Robert Sturt

By: Robert Sturt on March 9th, 2020

Print/Save as PDF

Which SD WAN appliance vendors fit your business?

SD WAN

When considering SD WAN architecture, there are typically two main options across the procurement of services. The first is to select an appliance vendor offering SD WAN technology only, I.e. without connectivity.
The second option is to procure services from providers with their own backbone infrastructure resulting in a single solution for billing and support.

The table details the main features and benefits of each SD WAN appliance vendor, highlighted in yellow are the vendors offering appliances not tied to connectivity. Certain vendors (e.g. Silver Peak) only sell via Resellers, not direct. See this page for more information.

Using the table, you'll learn about SD WAN appliance vendors that offer hardware or NFV only with providers that are intrinsically aligned to their network infrastructure.

Which 30+ SD WAN vendors and 200+ providers are a fit for your business?
Find out with the online SD WAN quick assessment. We'll tell you which providers fit your high level requirements.

Below. SD WAN appliance vendors 1-5.

Feature Aryaka CATO Cloudgenix Versa Oracle
Year launched 2009 2016 2013 2019 2007
SD WAN architecture 25+ private PoP locations 40+ private PoP locations Edge-based Edge-based Edge-based
Gartner magic quadrant Visionaries Not ranked Visionaries Visionaries Niche players
Form factor Physical Physical, virtual (VMware), Cloud (AWS, Azure) Physical, virtual (VMware. KVM),  Cloud (AWS) Physical Physical, Virtual (VMware. Hyper-V), Cloud (AWS, Azure)
Controller location  Cloud Cloud distributed across PoP's Cloud Cloud On-premise
Site disconnection from controller Traffic is routed via a diverse site Edge connection to backup PoP No policy updated or new sites Devices will run but no new routes/MAC addresses No centralised policy updates or new sites
Firewall Basic, advanced from partners Advanced Basic, advanced via partners Advanced  
WAN optimisation Yes Limited (TCP optimisation) No No Yes, add on
Traffic handling Packet-based Packet-based Session-based Session-based is default, packet based is possible Packet-based
Cloud app path selection Partnered with AWS & Azure with manual for other SaaS providers Cloud apps leverage private backbone Measures app performance for best path Monitors loss, latency & jitter and steers based on conditons None
Fail to wire Yes No Yes No Yes
4G/5G No No No Yes, SIM card on devices No
Max WAN circuits 2 3 Internet, 1 private 4 to 6 2 wires+1 4G/5G 4 to 8
Max capacity 300Mbps 1Gbps 5Gbps 2Gbps 5Gpbs
Licensing Duplex Aggregate Duplex Duplex Duplex
Differentiators Global core network with WAN optimisation Global core network with next generation firewall Layer 7 application performance tracking Simple site activation with mobile app, next generation Firewall WAN optimisation, measurements taken with each packet

Below. SD WAN appliance vendors 6-10.

Feature Cisco Meraki Cisco Viptela Fortinet Silver Peak VeloCloud
Year launched 2015 2012 2017 2014 2012
SD WAN architecture Edge-based Edge-based Edge-based Edge-based 100+ Global PoPs
Gartner magic quadrant Challengers Challengers Challengers Leaders Leaders
Form factor Physical, Cloud (AWS, Azure) Physical (vEdge. ISR, ASR), Virtual (VMWare, Hyper V, KVM), Cloud (AWS, Azure) Physical, Virtual (VMware, XS, Hyper-V and KVM(Cloud (AWS, Azure) Physical, Virtual (VMware, Hyper V, Xen, KVM), Cloud (AWS, Azure, GCP, Oracle Cloud) Physical, Virtual (KVM, ESXI), Cloud (AWS, Azure, GCP)
Controller location  Cloud Cloud, On-premise as an option On-premise On-premise or cloud Cloud
Site disconnection from controller No policy updates or new sites Operations continue, user defined timers No impact on performance No configuration or policy changes during outage No policy updates or new sites
Firewall Basic, Advanced Basic on Viptela, Advanced on Cisco hardware Advanced Basic, advanced via partners Basic, advanced via partners
WAN optimisation Limited Yes (Cisco add on, not available on vEdge) Yes, 60E and above Yes, add-on No
Traffic handling Session-based Session-based Packet-based Packet-based Packet-based
Cloud app path selection None Limited, bidirectional forwarding direction (BFD) None SaaS optimisation chooses optimal WAN agrees point Yes, 100+ shared gateways for path optimisation
Fail to wire No Yes (Cisco hardware) No Yes No
4G/5G Selected devices (MX67C or MX68CW), via USB on other devices Yes, SIM card on selected hardware Via separate FortiExtender device No Limited, via USB
Max WAN circuits 2 Wired, 1 wireless (backup only) Selected vEdge devices 2 to 4 4 to 8 Selected Edge devices
Max capacity 1Gbps Up to 38Gbps 8.2Gbps 10Gbps 5Gbps
Licensing Aggregate  Duplex Aggregate Duplex Aggregate
Differentiators Next generation firewall, single pane of glass management, switching, security cameras Viptela can be installed on Cisco routers, ISR can terminate high throughput Next generation firewall, WiFI on selected hardware, single pane of glass Legacy WAN optimisation, adaptive FEC Gateway allows a customer to optimise traffic to cloud and SaaS applications

What do you need to consider when evaluating the best SD WAN appliance vendor?

