Router-based WANs prove to be highly complex for today’s multi-cloud and mobile business environment. Many enterprises are re-tooling their networks in favour of SD-WAN technology, driven by the fact that multi-cloud networking has become crucial to their cloud-driven enterprise. With the enterprise migrating to cloud-based applications, bandwidth demand increases that traditional enterprise WAN solutions (like MPLS) are struggling to satisfy at acceptable costs and flexibility. Enterprises recognize the importance of integrated security and SD-WAN as they select secure SD-WAN solutions to reduce complexity and enhance their organization’s security posture.
There are many SD-WAN vendors with different backgrounds such as security, routing and WAN optimisation. Each one of them brings its own pros and cons. The best SD-WAN solutions should not only offer uninterrupted performance but must also be reinforced with SD-WAN security features, especially for those branch offices that include direct internet access to online and cloud-based resources. So what to look for in SD-WAN vendors?
SD-WAN vendors package SD-WAN capabilities with other functions, namely security. Their networking capabilities (and differentiators) are often exposed through their management consoles. But simply said, there is no single out-of-the-box solution when it comes to finding the ‘right’ SD-WAN vendor. When walking down the path of selecting the best SD-WAN vendor for you, this overview of top SD-WAN vendors in 2020 should help. We looked at those who successfully differentiated themselves during 2019, by offering an advanced and innovative portfolio of top-performing SD-WAN solutions.
1. Juniper Networks Contrail
With Artificial Intelligence changing the networking game, Juniper Networks believes AI fuels the age of self-driving networks. Juniper maximizes flexibility with both on-premise and cloud-managed service options for SDN control. In 2019 Juniper Networks further expanded on those advantages with enhancements to the enterprise portfolio, announcing that their SD-WAN management console now includes its SD-LAN service.
With this, enterprises are given a simplified approach to managing their SD branch deployments. Continuing on the theme of unified operations, Juniper Networks has also made it easier to operate Wi-Fi networks in conjunction with the SD-Branch. The same portal for SD-WAN and SD-LAN can be used to show Mist wireless access points and launch the Mist cloud for WLAN provisioning, troubleshooting, management and other day-to-day operations.
When it comes to SD-WAN, Juniper scales from smallest branches to largest campuses needing 100-Gbps connectivity at the WAN edge. The Contrail SD-WAN solution heavily simplifies the complexity of enterprise-wide networking and management. Contrail SD-WAN provides unified policy and security controls across myriad WAN connection types, supporting MPLS, broadband, 4G LTE and others.
It offers dynamic path selection to ensure the right transport mode for the workload. The Contrail Service Orchestration (CSO) platform allows for the creation of self-service portals; making it easy for customers/users to provide any type of connectivity without support from IT staff or the service provider.
With zero-touch provisioning (ZTP) you simply ship their CPE to your site for automatic SD-WAN access. All branch devices and cloud endpoints are managed in this way and are supported centrally. Setting up policies per site, tenant, or end-user is painless, quick and simple.
2. Riverbed SteelConnect
Shortly after announcing Riverbed expanded its enterprise SD-WAN market presence by signing a strategic global OEM with Versa Networks, in October 2019 Riverbed announced a significant milestone in the evolution of its SD-WAN portfolio, introducing the SteelConnect EX. This enterprise-class and carrier-grade WAN Edge Infrastructure solution complements the existing SteelConnect CX series and provides maximum flexibility for complex networks, with integrated application acceleration and advanced network security services. The SteelConnect CX will continue to be positioned to SME customers
Riverbed’s full product line seamlessly integrates WAN optimisation and SD-WAN functionality into a single appliance. With SteelConnect Director, Riverbed provides a centralized management platform that includes the essential management, monitoring and orchestration capabilities for distributed SD-WAN deployments. Riverbed’s SD-WAN solution can seamlessly co-exist and interoperate with legacy networks, while SD-WAN services enable organizations to adopt hybrid and Internet-based topologies. Riverbed enables one-click creation of cloud-based SD-WAN, automated connectivity between cloud vendors, cloud regions, branch offices and the cloud. Their SteelConnect product line provides policy-based orchestration that spans the entire distributed network fabric. It includes optimisation into AWS and Microsoft Azure, with one-click connectivity. SteelConnect is also capable of improving app performance for all TCP traffic.
As a WAN edge platform, Riverbed’s SteelHead SD integrates SD-WAN, WAN optimisation and perimeter firewall capabilities into a converged platform. It provides high performing and secure delivery of remote applications via centralised policies. The appliance and software are available by subscription, with Riverbed offering the appliance, cloud-based platforms and software with flexible pricing options.
