Magic Quadrant for WAN Edge Infrastructure

Magic Quadrant for WAN Edge Infrastructure

Published 26 November 2019 – ID G00376745 – 67 min read


WAN edge infrastructures are undergoing major changes as infrastructure and operations leaders responsible for networking face dynamic and expanding business demands. I&O leaders must identify vendors that address the requirement to support applications with on-premises and cloud-based deployments.

Strategic Planning Assumptions

Through 2021, more than 80% of SD-WAN solutions will continue to be delivered on dedicated hardware, rather than universal customer premises equipment (uCPE), due to performance, price and simplicity.
By 2023, to deliver cost-effective scalable bandwidth, 30% of enterprise locations will only have internet WAN connectivity, compared with fewer than 10% in 2019.
By 2024, to enhance agility and support for cloud applications, 60% of enterprises will have implemented SD-WAN, compared with fewer than 20% in 2019.

Market Definition/Description

Wide-area network (WAN) edge infrastructure provides network connectivity from distributed enterprise locations to access resources in both private and public data centers, as well as the cloud, via infrastructure as a service (IaaS) and software as a service (SaaS). It is typically procured by senior networking leaders in the infrastructure and operations (I&O) organization. This market is evolving from traditional branch routers (often called “customer edge routers” in a Multiprotocol Label Switching [MPLS] implementation). It is undergoing dramatic change, driven by the needs of digital business transformation and the demands of line of business (LOB) managers.
The market for branch office WAN edge functionality continues to shift from dedicated routing, security and WAN optimization appliances to feature-rich software-defined WAN (SD-WAN) and, to a lesser extent, uCPE platforms. SD-WAN is replacing routing and adding application aware path selection among multiple links, centralized orchestration and native security, as well as other functions. Consequently, it includes incumbent and emerging vendors from multiple markets (namely routing, security, WAN optimization and SD-WAN), each bringing its own differentiators and limitations.
WAN edge functionality can exist on or off the enterprise premises via physical or virtual appliances, and is typically sourced from network equipment providers (and their channels), network service providers (NSPs) or managed network service (MNS) providers. WAN edge infrastructure must be agnostic to the underlying network transport provider and services.
In the North American market, more than 60% of deployments are historically do-it-yourself (DIY). In much of the rest of the world, a managed service approach is favored. In general, we see a trend toward more managed services, even though SD-WAN makes managing the WAN easier. At the same time, this introduces new challenges, with the greater use of internet transport. Large global organizations usually prefer a DIY approach, whereas midsize organizations are more likely to favor a managed services approach. Many companies are now comparing DIY and managed service options as part of the evaluation process.
Increasingly, vendors are differentiating their SD-WAN solutions in the following categories:
  • Ease of use
  • Application performance — including WAN optimization, voice optimization and ensuring quality of experience (QoE)
  • Security
  • Pricing and pricing models
  • Support for cloud workloads

Magic Quadrant

Figure 1. Magic Quadrant for WAN Edge Infrastructure

Source: Gartner (November 2019)

Magic Quadrant for WAN Edge Infrastructure

Vendor Strengths and Cautions

Aryaka

Aryaka is a privately held company, based in San Mateo, California. Gartner estimates that Aryaka’s SmartCONNECT managed SD-WAN service has more than 800 customers. SmartCONNECT combines the Aryaka Network Access Point (ANAP) CPE with the Aryaka Global Core backbone, which the edge devices connect. The service includes SD-WAN, WAN optimization and visibility, as well as options for remote access, integrated perimeter security from third-party vendors, and the procurement and management of internet access. In addition, the Aryaka backbone supports the controlled routing of traffic, not only to applications in enterprise data centers, but also to cloud-hosted applications via both direct cloud gateways and internet gateways.
The solution is sold as a managed service, so it is not aligned for DIY customers. Gartner expects the vendor to focus on enhancing cloud connectivity integration, security vendor service chaining and advanced analytics going forward. Aryaka is well-suited for organizations that are geographically widely distributed and/or want SD-WAN with WAN optimization, delivered as a service.

Strengths
  • Aryaka provides an all-in-one SD-WAN, private backbone and managed service solution, making procurement easier for customers interested in that model.
  • The private global backbone, with direct cloud gateways offered by Aryaka, provides a solution to optimize application performance.
  • Aryaka’s SD-WAN includes WAN optimization, to boost application performance, especially over long distances.

Cautions
  • Aryaka supports only internet and Ethernet connections to its services, limiting hybrid SD-WAN configurations and making migrations from MPLS more complex.
  • SmartCONNECT is a managed service that will not appeal to those enterprises that prefer to manage their own SD-WAN networks (DIY clients).
  • Enterprises with footprints limited to a single country/smaller area or are too far from an Aryaka point of presence (POP), will not benefit as much from the Aryaka backbone and WAN optimization features.

