How Netify creates SD WAN comparison matrix data?

Netify is an ideal platform to build an SD WAN comparison matrix by leveraging research data points which directly align requirements to the best fit Software-WAN providers and vendors.

Using Netify means you broaden your choices beyond the usual suspects which are known brands. In order to create your own SD comparison matrix, we've created 10 example data points.

Building a comparison matrix

What are the top 10 features to include with your SD WAN comparison matrix?

Below, the top 10 features you should include when creating your own matrix.

Primary line of business The vendors main offers including Managed Services, Carrier connectivity, WAN as a Service (both vendor and ISP in one), aggregation of multiple providers or Vendor only solutions.
Focus SD WAN technology If the provider is an aggregator or provider (think telco), there will be a list of vendor solutions to choose from. In addition, each vendor will offer differing architectures including managed SD-WAN, IP backbone connectivity and specific features such as NFV.
Traffic handling Some of the most discussed SD WAN features surround dynamic path selection, cloud provider selection and failover. If your VPN suffers high latency or jitter, how does the capability react to ensure application performance is maintained?
Sold standalone Can the appliance purchase go ahead outside of connectivity and cloud based services?
Support for MPLS & VPLS and other private WAN technologies Certain vendor solutions only offer Internet services connectivity. Cisco Meraki is an example where MPLS/VPLS is configurable but the standard architecture is based around ISP access.
Global coverage Certain providers offer support and coverage in excess of 200 countries. Understanding how international circuits and services are delivered is a critical aspect to understand for Global Enterprise business.
Differentiators What are the unique features of each provider & vendor? Does the capability offer next generation security, advanced WAN optimisation technologies or comprehensive network monitoring?
Security  Security is now an integral component of any SD WAN decision making process. Selected vendors may offer built in, single appliance, next generation security where others may offer 3rd party partnerships to deliver the end to end solution.
Proof of Concept Selected vendors will offer a proof of concept, demo or trial of their SD WAN solution.
Architecture How services are deployed in respect of WAN edge, NFV (Network Function Virtualisation) or Cloud based gateways. Architecture also includes details about whether or not the provider or vendor offers their own backbone access or aggregation connectivity.

What is the SD WAN provider or vendors primary line of business?

The WAN market has changed significantly over the last few years with more vendors than ever selling WAN edge, Cloud-based services and NFV solutions decoupled from connectivity. IT teams are actually putting focus on SD-WAN software features believing the capability will solve poor circuit performance issues. The decision to be made is whether your business prefers the service provider (think traditional telco) leading the sales process (by involving selected vendors which they then add to their IP backbone) vs vendor only.

The opportunity now exists to consolodate all aspects of networking into one single device. Security is now firmly positioned as the main priority when selecting solutions together with WAN optimisation and statistics. When comparing solutions prior to SD WAN, IT teams were often forced to deal with multiple vendors to create their capability.

What is the SD WAN focus technology?

Certain vendors often excel in one specific area of networking. An example is Riverbed where their original value was firmly based around WAN acceleration and optimisation. While their SD WAN proposition is clearly feature rich and capable of delivering all aspects of the WAN, their focus remains on their original value.

Ouside of features, vendors may also operate their own IP backbone for single network VPN delivery. In this sense, the vendor has become a hybrid of traditional telco and vendor. Or perhaps the vendor is highly experienced in both the LAN, WAN and Security enabling an end to end single vendor deployment.

How does the provider or vendor deal with traffic handling?

The capabilities deployed to deal with packet loss, high latency or jitter and general outgages are perhaps the main driver behind SD WAN solution adoption. With traditional layer 3 and layer 2 WAN solution designs, an issue with the network was very much based around a binary up/down status.

Software WAN traffic handling senses network conditions to evaluate which circuit is best suited to offer maximum performance. In most cases, primary circuits are generally based around Ethernet connectivity but 4G & 5G are bringing more bandwidth to the table, they're also able to circumvent fibre in the ground failures. Good network monitoring also enables trend reporting to evaluate how best to manually handle traffic routing where required.

Are you able to buy the service standalone vs Internet access?

When considering SD WAN physical network infrastructure, the decision needs to made whether single point of contact is required in respect of support and billing. Again, looking retrospectively,  previous WAN solution deployments were often driven by the desire to procure services from one single provider; in the UK, this was typically a telco.

Does the SD WAN solution support MPLS & VPLS?

While the discussion around cost savings is typically based on using the Internet to reduce costs, we often find hybrid WAN architecture includes some form of private networking connectivity. There are vendors which support agnostic connectivity options meaning the choice is largely based on the best fit circuit type vs requirements. 

Cisco Meraki is perhaps an example of where MPLS & VPLS are not supported with ease. In fact, Meraki view Internet as true SD WAN capability and therefore configuring private networking options is often protracted and difficult when using Meraki edge CPE.

What are the SD WAN challenges for Global Enterprise business?

Global services should be considered across two areas. The first is whether or not the vendor offers in country sales support specifically across UK, Europe, US and Asia. While certain vendors operate on a Global basis, their core capability might be US or UK centric (as an example). In other scenarios, vendors often state support for Global connectivity but the reality is that no actual staff exist in the specific location. (i.e. no feet on the ground)

With regards to application peformance, the challenge has always been firmly based around the laws of physics as, simply put, time is required to send traffic from one side of the globe to the other. When considering voice applications, SD WAN vendors are offering support to ensure delay sensitive applications perform to their best ability across any network connectivity. With this said, we would carefully consider which connectivity services are best suited to your business.

At a high level, what are the differentiators?

In the main, we find typical differences to surround the vendors ability to support next generation firewall security, WAN optimisation and Global provision. The majority of SD WAN solutions offer some form of the afore mentioned differences but depending on your needs, the impact of their ability (or lack thereof) could impact your WAN performance. Nearly all solutions support security but some require partnerships to deliver on the full suite of feature rich capability. And the same applies to WAN acceleration services.

Does the provider or vendor offer next generation security features?

A next-generation firewall (NGFW) is one of the most discussed elements when considering SD WAN security provision. Deployed within your HQ and branch-offices, an NGFW is an enhanced, improved version of traditional firewalls.

An NGFW runs multiple areas of Security including granular application awareness, intrusion detection and prevention, URL and web content filtering, malware detection, and antivirus protection. NGFWs and Virtual Network Functions  can also be based within the cloud in addition to on-premises based hardware.

Are we able to arrange an SD WAN proof of concept?

The majority of SD WAN providers & vendors offer POC (Proof of Concept) to test capability vs your requirements. Cisco Meraki (as an example) offers over a month of testing with their hardware with Cisco pre-sales support. Other vendors may offer a complete demonstration rather than actually loaning hardware.

How is the SD WAN solution deployed in respect of architecture?

There is an initial decision to be made regarding de-coupling vendor solutions from connectivity. The majority of SD WAN solutions do not offer connectivity, rather there is the notion that your IT team will go ahead and procure Ethernet, Broadband, 4G and 5G as required.  In addition, your business may lean toward a NFV (Network Function Virtualisation) SD WAN solution which will require data centre hosting. Whatever the outcome of architecture, an early decision should be made about whether your IT team requires a single point of contact across all networking elements or whether you are open to selecting individual components which may result in multiple points of contact.