Riverbed also offers solutions for doing application performance monitoring. APM is key for those who are moving their applications to the cloud and want to continue to be able to monitor the performance of their applications.
3. Citrix Netscaler
Citrix NetScaler SD-WAN solution stands out amongst networking professionals, having been named a Challenger in Gartner’s 2019 Magic Quadrant for WAN Edge Infrastructure. They offer a single appliance for the branch. Key features include real-time packet-based path selection, support of bi-directional QoS, branch security integration with advanced firewall and cloud-based security solutions as well as zone-based segmentation to help maintain different policies for different groups.
Citrix SD-WAN also consolidates other network functions such as WAN Optimisation and stateful firewall. Appliances are run in remote sites and data centres and can run multiple transport modes, from MPLS and mobile to broadband, through a single virtual link.
One of the major features includes treating multiple WAN circuits as a unified pool of bandwidth, with centralised reporting and integrated WAN optimisation.
Citrix SD-WAN is a powerful appliance that increases the reliability of WAN, reducing recurring bandwidth costs and improving application performance. It’s an enterprise-grade, scalable Software-Defined Wide Area Networking product that combines WAN optimisation, edge routing, WAN virtualisation, VPN, firewall capabilities, end-to-end application visibility and centralised control. It also offers the capability to optimise technologies such as Citrix’s XenApp and XenDesktop, or other enterprise application protocols.
4. Fortinet Secure SD-WAN
Regardless of the size of the business, ditching MPLS for a speedy and inexpensive broadband connection doesn’t come without challenges, and one of the biggest remains security. Having Secure SD-WAN is a key factor in selecting SD-WAN vendors.
Fortinet received its second consecutive NSS Labs ‘Recommended’ ratings in the SD-WAN Group Test. It delivered the lowest Total Cost of Ownership per Mbps among eight SD-WAN vendors. They were also a ‘Challenger’ in Gartner’s 2019 Magic Quadrant for WAN Edge Infrastructure. And in December 2019, Fortinet announced their Secure SD-WAN was chosen by over 21,000 global customers, supporting enterprises with up to 100,000 sires. Let’s take a look at why Fortinet’s Secure SD-WAN solution is definitely worth considering.
Fortinet has been the lone security vendor to reject the reliance on chips that were, according to Fortinet, ‘never designed to deliver high-end security processing’. With decades of focused ASIC development experience, in 2019 Fortinet released the new SOC4 (system on chip) security processor, a purpose-built silicon chip that enables routing, security, and SD-WAN functions. The FortiGate 60F Next-Generation Firewall is one of the fastest and most powerful full-featured desktop SD-WAN appliances available in the industry. To keep up with the highest demands of today’s distributed networks and business applications, it enables organisations to affordably implement WAN edge transformation.
The FortiGate Secure SD-WAN includes advanced routing, WAN Optimization capabilities and NGFW security. The simple SD-WAN solution also replaces costly MPLS and because the SD-WAN solution is built into a firewall, it provides ease of deployment and cost savings. Using the Fortinet secure SD-WAN solution could also result in less latency between sites compared to the current MPLS.
5. Silver Peak Unity EdgeConnect
In December 2019 Silver Peak announced a series of advancements to their cloud-scale Unity EdgeConnect SD-WAN edge platform, which is advertised as a ‘business-driven WAN’. It combines SD-WAN, segmentation, firewall, routing, application control, visibility and WAN optimization into a consolidated package.
New capabilities include one-click automation with leading cloud services, multi-fabric orchestration and management, advanced segmentation and cloud-scale connectivity. Other features include Dynamic Path Control, WAN Hardening and Tunnel Bonding. Advanced one-click automation should ensure consistent security and application policy enforcement across all WAN locations, strongly reducing configuration time.
Silver Peak Unity EdgeConnect enables distributed enterprises to build a WAN that securely connects users to applications without compromising on application performance. Advanced features include application-specific routing, fully automated traffic handling and adaptive internet breakout.
The SD-WAN vendor has proven to deliver flexibility and many deployment options that are hard to match. They were named a Leader in the 2019 Gartner Magic Quadrant for WAN Edge Infrastructure. For secure SD-WAN, Silver Peak comes with a broad security partner ecosystem including Palo Alto Networks, McAfee, ForcePoint and Symantec.
By deploying the EdgeConnect SD-WAN edge platform, application performance, security and routing are dictated by top-down business policies. A graceful migration to an SD-WAN is provided because EdgeConnect is compatible with many existing WAN infrastructures. Unity EdgeConnect delivers a high-performance SD-WAN solution that improves customer responsiveness and business productivity while significantly lowering WAN OPEX and CAPEX.