NA005 - HPE Juniper MIST Automation and the SSR400 launch

Network Auto Magic Podcast Episode Summary

Juniper Mist SSR Platform and API Automation

Episode Overview

This episode features Steinn & Urs discussing Juniper's Session Smart Router (SSR) platform and Mist automation capabilities with two Juniper guests:

Episode Guests

• Daniel Petrov: Product Manager for HPE Juniper Networking AI-native SD-WAN team
• Thomas Munzer: Platform team member focused on API integrations and automation (And Steinzi’s personal hero)\

Key Technology Highlights

SSR (Session Smart Router) Platform

• Core Technology: Secure Vector Routing (SVR) - eliminates traditional IPsec tunnels
• Key Benefits:
• Sub-second failover capabilities
• No fragmentation issues (maintains 1500 MTU)
• Selective encryption (doesn't double-encrypt already encrypted traffic)
• Tunnel-less overlay architecture
• Fast boot times (under 2 minutes)

New SSR 400 Series

• Features: Built-in switching, PoE support, 5G capability, built-in Wi-Fi, fanless design
• Power Efficiency: Designed for customers deploying 20,000+ devices
• Security: Built-in IDP engine with simple profile selection
• Licensing Change: Eliminated bandwidth-based licensing in favor of three tiers (Standard, Advanced, Premium)

Security Features

• Quantum-resistant encryption (NIST FIPS 203, 204, 205 standards)
• Advanced anti-malware and antivirus protection
• SSL proxy capabilities
• Security assurance analytics (13-month traffic analysis)

API and Automation Ecosystem

API Architecture

• Scale: Over 1,000 API endpoints
• Philosophy: API-first development - UI uses the same public APIs
• Coverage: Everything visible in UI is accessible via API
• Consistency: Same endpoints work for both SRX and SSR platforms despite different underlying OSes

Developer Tools

• Python SDK: Comprehensive software development kit
• Terraform Provider: Recently launched for infrastructure-as-code
• Postman Collections: Pre-built workflows and practical examples
• Open API Specification: 100,000+ lines of documentation
• Chrome Extension: Discovers API calls made by the UI

Integration Features

• Webhooks: Proactive notifications instead of polling
• Audit Logging: Complete change tracking with before/after states
• Template System: Centralized configuration management
• Multi-tenancy: MSP-friendly with UUID-based resource identification

Mist Cloud Platform Benefits

Management Features

• Automatic Patching: Security updates applied automatically
• Marvis AI: Proactive troubleshooting and network optimization
• TDR Testing: Built-in cable testing without connected devices
• Dynamic Packet Capture: Automated network troubleshooting
• Idea Portal: Customer feature request and voting system

Operational Advantages

• Centralized Control: Single pane of glass for access points, switches, and WAN
• Monthly Feature Releases: Continuous platform improvements
• Virtual Lab Support: Can test configurations in virtualized environments
• Instant Power-On: PoE devices get power immediately during boot

Automation Use Cases

• Site Deployment: Template-based rollouts across thousands of locations
• Security Policy Management: Centralized firewall rule automation
• Network Monitoring: Custom dashboards and executive reporting
• Change Management: Configuration versioning and rollback capabilities
• Multi-vendor Integration: Works alongside other Juniper products (Apstra for data center)

Enterprise Adoption

• Scale: Customers deploying hundreds of thousands of sites
• Industries: Banks, retail (largest fast food chain), and enterprise customers
• Gartner Recognition: Top-right quadrant for five consecutive years

Developer Resources

• Apps Lab Portal: Collection of automation scripts and examples
• GitHub Repositories: Python script libraries and tools
• Documentation: Comprehensive API guides and best practices
• Support: Direct access to product teams for troubleshooting

Technical Architecture Notes

• Cloud-Native Design: Configurations pushed from cloud to devices
• Resilient Operations: Network continues functioning during cloud connectivity loss