I’m a big fan of Juniper Networks! I work mainly with the SSG (ScreenOS) and SRX (Junos) series. The Juniper SRX is a network security solution, which can be positioned in the data center or at the branch. You will surely agree, that virtualization and cloud computing changed a lot from the network perspective. This demands security solutions that are not bound to hardware boundaries. Juniper Firefly Perimeter addresses this demands.
What is Juniper Firefly Perimeter?
Juniper Firefly Perimeter is a SRX Service Gateway and it’s delivered in form of a virtual appliance. You can compare it with HP VSR1000 Virtual Service Router or Cisco Cloud Service Router 1000V. Firefly Perimeter is available for VMware vSphere 5.x and Linux KVM. Microsoft Hyper-V is currently not supported. When you take a look into the datasheet you will notice, that Firefly Perimeter can all the cool things, that you expect from this kind of a virtual appliance: From simple routing, routing protocols (RIP, OSP, BGP, IS-IS…), MPLS, VPN, stateful/ stateless firewall, Network attack detection, a lot of management feature and many more.
A really cool thing is the Juniper Software Advantage for Security. With this licensing you can choose from multiple options and deploy the software on any platform, regardless if it’s hardware or a virtual appliance. The licensing is a perpetual licensing, so you buy once and use it indefinitely.
When using hardware based appliances it’s easy to track them. Go into the datacenter or the branch office and take a look into the rack. But a lesson I learned over the last years is: When you use virtualization, you need a lifecycle management. Otherwise you will often hear the question “What does server XYZ do??”. Junos Space Virtual Director addresses this demands. It’s a management application for Juniper Firefly Perimeter that helps you to automate the deployment and management of Juniper Firefly Perimeter appliances. To do so, you can use the REST API and attach the Junos Space Virtual Director to other platforms and tools (e.g. VMware Orchestrator).
Shut up and take my money!
If you want to test Juniper Firefly Perimeter in your lab, then you can simply download it. Juniper provides a 60 days evaluation. All you need is a Juniper Networks account and this link: *click*
I assume that you use VMware vSphere. In this case you have to download the OVA file and deploy it with the vSphere C# or Web Client. The virtual appliance is configured with 2 vCPUs, 2 GB RAM and two E1000 vNICs. If you want to build complex setups, you can add additional vNICs (up to 10). Simply deploy the OVA file.
After powering on the appliance, the appliance will try to get an IP address on interface ge-0/0/0.0 via DHCP. Web management is also enabled on this interface. If the VM gets an IP address, you can open a browser and enter the IP address. If everything went right, the Setup Wizard appears.
The wizard helps you to do the initial configure of the appliance. It’s very handy if you have not much experience with Junos. If you’re versed with the configuration of Junos, you can configure the appliance using the CLI. Just login as root without a password. Juniper Networks has a really good documentation, so take a look into the Junos 12.1 documentation.
Feel free to follow him on Twitter and/ or leave a comment.
Latest posts by Patrick Terlisten (see all)
- Replace SSL certificates on Citrix NetScaler using the CLI - July 13, 2018
- Bypass stateful firewall on a Sophos XG - July 11, 2018
- Veeam backups fails because of time differences - July 8, 2018