Barracuda

Barracuda is a privately held company based out of Campbell, California. Gartner estimates that Barracuda has more than 20,000 WAN edge — mainly next-generation firewall (NGFW) — customers. Barracuda leverages its prior experience in selling security products as a basis for delivering SD-WAN functionality to its flagship CloudGen Firewall offering. CloudGen Firewall is available as a physical appliance and as a virtual network function (VNF), in addition to being available as a virtual appliance on Azure, Amazon Web Services (AWS) and Google Marketplaces. Beyond basic and advanced firewall functionality, CloudGen Firewall also includes features such as WAN optimization and real-time traffic remediation, using packet duplication.
Despite offering a broad mix of WAN edge functionality, CloudGen Firewall is not offered as a cloud management solution (but can be hosted in the public cloud) and offers limited path selection criteria. Gartner expects Barracuda to focus on delivering a cloud-based management platform to provide scale, easier deployment and configuration. Barracuda should be considered by enterprises for SD-WAN opportunities with the primary focus on security.

Strengths
  • Barracuda includes comprehensive security capabilities including NGFW, antivirus, botnet and spyware protection, Domain Name System (DNS) security, and a built-in secure web gateway (SWG).
  • The solution has broad capabilities, including SD-WAN with enterprise-grade features, such as WAN optimization and real-time traffic remediation.
  • The vendor offers wide support for deployment as a VNF via most major virtualization platforms, including VMware, Xen, Kernel-based Virtual Machine (KVM) and Hyper-V.

Cautions
  • Gartner has had few SD-WAN inquiries in which Barracuda has been mentioned, which suggests the vendor has limited visibility and awareness in the SD-WAN market.
  • The path selection mechanism uses less-sophisticated techniques for failover. For example, for real-time traffic, packet loss and jitter are not used in the failover algorithm.
  • At the time of this research, traffic analytics is overly technical and managing the data is cumbersome. This is in conflict with the otherwise simple operation of the solution.

Cisco

Cisco is a publicly traded company based in San Jose, California, with more 100,000 WAN edge customers (primarily Integrated Services Routers [ISR] customers). Gartner estimates that more than 800 customers use Cisco’s flagship SD-WAN, powered by Viptela. More than 13,000 use Cisco’s SD-WAN powered by Meraki MX, which is deployed mainly as a security appliance. The Viptela offering can be delivered on dedicated vEdge appliances, recent models of ISR 1000 and ISR 4000; and Aggregation Service Routers (ASR) 1000 routers. It is also delivered as virtual software in cloud services or on Cisco’s Enterprise Network Compute Platform (ENCS) 5000 Series. Gartner has observed Cisco leading with the Viptela on IOS XE solution (deployed on the ISR) in the market with its rich set of features. However, many Gartner clients and Cisco channel partners have reported reliability and scalability issues with the product. As an alternative, Cisco does offer the vEdge solution. The Viptela offering supports complex architectures with sophisticated routing, application performance capabilities and a broad set of advanced security functionality.
The Cisco SD-WAN powered by Meraki solution is primarily marketed to lean IT organizations with basic requirements, promoting ease of use and simplicity, but it lacks native application performance capabilities. However, the Viptela and Meraki offerings do not share common hardware or management frameworks, limiting investment protection should the customer want the features of the other solution. Gartner expects the vendor to focus on application performance capabilities, advancing multidomain policy enforcement, as well as multicloud integration going forward. Cisco is relevant in all vertical industries, company sizes and geographic locations, and should be considered for all WAN edge opportunities globally when the preferred platform supports the required features and scale.

Strengths
  • Cisco has a broad range of SD-WAN offers and platforms, together with complementary features, such as security, LAN/WLAN and application performance.
  • Cisco has strong enterprise network channels, brand awareness, and existing customer base, and it offers support for both DIY and MNS deployment.
  • Cisco’s cloud security platform, Umbrella, integration is supported on both the Viptela and Meraki platforms.

Cautions
  • Cisco’s SD-WAN, powered by Viptela on the IOS XE platform, has stability and scaling issues, as reported by Gartner clients and Cisco channels. Also, some customers who’ve purchased Cisco ISR hardware during the past few years have informed Gartner that they had to upgrade their hardware platforms to support Viptela due to throughput limitations.
  • Cisco has broad, separate and overlapping SD-WAN offerings that don’t share a common management platform, hardware platform or sales teams. Consequently, clients and channel partners have a hard time choosing the most appropriate solution, which increases the likelihood of a suboptimal selection.
  • The Cisco licensing structure is complex and can be confusing to end clients.

Citrix

Citrix is a publicly traded company based in Fort Lauderdale, Florida. Gartner estimates that Citrix has more than 1,200 WAN edge customers deployed globally. Citrix’s flagship WAN edge products are its Citrix SD-WAN appliances (physical, virtual and cloud), which are managed via the Citrix SD-WAN Center. The solution is cloud-managed and includes optional, fully featured WAN optimization, as well as an optional cloud gateway service for cloud onramp capabilities. The product scales from small sites to large headquarters and is increasingly demonstrating success with larger deployments. In addition, the vendor has some native security functionality, but it is not as advanced as some of the other vendors in this research.
Gartner expects this vendor to focus on delivering a lower-cost, smaller-footprint branch device, adding more-advanced native security features, as well as artificial intelligence/machine learning (AI/ML) performance diagnostics and remediation capabilities going forward. Citrix SD-WAN should be considered for organizations with existing Citrix software, as well as organizations of all sizes, geographic locations and vertical industries looking for SD-WAN solutions, especially when sourcing on a DIY basis.

