and easy-to-manage environment
• Support for active dial and home-based remote subscribers and telecommuters who must access corporate resources
• VoIP-based and other latency-sensitive VPNs that support next-generation service offerings
• A timely solution that alleviates the restrictive and time-consuming manual provisioning process that affects VPN deployment and profit
• Secure implementations that maintain separate address and route environments while still allowing management access

Technology

Because the E-series is a distributed architecture on a router-based platform, it delivers significant advantages in performance, security, and scale. In order to create a VPN service with competitive benefits, the E-series delivers three special functions: the ability to classify users in a flexible manner, assign users to the VPN, and initiate the VPN transport. The result is a scalable in-network VPN that is easy to deploy and maintain.

The E-series uses powerful and flexible classification techniques to assign incoming packets to VPNs. This allows you to use domain names, IP header information, RADIUS information, TOS or MPLS label, or interface information to determine and screen VPN membership. It also allows you to combine VPN creation with IP QoS levels to further differentiate your service offering. The VPN policies are applied on a per-packet basis at wire speed without impacting performance. You can choose from a range of policy options, including transport type, routing information, security policies, or billing options. The ERX provides you with the ability to choose the best technology to deliver your preferred VPN service offering.

Transport technology options include:

• The first scalable MPLS offering for the edge of the service provider network. This standards-based offering allows service providers to use extensions to the BGP route protocol to automate the distribution of VPN membership information, which provides the first scalable solution for a corporate VPN offering
• The E-series offers Virtual Router support, with discrete routing protocol instances and route tables. This is an ideal technology for wholesale partners. Each wholesale partner can be given its own VR, IP address space, route policies and route protocol instances, and management access. This allows the infrastructure owner to give a discrete router to each partner, while managing and investing in a single unit
• L2TP LAC and LNS solutions that scale to support real network rollouts. The E-series scales to support thousands of L2TP sessions in a single chassis. L2TP can be used to create corporate VPNs or to backhaul xDSL or dial traffic to ISP partners
• Older systems may use L2F as the tunneling protocol of choice. The E-series also supports this protocol in the same scalable manner as L2TP.
• For low-overhead IP-based tunnels, service providers are using GRE. This lightweight protocol meets the needs of service providers who hope to tunnel installed-based protocols such as Frame Relay through an IP transport
• The E-series supports IPSec transport with support for 3DES, IKE, and PKI keys. This in-network support allows for an encrypted service offering for security-sensitive VPN subscribers
• Finally, the E-series also supports both Frame Relay and ATM PVCs, allowing service providers with established networks to use the secure nature of PVC transport to carry their new IP-based customers

Network Diagram

Features

As service providers strive to offer VPNs as a turnkey subscriber service, current generation solutions are constrained by their lack of performance, routing capabilities, and enterprise scaling. The E-series VPN technologies are engineered to meet the needs of an in-network VPN approach. The MPLS implementation automates VPN membership information using standards-based routing protocols to provide operations scale. The L2TP implementation delivers the highly scalable LAC and LNS termination. IPsec hardware encryption delivers performance without compromise. And the E-series virtual router technology protects each routing domain, securely segmenting traffic between VPNs. The wide range of technology options allows service providers to architect the best network for their subscriber service offerings.

In addition, the carrier-class features of the E-series round out the service offering:

• A single edge platform can deliver consistent IP services to leased line, xDSL, fixed wireless, and cable subscriber—any VPN service can be delivered over any access media type
• The ASIC-based power of the E-series enables all VPN services to be delivered at wire speed, with or without accounting information
• The extensive density of the E-series can support up to 4,000 T1s (3,000 E1s) in a single chassis, up to 12,000 T1s (9,000 E1s) in a single rack, optimizing POP space and power, and allowing service providers to hit cost-competitive pricing targets
• 100% redundancy features such as subscriber-facing interface redundancy deliver a competitive SLA advantage

Technical Specifications

Software Specifications:

• MPLS with BGP extensions (RFC2547)
• L2TP LAC and LNS (RFC2661)
• L2F (RFC2341)
• GRE (RFC2784)
• IPSec with support for 3DES, IKE, and PKI)
• Virtual Routers, with discrete routing protocol instances and route tables
• FR PVCs
• ATM PVCs