Juniper EX4500 review

Ethernet switches like the Juniper EX4500 are a stock ingredient of enterprise networks

Juniper screenshot

Juniper screenshot

Ethernet switches like the Juniper EX4500 are a stock ingredient of enterprise networks. They connect desktops to servers in the data centre via a three-tier system of access, aggregation and core Ethernet switches.

Access layer switches reside in cupboards on each floor of the building, connecting desktop computers, networked printers and now also IP enabled telephones. These access layer switches are also connected to aggregation switches in each building and are uplinked to the core network in the data centre — usually by fibre optic links. In the data centre, the core network switches are in turn connected to more aggregation layer switches that connect to racks and racks of servers hosting the applications that users access, such as email, file storage, intranet, outbound web proxies and so on.

The drive to consolidate and reduce this sprawl of under-utilised servers in the data centre has led to a rise in the use of virtualisation technology, which drove the introduction of larger blade servers to fully use their allocation of CPU and RAM.

The Juniper EX4500 is aimed at this data centre and campus network aggregation role. It provides 40 fixed ports which can be populated with either dual Gigabit Ethernet or 10 Gigabit Ethernet fibre optic modules, as well as two additional slots for four port, 10 Gigabit Ethernet fibre optic uplink modules.

In a data centre aggregation role, this is a switch that can be populated with Gigabit Ethernet ports for physical servers, 10 Gigabit Ethernet fibre optic ports for blade server enclosures, and fibre optic uplinks to the core network switches.

In a campus aggregation role it can be populated with 10 Gigabit Ethernet fibre optic links to aggregate access layer switches and uplink them to the core network switches. Alternatively, in a small data centre, it can even be utilised in a redundant configuration — as a core switch — it includes the capability for two redundant power supplies. A key feature of the EX4500 is its Virtual Chassis technology, enabling the switch to be combined with others to act as a single device, removing the need for complex switch configuration.

First impressions are that it boasts seriously solid build quality. Power supplies and fan packs all install with satisfying 'snicks' — it is substantial, heavy and needing a second person to mount it in the rack.

A peek inside (through the hole for the fan pack) shows why. There are substantial heat sinks on every motherboard component. After connecting the 15 Amp power cord (don't be fooled, it wont fit standard Australian outlets due to a wider ground pin) the device sounds like a jet engine winding up.

All five fans in the fan pack start up at full speed, settling down to a dull whine after a few minutes. You get the feeling that Juniper’s engineers consider heat their number one enemy. Removing the fan pack to try and reduce the noise (we didn't have our ear plugs that day in the lab) quickly developed a problem. The switch soon started to protest, it really needs that fan pack in to operate correctly.

The EX4500 is initially configured using an LCD panel and two soft-touch buttons. Using this, it is easy to enter setup mode, halt the system or perform a factory reset. In setup mode, upon connecting a laptop to the management Ethernet port, it was also easy to enter the web interface — who has a serial port for connecting to a console port these days?

The web interface allows configuration of the management interface, SSH or telnet access, and SNMP read-only management. Through the web interface, each port can be configured with port role, VLAN options, link options and IP options.

We were impressed by the approach taken by Juniper to secure the configuration. On setup, a root password change is forced, management interfaces are disabled, SSH is made available as a secure alternative to telnet, and SNMP requires a custom community string for read-only operation.

The web-based management on the EX4500 is functional and easy to navigate. Status is shown on the front page, graphically displaying active ports and inactive components, such as an unplugged fan pack. The status of components — even airflow in component such as the fan pack and power supplies — are clearly presented.

Four menu options sit across the top of the web interface; configure, monitor, maintain and troubleshoot; making life really easy for the administrator. Surprisingly, the engineers have included a web-based network sniffer that allows you to download PCAP files. This brought a smile to our faces — no need to lug a notebook down to the data centre to diagnose problems!

The SSH interface is another matter, after connecting via the root account (hint) you will find a very Unix-like command line interface (CLI). Administrators could easily confuse a SSH connection to a Linux server with a JunOS CLI on their switch. Come on Juniper, how about a help command on the CLI? It would definitelay help those who are "manually challenged" at 3am in the data centre.

Good points

  • default secure configuration
  • web interface driven network sniffer
  • well-structured web interface with at-a-glance status

Bad points

  • telnet interface didn't seem to work when we first configured it (unlike the SSH interface)
  • boot time and shutdown time is a bit long (for the impatient)
  • command interface has no help function

It looks as if this switch was built by network engineers for network engineers — specifically for network engineers who like a web interface for management. The addition of the Virtual Chassis technology and various other nice-to-haves (such as the web interface driven network sniffer) makes a user appreciate how Juniper has tried to make their administration job as easy as it can be.

In conclusion, for those migrating to specialised virtualisation hardware, this device is a solid data centre aggregation switch; its easy-to-use web management interface will be a welcome change for most network engineers.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags EthernetNetworkingJuniper EX4500ethernet switchesgigabit ethernet switchesswitches

More about JuniperJuniperLANLinuxSNMPSSH

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Matt Tett

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place