Strengths
  • Citrix SD-WAN includes an optional, fully featured WAN optimization capability, as well as cloud gateways for cloud onramp access to cloud workloads.
  • Citrix SD-WAN is managed via the same user interface (UI) as other Citrix products, which can simplify operations for existing Citrix customers.
  • Citrix can sell its SD-WAN solution in combination with its digital workspace solutions providing added performance and convenience for end customers.

Cautions
  • Citrix only has a small number of service provider partners offering managed SD-WAN services using its platform; hence, this may limit the vendors’ ability to grow in the market.
  • Citrix SD-WAN lacks a full, native, advanced security suite beyond its native application layer firewall; instead, it relies on partners for unified threat management (UTM) or cloud security services.
  • Some enterprises don’t see Citrix as a network vendor, which may limit its growth in the market.

CloudGenix

CloudGenix is a privately held company based in San Jose, California. Gartner estimates that CloudGenix has more than 800 WAN edge customers, primarily delivered as SD-WAN. Its flagship offering includes Instant-On Network (ION) devices, which support SD-WAN functionality, as well as basic firewalling capability. ION appliances are available in both hardware and software form factors and also exist in the AWS and Azure marketplaces. The vendor’s management portal is delivered as a cloud service, with intuitive workflow and strong analytics functionality.
CloudGenix supports a wide range of routing and network topologies, but no WAN optimization or native advanced security. We expect CloudGenix to continue focusing on autonomous networking and the cloud-delivered branch with its CloudBlades platform. CloudGenix should be considered by enterprises primarily in North America looking to deploy SD-WAN with a focus on application and network visibility as well as cloud-delivered solutions.

Strengths
  • CloudGenix’s CloudBlades provides turnkey service chaining that allows users to integrate their SD-WAN with various cloud services that are part of the vendor’s ecosystem.
  • The vendor’s Clarity solution offers visibility into network health and application performance.
  • The vendor’s graphical user interface (GUI) is straightforward and intuitive for organizations to operate.

Cautions
  • The vendor has a limited geographic installed base and channel coverage outside North America, which may limit the vendor’s growth in the market or support for customers in other regions.
  • CloudGenix has had limited adoption by carriers offering managed services as it tends to be adopted by more DIY-focused clients, so this may limit the vendor’s ability to grow.
  • The vendor lacks several capabilities offered by competitors, including support for WAN optimization and native advanced security features.

Cradlepoint

Cradlepoint is a privately held company headquartered in Boise, Idaho. Gartner estimates Cradlepoint has more than 5,000 WAN edge customers. Cradlepoint has been focused on enabling connectivity to small branch and retail locations, with a specific emphasis on 4G/Long Term Evolution (LTE) connectivity. It addresses the SD-WAN market with its NetCloud, AER series of routers and Cloud Virtual Router (CVR) products. The NetCloud suite includes an NGFW, with advanced features, such as intrusion prevention system/intrusion detection system (IDS/IPS) and URL filtering, which is in keeping with Cradlepoint’s historic focus of providing small form factor functionality.
Although Cradlepoint solutions focus on 4G/LTE-driven use cases, their support for wired transport analytics is not as sophisticated as other solutions included in this research. Its GUI is not as easy to use as other vendors in this research. Gartner expects that Cradlepoint will make investments on 5G integration, expanded cloud functionality via Azure, as well as expand the functionality and compatibility of its portfolio to address midsize and large enterprises. Cradlepoint should be considered by organizations in North America, Europe, and the Asia/Pacific (APAC) region, especially when 4G/LTE connectivity is a primary requirement.

Strengths
  • Cradlepoint’s expertise in providing cost-effective small branch solutions makes it attractive for deployments in which integrated security, WAN edge and Wi-Fi functionality is required.
  • The vendor offers advanced built-in security including a NGFW, SWG, IPS and IDS, micro-segmentation capabilities, network access control (NAC), and content filtering.
  • Cradlepoint has proven experience with successful deployments larger than 1,000 sites with small footprint environments.

Cautions
  • Although Cradlepoint offers traditional quality of service (QoS), it does not support real-time traffic remediation, such as forward error correction (FEC) or Packet Duplication, which may be a requirement for challenging WAN circuit environments such as broadband and LTE.
  • Lack of cloud provider support beyond AWS, as well as the lack of availability on cloud marketplaces, makes Cradlepoint a less attractive solution for enterprises that are expanding their cloud presence.
  • Cradlepoint’s solution lacks the ability to failover to another transport, due to elevated packet loss, and provides limited wireline performance metrics data.

