With Netify free research, your company is positioned to create your own specific top 10 list of SD WAN companies against high level requirements.
The Netfiy platform is designed specifically to align the right customers to the right SD WAN companies. With a free Netify account, your business is positioned to submit high level requirements via an interactive form which triggers Netify to produce a comparison report within 24-48 hours against your specific requirements.
In phase 2 of Netify (currently under development), we will be offering direct access to perform your own SD WAN provider comparison searches via username and password login.
Which elements does Netify consider when comparing SD WAN companies?
SD WAN architecture
There is an initial decision within every organisation regarding which Software-Defined WAN solution architecture is a best fit vs requirements. The typical SD WAN deployment is delivered across three solution areas:
- Vendor only
An example of a pure vendor play is Meraki where the connectivity is not bundled with the capability. When deploying this kind of architecture, the customer must understand the need to manage multiple billing and service elements. There is extreme flexibility in this approach since your WAN is not tied to the technology leaving your business to procure network connectivity as required. In the UK, especially, we have tendency to procure managed services from the large telecoms companies making migration to new providers a difficult experience.
- Vendor and network connectivity
The architecture where vendor services are procured via the service provider aligns to how MPLS VPN services are typically procured. In this design, via service providers or Value Added Resellers, the provider backbone is paired with whichever vendors are within portfolio.
- Vendor with their own network backbone
There are certain vendor companies that are building their own private backbone connectivity with PoPs in the majority of Global metro areas. The theory is that your traffic is sent via a local ISP connection using IPSec SD WAN VPN to the local vendor PoP meaning traffic transiting International locations is kept on a private MPLS network with a QoS enabled backbone.
What are key SD WAN benefits?
The transition to SD WAN is normally made from technologies such as MPLS where end to end QoS (Quality of Service) is a known quantity. When migrating services to an SD WAN company, there is a need to understand how the properties of latency and jitter will be impacted using the Internet. In some instances, vendors offer support for hybrid connectivity meaning MPLS or VPLS could be the circuit of choice for selected HQ/branch sites.
Understanding how any prospective SD WAN company deals with traffic is necessary during the selection process. The features of Software networking solutions are typically:
Application path selection - the ability to sense when a preferable link is available is one of key tenants of SD WAN value. If the network becomes congested or encounters issues, software-WAN technology reacts by selecting an alternative path based on configured policies. An example use case is where traffic for cloud-based applications which are not deemed as important (.e.g Youtube) increases - SD WAN is able to make use of a less critical link for this traffic destination. Various metrics are in play such as packet loss, latency, jitter, MOS, PESQ and hard-down. Cloud path selection operates in a similar way to mission-critical applications and path selection, cloud applications are often routed via different paths by steering the cloud service of interest to the path/circuit which offers the best properties.
Granular QoS - one of the concerns for IT teams migrating away from MPLS VPN services is the loss of end to end application prioritisation via Quality of Service. Using the Internet does mean traffic cannot be privatised end to end but the positive aspect is improved granular control of how applications are treated overall in respect of technologies such as the afore mentioned path selection. SD WAN moves QoS forward by being able to sense issues such as congestion, excess latency and packet loss.
WAN Optimisation - optimising traffic is not a new networking concept, the ability to select where to optimise per application or source/destination IP traffic at the click of a button is one of the core tenants of Software-WAN solutions. Select from TCP optimisation, de-duplication of packets and caching.
Bandwidth session based load balancing - making use of extra bandwidth across multiple circuits with intelligent path selection. An example could be a small branch site with Broadband and 4G/5G connectivity. With SD WAN load balancing, the small branch could balance their application traffic vs preferred connection type, perhaps priority cloud-based services.
Statistics - with no insights into network performance, IT teams face a huge challenge to make decisions on bandwidth infrastructure upgrades and QoS settings. The reporting functionality of any Software-WAN capability is granular in-line with the ability to understand application traffic across security and QoS.
Management - the typical management capability revolves around GUI (Graphical User Interface) style portal access. The complexity of managing your SD WAN service varies between each offering with some solutions requiring more expertise than others.
Security - Next-Generation Firewall Security is now one of the major solution selling points across SD WAN solutions. When conducting comparison of SD WAN companies, IT teams are often faced with vendors offering built-in Next Generation Security or using a recommended 3rd party to compliment the Software WAN solution.
Orchestration - Service Orchestrator manages overall project lifecycle including fulfilment of services, traffic monitoring, reporting analytics, security, and policy delivery/management. Good orchestration results in an agile network delivery to meet the demands of all HQ and branch offices.
Zero-Touch Deployment - where businesses require fast, uncomplicated delivery of network connectivity. In general terms, ZTP is the enabler to simplified delivery as no prior interaction with hardware is required.
WAN Edge, On Premises, Cloud and NFV - SD WAN edge is either based on physical hardware or Virtual CPE (Customer Premise Equipment) which is often Cloud based. The edge forms the basis of your connection in respect of the VPN, security policy enforcement and WAN optimisation.
Who are the top 10 SD WAN companies for your Enterprise?
