by Deepak Seth


Nov 28, 2017
Enterprise ArchitectureNetworkingSD-WAN

SD-WAN offers multi-cloud enablement, improved network performance, centralized control and cost rationalization opportunities for the forward-thinking CIO. The sector is in a state of flux and the ‘Goliaths’ (Cisco, VMware) with Gen-1 SD-WAN products are being severely challenged by the ‘Davids’ (CloudGenix, et al) with transformative Gen-2 SD-WAN solutions.

Integrating SD-WAN
Credit: istock

If you are a CIO wondering what the SD-WAN buzz is all about, don’t worry, you are in good company. The remote office network connectivity market is a huge one: 25 million offices; $25Bn market opportunity. However, less than 5% of the market has adopted SD-WAN – metered as it were by the limitations of first generation SD-WAN products. Coming up to speed is imperative because the pundits predict 50% of customers will be using SD-WAN within the next 36 months driven by compelling Gen-2 SD-WAN offers such as those by CloudGenix.


What SD-WAN (Software Defined – Wide Area Network) does is provide remote office locations seamless, secure connectivity across multiple communications channels and across the entire corporate application portfolio from a single centrally managed operational console.

I first wrote about SD-WAN about a year ago, after I had met some start-ups in the space (“Corporate IT meets startup innovators”).

One year is a very long time in this space, and a lot has happened in the space since then. as when I met him today, he had some exciting news to share. SD-WAN has grown explosively over the last year: some of the biggest customers in the Fortune 500 across manufacturing, banking, retail, healthcare etc., retailers with thousands of locations, global manufacturers with international locations, banks that form the financial back-bone of the industry – all use SD-WAN today for their remote office connectivity needs.

Market consolidation and flux

The network connectivity market in a state of major flux and consolidation. The most recent examples  being market leader Cisco’s $610 million acquisition of SD-WAN vendor vIPtela and another leader VMware announcing plans to purchase VeloCloud.

Evolving technology spectrum

The first Generation (Gen-1) SD-WAN players (Cisco, VMware et al) have focused on delivering communications cost savings by enabling customers to integrate broad-band connectivity through existing carriers.

On the other hand, Gen-2 players (CloudGenix et al) have not only enabled this baseline of connectivity across diverse transports, but also enabled the application-centricity needed in a cloud-first world. CIOs need WAN solutions that align with a multi-cloud strategy – this is at the core of the Gen-2 SD-WAN value proposition.

Here are some questions which you as CIO grapple with when evaluating network connectivity options.

I am locked in with my existing legacy hardware (routers, etc.) which are not yet fully depreciated. How will the financial model work?

SD-WAN can coexist with existing infrastructure and you can continue to get depreciation on existing hardware. You can put SD-WAN software to work in tandem with existing routers which can be removed once they are fully depreciated. It also gives you the financial leeway to move from a Capex model to a subscription based Opex model.

However, knowing that IT organizations operate at different points on the Capex-Opex continuum, SD-WAN vendors offer several alternatives:

  • Fully capex model: Customer buys an appliance (Intel Server) preloaded and optimized for CloudGenix software
  • Customer buys the software and installs on own in-house infrastructure.
  • Fully OpEx model: A subscription based cloud hosted solution.

Also in terms of the sales cycle model SD-WAN vendors can respond directly to RFPs, working through an integration partner or with a Channel Partner.

Why should I not stick to bundled offerings from my existing telecom service provider (AT&T, Verizon, et al)?

That is an option, but one often ends up with limited operational freedom to drive costs down leveraging different telecom rates at different sites. Also, one is stuck with a plethora of hardware at different sites and burdened by response times and finger pointing when problems arise. Lots of money spent on change control.

SD-WAN solutions allow inter-operability across many communication modalities. Network traffic can be driven based on cost or performance policy considerations which can be consistently defined and applied for all sites from a single centralized operational console.

Do I get locked in with a specific cloud services provider?

Check if your SD-WAN vendor is agnostic to the CSP choice. They should have strong technology partnerships with all the major players- AWS, Microsoft Azure et al. They should be able to work with any of them and having them deployed should simplify the process of migration between providers.

My applications are not all deployed via cloud. Also, many are legacy in-house custom applications. Can they be accessed effectively at all my remote sites with a SD-WAN solution?

The vendor should realize that applications are amongst the most important technology assets a company can have. Lots of emphasis should be placed on understanding applications at a very deep level. This is irrespective of whether it is CRM, ERP, Database, off-the-shelf, homegrown in-house et al.

The focus of any SD-WAN solution should be on delivering applications effectively to the remote office whether they are hosted on-premises in a datacenter, in the cloud, or from a SaaS provider.

Look for a vendor that has a powerful application identification engine that looks beyond simple packet details (like IP addresses and ports) and examines actual application transactions. As soon as a new application is identified and “learned” the new learning should propagate to all remote nodes. So there should be no time lag in deploying application capabilities to remote sites. All these benefits should be there even for home grown applications. 

What about security?

This is a very important question. The SD-WAN solution should complement and supplement the existing security environment and protocols by providing the ability to centrally define, monitor and enforce network policies. Firewalls should easily be enabled and configured within the SD-WAN software.  They should also have strong integration with cloud security solutions from vendors like Palo Alto, ZScaler and Symantec to ensure a consistent security perimeter for all sites.

What does a Gen2 SD-WAN bring to the table that Gen1 SD-WAN does not?

Gen-1 SD-WAN products from Cisco and VMware are architecturally limited to being packet-routing or Layer 3 devices. This means they can help with broadband integration but often force carrier dependencies. That’s the reason they were unable to move the market beyond less than 5% adoption.

A Gen-2 product delivers Application Networking for multi-cloud – meaning they are “Layer 3-7” solutions. They understand applications, sub-applications and metrics from their transactions and sessions, and coupled with those same networking metrics, allow for more fine-grained policy and enforcement based on how the apps are actually performing.  It’s a top-down view that centers around user experience rather than packets.  This allows people to create policies for actual applications like Google Docs or Microsoft Lync and even sub-apps rather than just having policies for “Internet HTTP” and “Enterprise HTTP” and ensure the best user experience possible.  It’s the second generation of SD-WAN and is crucial for any customer that wants to make sure that they have a Cloud-ready strategy rather than generically sending Internet HTTP traffic out via broadband and Enterprise HTTP out via MPLS.

What comes next? Where is the technology environment headed?

This space intersects with data science, machine learning and AI. Think of self-driving cars and how those same principles apply to networking to create self-healing and self-governing networks. With legacy solutions, there is massive manual intervention in the network to keep it operating. With Gen2 SD-WAN solutions, the network learns based on past cost and performance data and then reacts automatically to emergent situations. Check if your vendor is heavily invested in this space.

The Internet of Things (IoT) is another interesting play albeit in its early stages. Network connectivity for millions of embedded Point of Sales (PoS) and inventory tracking devices at thousands of remote retail locations is a use-case model SD-WAN vendors should be actively engaged with.

In conclusion, if you are looking to a multi-cloud strategy, deliver great user experience, automate your network and reduce WAN costs, Gen-2 SD-WAN makes now the perfect time to evaluate your SD-WAN options.