FatPipe Networks

FatPipe Networks is a privately held company based in Salt Lake City, Utah. Gartner estimates that FatPipe has more than 1,600 WAN edge customers, primarily midmarket-focused and in North America. FatPipe offers a broad array of WAN products including secure routers, link aggregators/load balancers and WAN optimization appliances. Its flagship WAN edge offering is the FatPipe SD-WAN, which includes the company’s MPVPN CPE (physical and virtual) and its Symphony orchestrator.
FatPipe has deployed its SD-WAN products across multiple industries. The solution has broad capabilities with SD-WAN, application performance and security; however, the GUI is complex and not as easy to navigate, when compared with other products in this research. Gartner expects the vendor to focus on visibility and analytics, as well as supporting the Internet of Things (IoT) use cases going forward. FatPipe should be considered for WAN edge opportunities, primarily in the North American midmarket, particularly when mission-critical application performance is required.

Strengths
  • FatPipe has a broad set of capabilities, including SD-WAN, application performance, and some security that have been deployed across customers, mainly in the midmarket.
  • FatPipe was a pioneer in path selection, which is now a key SD-WAN capability; thus, it has expertise supporting hybrid WAN use cases.
  • FatPipe has been operating for approximately 18 years, so it has proved itself over a long period of time.

Cautions
  • FatPipe has limited market presence outside North America, which restricts the pool of networking personnel familiar with its products. This limits FatPipe’s ability to sell and support its products in geographic locations outside North America.
  • FatPipe has limited experience in complex deployments beyond 100 sites, which limits applicability for many larger organizations.
  • FatPipe has limited visibility in the market, as evidenced by Gartner taking few inquiry calls regarding its solution.

Fortinet

Fortinet is a public company headquartered in Sunnyvale, California. Gartner estimates that Fortinet has more than 21,000 WAN edge customers primarily used as UTM/NGFW for the midmarket. Fortinet addresses the SD-WAN market with its flagship product, FortiGate Secure SD-WAN, which leverages Fortinet’s strong position in delivering networks built around pervasive security. FortiGate is available in appliance, network function virtualization (NFV), and via all major cloud marketplaces, including Alibaba. FortiGate delivers a strong, built-in security stack to its WAN edge architecture and includes NGFW, IPS/IDS, Secure Sockets Layer (SSL) decryption/encryption, DNS filtering and antivirus. However, the vendor has been slow to develop cloud-based security solutions, as well as hosted cloud gateways.
Fortinet enables management of the FortiGate platform via FortiManager or via FortiGate Cloud. Both management platforms extend management capabilities across Fortinet’s network ecosystem, providing a single plane of glass for wired LAN/WLAN, SD-WAN and security (sometimes referred to as SD-Branch). Gartner expects Fortinet to make investments in increasing its cloud-based capabilities in access and security, as well as further investments in its SD-Branch portfolio. Fortinet should be considered by organizations of all sizes and verticals for SD-WAN projects globally, especially when strong, built-in security capabilities are a key requirement.

Strengths
  • Fortinet’s direction of delivering a highly integrated solution consisting of SD-WAN, routing, advanced security and application performance gives them broad market and use case appeal, regardless of organizational size.
  • Fortinet’s investments in new custom SD-WAN-specific application-specific integrated circuits (ASICs) yield throughput and performance at a competitive price point when leveraging the full suite of SD-WAN features.
  • Fortinet’s global channel, managed services and partner ecosystem ensure that it can support both DIY and managed services adopters.

Cautions
  • Fortinet has minimal presence with carrier-based SD-WAN service portfolios, which will limit its ability to be sourced globally.
  • Despite their enterprise-class features, Fortinet’s products have been used mainly as security appliances and less as networking solutions; this limits its experience in this market.
  • Fortinet has limited experience in highly complex networking solutions and cloud-first deployments.

HPE (Aruba)

Aruba operates as a subsidiary of Hewlett Packard Enterprise (HPE), which is a publicly traded company based in San Jose, California. Aruba is a long-established networking Wi-Fi and LAN switching vendor. Gartner estimates that Aruba has more than 250 WAN edge customers. This is low, compared with other vendors in this research, mainly due to Aruba’s recent entrance into the market. Its flagship WAN edge solution includes branch gateways, physical and virtual (for AWS and Azure) headend gateways, and the Aruba Central Cloud Platform. Aruba is repositioning itself from a predominantly leading wired LAN and WLAN vendor to a WAN edge vendor by developing its SD-Branch solution. This combines switching, WLAN, WAN and security in a simplified fully orchestrated solution.
On the WAN side, Aruba has scalable orchestration, some native advanced security capabilities (Layer 7 firewall and content filtering), but limited application performance capabilities in the areas of WAN optimization and voice optimization. We expect Aruba to focus on enhancing its UTM capabilities, expanding support for cellular wireless/LTE, and using AI/ML to drive WAN decision making. Aruba is relevant to Gartner clients in nearly all vertical industries, sizes and geographic locations, especially for users looking to simplify and consolidate their WAN/LAN management.

Strengths
  • Aruba Central Cloud Platform is a solid, scalable orchestration platform that simplifies deployment, management and service assurance of wireless, wired and SD-WAN environments.
  • Aruba has experience supporting enterprise network clients with its existing WLAN and wired LAN customer base.
  • Aruba has seen some recent success in winning large WAN edge enterprise accounts.