SD WAN virtual appliance vs traditional WAN edge

One of the key tenants of Software-defined WAN surrounds the capability to deliver intelligence via management servers. The theory is that SD WAN would essentially remove the configuration from the traditional on-premise device thus lowering cost as the actual intelligence is delivered from a cloud-based management  x86 server. (for example)

Within the networking arena, most SD WAN solutions remain based on conventional WAN edge appliances for branch offices, HQ and data centre with an upward trend toward NFV deployments. With this said, there is cross over as aspects such as cloud-based security and WAN optimisation are available as stand-alone cloud NFV features depending on the vendors offering. This is more of a hybrid WAN edge and NFV approach.

WAN architecture includes:

  • Traditional WAN edge, hardware with the configuration delivered from Cloud management servers (often requires zero-touch deployment)
  • PC server architecture with virtualised versions of typical solutions
  • White Box architecture uCPE/vCPE where the vendor features are selected
How to decide on the best SD WAN appliance vs your needs?

In general terms, appliances and their corresponding features, are consistently at the basis of decision making. There are certain vendors which can be removed since their solution is not available as an appliance only product because the proposition is intrinsically linked to network connectivity. In many ways, Software-WAN is attempting to uncouple the connectivity from network functions; buying together is often viewed as a legacy way of procuring WAN services.

Once your business has shortlisted vendors to initially engage, the next step is to evaluate capability based on business needs. The typical headline buying decisions are made on cost, next-generation security (IPS, content filtering), WAN optimisation, cloud path selection, bandwidth with support for Ethernet, 4G/5G & Broadband and Cloud access

Do you want to manage your own appliance?

If you intend to purchase SD WAN as an appliance only solution, there is a need to think about the expertise required to make decisions on how best to deploy configuration. With the breadth of capability across Software-WAN features, the complexity is more about how to make the most of the solution and how to make the right decisions when deploying security policies.

Do you require co-managed or fully managed SD WAN appliances?

Co-managed services are becoming more popular as businesses recognise there are often unforeseen challenges during the deployment phase. The majority of SD WAN providers and vendors offer consultancy packages, an example is one month of configuration and deployment support, including initial work to bring your WAN up with a base configuration for testing. A scenario of where co-managed services often benefit is the afore mentioned setup of security which requires expertise to ensure the right decisions are made for the organisation.

Is your network complicated, requiring complex dynamic routing?

In some instances, large networks often bring with them a layer of complexity which may have developed over years of adds, moves and changes. Where dynamic routing is required, understanding how the SD WAN appliance supports specific protocols is a must within the presales process.

Do you have a specific cost budget in mind?

The cost conversation often leads SD WAN vendor discussions with floods of marketing. Vendors are suggesting ROI (Return on Investment) figures often result in cost reduction vs MPLS. The cost differences are often based on using lower-cost Internet vs.more costly private layer 3 MPLS or layer 2 VPLS circuits rather than the actual appliance lowering costs vs traditional edge devices. Businesses are also looking to leverage low cost Broadband and 4G/5G to lowers costs and add diversity.

Do you require cloud-based services, i.e. SaaS applications?

Access to cloud-based applications via Microsoft Azure, AWS and Google cloud may require an instance or WAN hardware device within a data centre environment depending on WAN architecture. There are vendors who offer in-network access to the cloud, but they are often providers of both the appliance and network services connectivity.

Do you require Global in-country support?

While most vendors suggest their capability is Global, their actual in country support may not offer physical employees to deal with issues. Whether the lack of physical presence in certain regions is an issue depends on how the appliance vendor deals with the replacement of any hardware and language barriers.

Should you consider an open-source appliance technology vendor?

When we think about the original vision for Software Defined Networking (SDN), an open-source approach is perhaps at the concept's core. In theory, the WAN is no longer tied to a specific vendor because Software replaces proprietary hardware and their respective operating systems.

In reality, and while there is the option to pursue open source solutions, the majority of leading appliance vendors offer their own take on SD WAN capability. With this said, within our partner portfolio, there is a halfway house with certain vendors offering white box appliances with the choice of which features to deploy.

About Robert Sturt

Robert is the Managing Director of Netify, a Network Union brand. With experience working across WAN services since 1998, Robert brings a wealth of experience based on hard won knowledge. A writer for Techtarget.com and an experienced business strategist, Robert can bring a tonne of value to your project.