Is Juniper The Next Cisco?


Juniper Networks kindly invited me to their Innovation Showcase, held on March 11, 2015 in Silicon Valley. They also paid my travel expenses and fed me nice food while I was there, alongside of many other media and analyst folks from around the globe. The purpose of the Innovation Showcase was for Juniper execs to interact with the influencers and opinion makers in the networking industry, flexing their muscles and just generally showing off what they’ve got. I got the impression that the event was sort of a “State of the Union” address from Juniper.

And it was interesting. I spent the entire day taking lots of notes and talking to lots of interesting people. Never was I bored.

I’m planning multiple posts about the Innovation Showcase, because there was far too much thought provoking information to cover in one post. In this post, we’ll hit the big ideas Juniper presented, and then think about them in the context of a question I’ve recently heard posed. Is Juniper the next Cisco?



The Big Ideas

Juniper talked around three major themes: routing, switching, and security. Imagine a professional bodybuilder on the platform, posing for the judges. Each theme struck me as a specific pose. Look, see what we can do here? Pretty awesome, eh? Now take a look at us from this angle. Nice, don’t you think? We really know how to oil a bicep! Perhaps you smirked at that, but I make the bodybuilding analogy with the best possible intent. Juniper is a huge company in the upper echelon of the networking industry. Even so, Juniper hasn’t been consistent in showing off its well-developed market physique. Frankly, it’s nice to see a bit of showing off from Juniper. What good are chiseled abs if you never take them to the beach?

Before I get into specifics, it’s worth pointing out that Juniper wasn’t just making product announcements, although if you follow Twitter and the “publish as fast as possible” tech media, no doubt you’ve seen talk of new products. Yes, there were product announcements which were important, but even more than that, Juniper stated that routing, switching, and security — RS&S for purposes of this article — is their focus. RS&S is what they are best at. RS&S is what their customers want from them. RS&S is where they think they are or can be better than anyone else.

While RS&S represent three gargantuan markets, the question comes up…is RS&S enough? That question becomes more pointed considering that Juniper recently sunsetted some of the security portfolio, making their security focus more narrow. The answer to the “enough” question depends entirely on your point of view.

If you’re a Juniper customer in the enterprise space…

Juniper offers a range of products in the routing, switching, and security space that could act as infrastructure for just about any enterprise. Juniper has products that fit in the campus (including the closet) and core switching & routing via the EX & MX products, and in data centers via the QFX line. Stateful firewalling at just about any speed is also covered via the SRX line. Virtual form factors of key products (Firefly Perimeter) are also available or will be soon (vMX). You’ll want to poke at the security story a little harder to see where Juniper’s offerings end for you, and “best of breed” solutions begin.

What’s more, these products all run Junos, which means it becomes easier to align network operations & standards across products. While there are CLI differences that logically match a product’s capabilities, by and large, the Junos CLI is a familiar place no matter what Juniper hardware box you’re on.

In summary, enterprise customers can look to Juniper as their supplier for the vast majority of their networking infrastructure needs, L2 & L3 especially. The addition of the QFX10000 spine switch and Junos Fusion (which I plan to address in later posts) make for lots of new — to Juniper — and interesting design options. And let’s not forget that for shops interested in automation, the Juniper story might be the best in the industry. Junos is API-driven, and has been for a long time. Even the Junos CLI is actually doing API calls under the hood. Juniper offers — and supports — the python PyEZ library for folks who like to automate with scripts. Juniper is also the major contributor behind the OpenClos project, an open source tool that aids in the building of data center fabrics.

If you’re a Juniper customer in the service provider space…

Service provider networks are not a major focus for me, but I have to admit that the new, custom silicon PTX supercore routers struck me as remarkable in their form factor, forwarding capacity, and power profiles. This is a lot of box in a relatively small number of RUs. Juniper compared it favorably to solutions from Cisco such as the CRS & NCS.