Cautions
  • Aruba is better known in the wired LAN and WLAN market segment and less known in the WAN edge segment, which may limit its ability to compete.
  • Aruba has limited application performance capabilities for real-time traffic, such as forward error FEC and packet duplication, and WAN optimization for non-real-time traffic.
  • Aruba has been late to this market, so many of the channel partners have already selected other SD-WAN solutions, which may limit its ability to compete.

Huawei

Huawei is a privately held company headquartered in Shenzhen, China. Gartner estimates that Huawei has more than 50,000 WAN edge customers, many located in the APAC region. Huawei provides a full suite of networking infrastructure hardware, software, servers, cloud and consumer devices. Huawei addresses the WAN edge market with its CloudWAN, NetEngine AR series of routers, and the AR series uCPE devices. The NetEngine AR routers are available as an appliance, the AR1000 NFV, and as virtual appliances on AWS, Azure and Huawei Public Cloud.
Huawei offers a full-network-stack SD-WAN product, which includes a comprehensive security suite. This includes an NGFW, IDS/IPS, URL and content filtering. Although Huawei’s solution delivers broad functionality, the GUI seems more complicated and less user-friendly than others included in this research. Gartner expects Huawei to make investments in expanding automation in its WAN edge portfolio through the use of AI and ML, as well as intent-based networking and analytics. Huawei should be considered by organizations outside the U.S. and Canada of all sizes and verticals for all WAN edge solutions, when a turnkey solution from a single supplier is desired.

Strength
  • Huawei’s broad portfolio checks most of the WAN edge feature boxes, including full SD-WAN, flexible deployment form factors, a capable integrated security stack and basic WAN optimization.
  • Huawei is a dominant vendor in China, and it is also a major presence in the APAC region, as well as in South America, and Europe, the Middle East and Africa (EMEA).
  • Huawei has experience and proven scale, with extremely large deployments — more than 5,000 branch locations.

Cautions
  • Geopolitical upheaval and security concerns by North American and, to a lesser extent, some EU governments have severely limited adoption and availability in these geographies. Potential adopters in these locations should verify government restrictions, which may preclude adoption.
  • Huawei SD-WAN cloud service, which is useful when deploying SD-WAN over public internet, is available only in China.
  • Huawei’s GUI is more complicated and less-user-friendly than other vendors included in this research.

Juniper Networks

Juniper Networks is a publicly traded company based in Sunnyvale, California. Gartner estimates that Juniper has more than 23,000 primarily security-focused WAN edge customers and is a long-established networking and security vendor. Its flagship WAN edge solution is its Contrail SD-WAN, comprising its SRX Series Services Gateways (physical, virtual and cloud) and Contrail Service Orchestration. The vendor provides a full portfolio of WAN edge platforms, including its MX routers and NFX secure uCPE network function virtualization appliances, which can host WAN edge functions.
Juniper supports many routing protocols and architectures for complex networks, SD-WAN and advanced security capabilities; however, it lacks WAN optimization functionality. Furthermore, the vendor primarily relies on managed service providers (MSPs) as a go to market. Gartner expects Juniper to focus on expanding the interfaces supported (both WAN and Wi-Fi), simplify LAN/WAN orchestration, and enhance application performance metrics. Juniper is relevant to Gartner clients in nearly all vertical industries and geographies and should be considered for all security-led WAN edge opportunities globally, particularly those that will be consumed as a service.

Strengths
  • Juniper has a broad set of WAN edge network capabilities, including a variety of form factors, interfaces, a cloud-managed solution, routing and security, along with a service orchestrator (Contrail Service Orchestration), which simplifies deployment and management.
  • Juniper has longstanding relationships with communications service providers (CSPs), and a large and loyal installed base. This means there is a large pool of networking personnel familiar with Juniper’s products who can aid with implementation and operation.
  • Juniper is focused on leveraging its recent Mist Systems acquisition to incorporate more LAN/WLAN/WAN integration, which will simplify orchestration and management for end users.

Cautions
  • Many of Juniper’s target service providers have already aligned with Juniper’s competitors for SD-WAN. As a result, it may be difficult for customers to obtain Juniper-based managed services from their preferred service providers.
  • Juniper lacks native WAN optimization and doesn’t support FEC for voice optimization.
  • Juniper lacks visibility and awareness in the market as evidenced by the vendor being mentioned in few SD-WAN inquiries, compared with the larger competitors in this market.