For the purpose of this article, we’ve selected a list of 10 SD WAN companies from the Netify database in table format.
|Technology||Product name||Aryaka||Versa||Meraki||Viptela||Silver Peak|
|Year launched||Year of launch||2009||2019||2015||2012||2014|
|SD WAN architecture||Edge, Gateway, NFV||25 Global PoP locations||Edge based||Edge based||Edge based||Edge based|
|Gartner Magic Quadrant||Status||Visionaries||Visionaries||Challengers||Challengers||Leaders|
|Form factor||Hardware, Virtual or White Box||Physical||Physical||Physical / Cloud||Physical / Cloud / Virtual||Physical / Cloud / Virtual|
|Controller location||Hosted or On-Prem||Cloud||Cloud||Cloud||Cloud or On Prem||Cloud or On Prem|
|Site disconnection from controller||Edge becomes disconnected||Routed via alternative site or 2nd PoP||Continues to run but will not learn||No policy updates or new sites||Operations continue.||No changes can be made.|
|Firewall||Basic, Stateful, Next Generation with IDS, IPS||Basic, advanced via partners||Advanced||Basic, Advanced||Basic on Viptela, advanced using other hardware||Basic, advanced via partners|
|WAN optimisation||App acceleration, TCP optimisation, caching, deduplication, compression||Yes||No||Limited||Yes (add-on to Cisco hardware; not available on vEdge||Yes; add on|
|Traffic handling||Session based, link based, packet based||Packet based||Session based, packet based is possible||Session based||Session based||Packet based|
|Cloud path selection||Measure application performance making SaaS / Hosted app decisions||Partneredwith AWS & Azure with manual route routing for others||Limited, uses loss & delay to determine the best path||No||Limited using BFD to equal their vQoE score||SaaS optimisation to select optimal WAN egress point|
|Fail to wire||Device still passes traffic||Yes||No||No||Yes (Cisco hardware)||Yes|
|3G/4G / 5G||Wireless Cellular||No||Yes (SIM card on all devices)||MX67C or MX68CW only||SIM card slot on certain models||No|
|WAN circuits||Max# of circuits||2||2 wired+1 3G/4G||2 wired+1 wireless backup||Yes, selected devices||4 to 8|
|Max capacity||Max amount of traffic for largest device||300Mbps||2Gbps||1Gbps||>1Gbps||10Gbps|
|Licensing model||How the provider licences SD WAN||Duplex||Duplex||Aggregate||Duplex||Duplex|
|Differentiators||Unique features||Global core network||Simple site activation and management with mobile app, Next Gen Firewall||Single pane of glass, Wi-Fi, Switching & Security cameras||Viptela can be installed on Cisco routers, supports bespoke requirements||Legacy WAN optimisation, Adaptive FEC|
|Technology||Product name||CATO||CloudGenix||Oracle / Talari||Citrix||Velocloud|
|Year launched||Year of launch||2016||2013||2007||2013||2012|
|SD WAN architecture||Edge, Gateway, NFV||40+ Global POPs||Edge based||Edge based||Edge based||100+ Global gateways|
|Gartner Magic Quadrant||Status||Not ranked||Visionaries||Niche players||Challengers||Leaders|
|Form factor||Hardware, Virtual or White Box||Physical / Cloud / Virtual||Physical / Cloud / Virtual||Physical / Cloud / Virtual||Physical / Cloud / Virtual||Physical / Cloud / Virtual|
|Controller location||Hosted or On-Prem||Cloud, Distributed across PoPs||Cloud||On Premise||On Premise||Cloud|
|Site disconnection from controller||Edge becomes disconnected||Edge connect to backup PoP||No policy updates or new sites after 72 hours||No central policy updates or new sites||Established tunnels will continue to run||No policy updates or new sites|
|Firewall||Basic, Stateful, Next Generation with IDS, IPS||Advanced||Basic, advanced via Partners||Basic, advanced via Partners||Basic, advanced via Partners||Basic, advanced via Partners|
|WAN optimisation||App acceleration, TCP optimisation, caching, deduplication, compression||Limited TCP optimisation||No||Add on||Selected devices||No|
|Traffic handling||Session based, link based, packet based||Packet based||Session based||Packet based||Packet based||Packet based|
|Cloud path selection||Measure application performance making SaaS / Hosted app decisions||Cato backbone with egress at optimal point||Measures application performance||None||Citrix offers path selection at 7 PoP locations||100+ shared gateways|
|Fail to wire||Device still passes traffic||No||Yes||Yes||Yes||No|
|3G/4G||Wireless Cellular||No||No||No||Yes, 210SE has integrated cellular||Limited via USB|
|WAN circuits||Max# of circuits||3 Internet, 1 Private||4 to 6||4 to 8||8||Various capabilities|
|Max capacity||Max amount of traffic for largest device||1Gbps||5Gbps||5Gbps||Up to 12Gbps||5Gbps|
|Licensing model||Aggregate throughput||Duplex||Duplex||Duplex||Aggregate throughput||Aggregate throughput|
|Differentiators||Unique features||Global core network, next Gen Firewall||Layer 7 to track apps||WAN optimisation at no extra cost, per packet measurements||One device for WAN optimisation, SD WAN & Citrix SaaS||Gateway optimisation for Cloud & SaaS apps, some devices act as a WAP|