In addition, Juniper made a case around their Northstar controller that seems reasonable to me — traffic engineering gets easier if there’s a see-all box that can make the most of the bandwidth you’ve got. On the other hand, Northstar seems like a specific solution, solving a traffic engineering automation problem, but little else. Maybe I’m underselling it? Northstar is also not going to be integrated with OpenDaylight, not that it couldn’t be. Integration with ODL just isn’t something that Juniper specifically is interested in doing. Northstar has REST APIs, so it could be that some SP network operators will choose to perform an integration with ODL themselves, assuming ODL is a big part of their strategy going forward.

While the PTX play seems obvious (at least until other products offer similar performance density), I’m unclear as to how Northstar will resonate with service providers. I’m guessing there are very specific Juniper customers to whom Northstar will fit in right now, and with whom Juniper probably developed the product. Others? They might choose something more modular and inclusive as opposed to a point solution. Juniper’s not missing anything obvious that I’m seeing, considering their portfolio. Someone will clue me in if I’m wrong, I’m sure.

Was there more for service providers? Well, NFV is a big concern for SPs trying to automate customer offerings and deployments. The upcoming vMX and vSRX already fit nicely in that space. I believe that NFV products are a necessity for those who wish to sell to service providers.

In summary, I don’t think Juniper is going to lose any existing SP customers. There’s a good chance they might pick up some new business.

If you’re a Juniper shareholder…

I’m not here to predict numbers. So, while you must seek meaning in the entrails elsewhere, I’ll still make a few comments regarding the potential sales of the current Juniper line up.

  • The PTX will make existing customers happy, and open doors to new opportunities. This box should be relatively easy to sell, at least for now. The performance density battles will never end.
  • The QFX10000 fills in the gap that previously cut Juniper out of some data center conversations. If we relegate QFabric to the bin (which Juniper isn’t doing, I’m merely being pragmatic), then the QFX10000 was needed so that cloud-scale customers could build out massive leaf-spine fabrics when the QFX5100 simply lacked the required port density. This means that Juniper can sell fabrics as large as any other networking player. There is no reason Juniper shouldn’t have a seat at the table for the very largest of opportunities in the DC infrastructure space. They might win some deals here.
  • The security story needs something more. The SRX is a needed product, and there are many customers that rely on it. But I still don’t see Juniper as a security company. I mostly see the SRX and vSRX as simple, stateful firewalls whose largest selling point is arguably ease of management…assuming you’re a shop that’s committed to Junos already. I don’t see the SRX winning many deals as a point solution. The competition is too stiff from Cisco, Check Point, Palo Alto Networks, etc. In summary, the SRX is a capable outlier that needs a much stronger story built around it to win mindshare. That said, the security market is changing dramatically, with new ways of thinking about how to secure infrastructure. I caught glimmers in the eyes of Juniper management that they are taking the security strategy into some forward thinking directions. That won’t mean much for the bottom line in the next few quarters, though.

So, is Juniper the next Cisco?

What do I mean by “the next Cisco” in this context? If you look at Cisco over the last two decades, they grew…

  • Through mindshare.
  • By providing needed products at the right time.
  • Via endless acquisitions.
  • By entering diverse markets (not always successfully).
  • Via some amount of cross-product integration.
  • By training an army of engineers.

Considering this, is Juniper poised to take over the role of networking’s undisputed (by me, anyway) leader, Cisco?

No. Not yet. Where Juniper is strong, they are very strong. But there are many other markets where Juniper hasn’t even shown up. Routing, switching, and security, remember? That was the core messaging of the Innovation Showcase. Of that set, I’ll argue that they are only two for three right now. For Juniper to become the next Cisco, they need to be in additional markets where they can grow. For example:

  • Unified comms. Cisco has a huge unified communications product set that they’ve done extremely well with over the years. Even odds you’ve had a Cisco phone on your desk at some point in your career. I’m not suggesting the play for Juniper is to deliver an IPT solution. Goodness, no – that market is going away eventually, and maybe even soon. But what if Juniper bought Slack? That could make for an interesting future.
  • SDN. Juniper has Contrail, which I haven’t mentioned in this post until now — more on Contrail in a future post — and Contrail is interesting, with some adherents. Juniper also has Northstar, which I see as an SDN point solution mostly for SPs. But put controllers aside for the moment, and think about what Juniper does have already — a highly automatable infrastructure. They don’t have to build this functionality, like Cisco is, by most accounts, struggling to do with onePK. Automation capability is already there for Juniper. The automation story was there at the Innovation Showcase, but wasn’t quite the cornerstone it might have been, considering the competitive advantage it represents. Of course, it doesn’t help that Juniper, to date, hasn’t offered much exciting in the way of management software. Also, they seem determined (along with several other vendors) to push their own controllers instead of meaningfully getting behind OpenDaylight. I’m sure they have their reasons, but I can’t help feeling vendors with this strategy are making a long-term mistake. Juniper could do very, very well by building SDN applications on top of their foundation, but I’m not seeing many moves in that direction yet.
  • Owning the data center. Cisco has done rather well with UCS (I’m not experienced with the platform, but have heard nothing but positive things from those who are), and they’ve started a foray into storage. Juniper has zero interest in those markets from what I can tell.
  • Wireless. The Cisco wireless story is a good one, especially in the enterprise. Juniper bought Trapeze years ago, and haven’t made much of a dent in the market. They announced a partnership with Aruba in 2014, but HP has very recently acquired Aruba. So, what is Juniper’s wireless story going forward? I have no idea.

My point here is that Juniper isn’t — couldn’t be — the next Cisco. HP is in line ahead of Juniper. I could argue that Dell is, too. And Brocade looks very good to me. HP has a strong networking story that they can’t seem to sell all that much of, and Dell is heading the open networking route, an unproven path to take. Brocade continues to put add outstanding pieces to its puzzle, which, if they put together, should be a stunner. But all of these others (Cisco, HP, Dell, Brocade) have their feet firmly in the data centers of the world in ways that Juniper does not.

Oddly enough, I don’t think Cisco is the next Cisco, either. But whatever market share Cisco is losing, they aren’t losing to one competitor. If and when they are losing, they are losing to many competitors, in several different markets. No single competitor is standing tall as the next leader in networking. Instead, there’s a fracas from all corners — startups in particular. From an investor standpoint, I’m not sure there *is* a next Cisco. The various markets don’t especially know what they want or need as yet, and it’s risky to bet big on any emerging technologies in networking right now.

More thoughts on Juniper in upcoming posts.

About the author

Ethan Banks

Most people know me because I write & podcast about IT on the Packet Pushers network. I also co-authored "Computer Networks Problems & Solutions" with Russ White.

Find out more on my about page.


  • The thing I find most interesting about this post, Ethan, is that Juniper has spent the last year or so trying to clean up their messaging, promoting their “back to basics” approach and going back to what they do best. Most are glad to hear it, as it seemed Juniper was a bit scatterbrained without a clear direction.

    But instead, you almost seem disappointed that Juniper isn’t rolling out average or sub-par products in spaces they have no business being in (telephony, wireless), just to say they play in that space. Yes, they could buy companies (Juniper buying Aruba was a pretty big rumor for quite a while) but it’s just not what they want to focus on.

    It’s just an interesting viewpoint that I haven’t heard before.

  • Good, but useless for non-US based people. As the major growing star is not mentioned. Huawei….

    • “Useless” is overly harsh, but your point is well taken. Huawei does seem to be doing well globally, but isn’t going to crack the US nut anytime soon. They have many mindshare hurdles to overcome as they’ve been vilified in America.

  • On the Juniper wireless story – I work in the public sector, and we now have to replace our Trapeze installation with someone else, as Juniper has finally admitted that they will not re-certify their gear for FIPS 140 compliance.

    As we have involvement with law enforcement agencies, it’s a must have item and Trapeze was formerly FIPS 140 certified before their acquisition by Juniper.


Most people know me because I write & podcast about IT on the Packet Pushers network. I also co-authored "Computer Networks Problems & Solutions" with Russ White.

Find out more on my about page.

Subscribe via Email

Receive complete, ad-free posts in your inbox as I publish them here.

Secured By miniOrange