Nuage Networks

Nuage Networks is based in Mountain View, California, and is a division of publicly traded Nokia, based in Espoo, Finland. Gartner estimates that 1,400 enterprises are using Nuage’s Virtualized Network Service SD-WAN products, predominantly via its approximately 70 NSP partners. Nuage’s Virtualized Network Services (VNS) include its Virtualized Services Directory (VSD), the Virtualized Services Controller (VSC), and the Network Services Gateway (NSG) CPE (physical, virtual and cloud). The vendor has developed a scalable SD-WAN solution with comprehensive routing capabilities. It leverages well-established relations with NSPs worldwide to deploy SD-WAN as a service, although it has only limited experience dealing directly to support DIY enterprise accounts.
The solution does not include any WAN optimization functionality to support non-real-time traffic, but does support some optimization for real-time traffic. Gartner expects the vendor to focus on developing more ruggedized form factors for supporting IOT, enhancing support for voice applications and expanding its path selection capabilities. Nuage is a good fit for enterprises that require SD-WAN with scalability or that prefer to consume WAN Edge solutions as a managed service.

Strengths
  • Nuage’s SD-WAN products are available through a large number of service provider partners.
  • The Nuage SD-WAN products are architected for software deployment on NFV platforms, allowing them to integrate easily with other virtual network software.
  • Nuage’s VNS SD-WAN offer integrates with its Virtualized Cloud Services (VCS) data center network overlay offering a more simplified solution.

Cautions
  • Because Nuage predominantly delivers its products via service providers, it has a limited number of direct enterprise customers and channels, limiting its brand recognition and experience with customers who prefer a DIY approach to sourcing their SD-WAN products.
  • Nuage has limited native advanced security and WAN optimization functionality, preferring to rely on third-party software on NFV platforms to support these capabilities.
  • Nuage’s path selection capability is limited to supporting two underlay connections, thereby restricting its applicability to some enterprises.

Oracle (Talari Networks)

Headquartered in Redwood City, California, Oracle is a publicly traded company known primarily for its database, cloud and business applications. Gartner estimates that it has more than 500 WAN edge customers. Oracle acquired Talari Networks in late 2018 and rebranded its fail-safe SD-WAN to Oracle SD-WAN. Oracle SD-WAN offers comprehensive support for application analytics, path selection, and active real-time traffic mitigation. Although the solution is focused on delivering WAN edge connectivity for mission-critical applications including E911 networks, there is limited native advanced security. Consequently, Oracle relies on partnerships with Zscaler or Palo Alto to address NGFW requirements.
Oracle has a suboptimal small-platform solution with no integrated Wi-Fi or LTE and also lacks an Oracle-hosted, cloud-based management platform. Gartner expects Oracle to focus on delivering Oracle-hosted cloud management, in addition to increasing Oracle SD-WAN’s capability for supporting high-density, cloud-based architectures. We expect Oracle SD-WAN technology to enable greater WAN edge functionality in its session border controller (SBC) products. Oracle SD-WAN should be considered for regional and global deployments in which latency-sensitive and/or mission-critical traffic survivability (such as a contact center) and application performance is a primary requirement.

Strength
  • Oracle has experience supporting mission-critical traffic requirements, such as call centers, government agencies and emergency responders.
  • Oracle offers strong path selection, application analytics and application performance capabilities.
  • Oracle’s enterprise voice experience — with its widely deployed SBC and global sales, support, and partner network complement its SD-WAN offering, thereby increasing capabilities, as well as reach.

Cautions
  • Oracle has limited experience deploying SD-WAN with networks greater than 250 branches.
  • Although Oracle has some native security features, it lacks a native advanced security stack (such as NGFW), which may limit the appeal of its SD-WAN product for companies requiring a turnkey WAN edge solution. Instead, it relies on partners to deliver this functionality.
  • Oracle’s SD-WAN solution has limited adoption into MSPs and carrier SD-WAN portfolios, reducing its appeal to organizations that prefer to consume from those providers.

Peplink

Peplink is a public company listed on the Hong Kong Stock Exchange as Plover Bay Technologies. Peplink is headquartered in Hong Kong, and Gartner estimates that it has more than 8,500 WAN edge customers. Peplink addresses the WAN edge market with two SD-WAN products: Balance and Max, which deliver wired and wireless SD-WAN, respectively. Peplink SD-WAN platforms are administered via the InControl 2 cloud-based management platform. Peplink also addresses the need to remediate real-time application and voice traffic with its SpeedFusion WAN smoothing, which uses FEC as its active remediation mechanism. However, it offers no WAN optimization for non-real time traffic. The platform can be secured via its limited advanced native security suite, which includes IDS/IPS and web filtering.
Peplink has experience providing LTE-based connectivity as part of its SD-WAN functionality, but has limited application analytics. Gartner expects Peplink to invest in expanding virtual support for its products and integration of 5G support. Organizations in any geography should consider Peplink when LTE connectivity is a primary consideration for a WAN edge deployment.

Strengths
  • Peplink’s SpeedFusion technology enables link bonding flexibility, which can enable capabilities to use multiple links to be combined to meet increased bandwidth needs, while keeping costs low.
  • Peplink has experience with WAN edge deployments in challenging environmental conditions, such as those found in the oil and gas, maritime, and transportation markets.
  • Peplink has proven scalability in large, distributed deployments with more than 5,000 sites.

Cautions
  • Peplink’s application analytics capabilities are not as granular as the other solutions described in this research.
  • Although most of Peplink’s customers are in North America and Europe, it has limited sales and support resources of its own in these areas. The company relies heavily on its limited channel partnerships at all levels of the sales and support cycle.
  • Peplink’s security capabilities are not as comprehensive as some other solutions described in this research.

Riverbed

Riverbed is privately owned and is based in San Francisco, California. Gartner estimates that Riverbed has more than 30,000 customers, with 3,000 SD-WAN customers. Riverbed’s flagship WAN edge offerings are SteelConnect and SteelHead SD, which supports SD-WAN with WAN optimization in a single integrated appliance. Riverbed devices are available as physical and virtual form factors and are centrally administered by SteelConnect Manager (cloud-based or on-premises). Riverbed does not offer vendor-hosted cloud gateways as a service. However, virtual appliances are available on AWS, Azure, Google Cloud, IBM Cloud and Oracle Cloud, and global SaaS acceleration is offered as a vendor-hosted managed service.
The vendor doesn’t have native advanced security or FEC/packet duplication functionality for real time traffic optimization. After the cut-off date for this research, Riverbed announced an OEM agreement with Versa to deliver scalable routing, SD-WAN and advanced security to address large-enterprise use cases. Gartner expects this OEM relationship to be a core focus going forward. Riverbed is suitable for midsize and large organizations worldwide across verticals, particularly those that want SD-WAN and WAN optimization in a single, integrated device.

Strengths
  • The vendor has substantial experience in large global enterprises with WAN optimization and has incumbency in many accounts. Leveraging this capability, Riverbed provides an integrated appliance that includes WAN optimization and SD-WAN.
  • Riverbed recently announced an OEM partnership with Versa in an attempt to address the large-enterprise market more effectively.
  • Riverbed offers a vendor-hosted SaaS acceleration solution offered as a cloud-managed service.

Cautions
  • The Versa deal attempts to offer an SD-WAN solution for large-enterprise organizations; however, Riverbed is the only vendor in this research that will be sourcing core SD-WAN functionality via an OEM agreement. Consequently, there is increased risk going forward, as opposed to Riverbed having full organic control.
  • Riverbed has limited native advanced security capabilities and needs to rely on partners for this functionality; this complicates sourcing and management for enterprise clients.
  • Gartner has received reports of code instability from clients, which has limited Riverbed’s ability to grow in the market.

Silver Peak

Silver Peak is a privately held company headquartered in Santa Clara, California. Gartner estimates that it has approximately 3,000 customers, with more than 1,500 on its flagship WAN edge platform. Silver Peak’s WAN edge product is Unity EdgeConnect SD-WAN appliances (e.g., physical, virtual and cloud), with optional Unity Boost WAN optimization and Unity Orchestrator (on-premises or cloud). Silver Peak’s SD-WAN products are available from a wide range of partners, including multiple NSPs.
Silver Peak has strong application performance with WAN optimization and real-time optimization, as well as strong analytics. However, the vendor has limited native advanced security capabilities. Gartner expects Silver Peak to focus on orchestration, extending orchestration for ecosystem services and cloud analytics. Silver Peak should be considered by organizations in all verticals and sizes for WAN edge opportunities in North America, EMEA and the APAC region, especially when WAN optimization functionality and path conditioning are required.

Strengths
  • Silver Peak’s SD-WAN product has strong application performance capabilities, including WAN optimization and real-time traffic optimization (e.g., FEC). Its WAN optimization solution also can be priced as a subscription and shared across a domain.
  • Gartner sees more channels and MSPs selling the Silver Peak solution, which shows the vendor’s channel expansion and relevance to various client consumption models.
  • Silver Peak’s roadmap is aligned with future client needs, with a focus on automation and ease of use.

Cautions
  • The Silver Peak SD-WAN products lack a native full advanced security suite, instead relying on third-party firewalls or cloud security services.
  • Silver Peak’s WAN edge offering lacks cloud gateways, requiring enterprises or MSPs to create these, if required.
  • Silver Peak has limitations with their small footprint devices (such as not having integrated Wi-Fi) typically required for small, remote branch offices.

Teldat

Teldat is an established, privately held communications company based in Madrid, Spain, and Nuremberg, Germany. Gartner estimates that Teldat has more than 1,000 WAN edge customers. Teldat offers a broad range of voice and data products, including LAN, WAN, WLAN and voice. Its flagship WAN edge offering is the Teldat M8 Smart, an SD-WAN edge gateway and the Cloud Network Manager (CNM) controller. The vendor provides routing, SD-WAN, some native advanced security functionality including IDS, A/V, and cloud content filtering. However, the vendor offers no WAN optimization or real-time optimization capabilities.
Teldat operates globally, but focuses primarily in Western Europe and Latin America, and delivers products primarily through carriers and MSPs. Gartner expects Teldat to focus on offering automatic customization for service providers, as well as AI/ML for improved network operations. Teldat should be considered by customers in Western Europe and Latin America who prefer a managed service for their WAN edge devices.

Strengths
  • Teldat has a strong presence in Europe and Latin America, where more than 95% of its customers are headquartered.
  • Teldat has successfully deployed large-scale WANs of more than 1,000 locations.
  • Teldat offers a management console that is available as an over-the-top service, which many customers prefer to simplify operations.

Cautions
  • Teldat has limited expertise with DIY enterprises, because it focuses heavily on selling through carrier and MSP partnerships in Europe and Latin America.
  • Teldat doesn’t support WAN optimization capabilities, nor does it support any voice optimization capabilities.
  • Although hard down failover is immediate, performance-based path selection rerouting can take up to 30 seconds.

Versa

Versa is a privately held company based in San Jose, California. Gartner estimates that Versa has more than 1,000 WAN edge customers. Versa focuses on branch and WAN functions, including routing, SD-WAN and security. Its flagship WAN edge offering is Versa FlexVNF software, and the requisite management and orchestration. FlexVNF supports scalable and advanced routing, comprehensive SD-WAN, multiple advanced security functions (such as NGFW, A/V, and content filtering), as well as the hosting of third-party VNFs. Although Versa supports FEC and packet duplication for real-time traffic, there are no native WAN optimization features. Instead, Versa supports hosting third-party WAN optimizations solutions as a VNF.
FlexVNF can be delivered on a branded appliance, on a whitebox hardware appliance or as a virtual instance in AWS. Azure, Google, Alibaba and Tencent clouds and as a software appliance delivered on white boxes Versa has been more successful selling through managed services providers versus do it yourself (DIY) customers. Gartner expects Versa to focus on its midmarket solution and small or midsize business (SMB) clients through its Versa Titan secure cloud service, which delivers an SD-Branch solution integrating routing, SD-WAN and security for LAN and WAN connectivity. Versa should be considered primarily by all enterprises in North America, the APAC region and EMEA, particularly when enhanced security functions, flexible deployments options and a managed service are desired.

Strengths
  • Versa offers advanced feature depth and breadth, with enhanced security, SD-WAN and voice optimization in an integrated solution.
  • Versa has strong relationships with CSPs and managed service partners as its primary go to market.
  • Versa has expanded its partner base with a strategic OEM partnership with Riverbed (integrating Versa VNFs on Riverbed platforms). This will give it access to large global enterprises in which Riverbed is the incumbent and increase its ability to grow and sustain in the market.

Cautions
  • Versa lacks native WAN optimization, relying instead on hosting third-party virtual appliances.
  • Versa has less experience with direct enterprise DIY, because most of its customers are sold through MSPs.
  • Current production network deployments are limited beyond 800 branches.

VMware

VMware is a publicly traded company based in Palo Alto, California. Gartner estimates that VMware has more than 5,500 WAN edge customers deployed globally. VMware’s SD-WAN offering is VMware SD-WAN by VeloCloud, which includes physical and virtual edge appliances, cloud gateways and orchestration, which can be on-premises, or hosted by an MSP or VMware. The solution includes strong SD-WAN functionality that, when combined with its gateways (some of which are hosted by carriers and some by the vendor), offers enterprises a scalable platform for accessing cloud workloads. VMware has proved itself able to scale for large global deployments. VMware offers three subscription levels to align with different use cases and price points primarily based on network scale and cloud connectivity.
The vendor’s solution doesn’t have native advanced security capabilities or traditional WAN optimization functionality, but it does have optimization for real-time traffic and cloud based applications. Gartner expects VMware to focus on multicloud integration, performance analytics and self-healing networks going forward. VMware should be considered by organizations of all sizes and verticals for all SD-WAN opportunities globally.

Strengths
  • The VMware SD-WAN solution offers a wide range of deployment options for the edge devices. They can be physical or virtual with optional cloud gateways and orchestration, which can be cloud-based, MSP-hosted or cloud-hosted.
  • VMware SD-WAN has a proven track record of being able to fulfill large, complex global networks of greater than 1,000 sites. In fact, it has some of the largest SD-WAN deployments.
  • VMware has a wide range of go-to-market partners, including multiple global NSPs, as well as VMware and Dell channels; this provides enterprises with many ways to consume the solution.

Cautions
  • The VMware product lacks native advanced security functionality; instead, it relies on partner firewalls instantiated on its platform or cloud security services.
  • VMware lacks traditional WAN optimization capabilities.
  • VMware lacks native support for IPv6, which may limit the vendor’s ability to support certain types of deployments.

Vendors Added and Dropped

We review and adjust our inclusion criteria for Magic Quadrants as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant may change over time. A vendor’s appearance in a Magic Quadrant one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. It may reflect a change in the market and, therefore, changed evaluation criteria, or of a change of focus by that vendor.

Added

HPE (Aruba) was added due to a new product offering that meets the inclusion criteria.

Dropped

Cato Networks was dropped, because it failed to meet inclusion criteria based on our assessment and data provided by the vendor.
Forcepoint was dropped because it failed to meet inclusion criteria based on our assessment and data provided by the vendor.

Inclusion and Exclusion Criteria

To qualify for inclusion, vendors need to show relevance to Gartner clients by:
  • Providing hardware and/or software that addresses the enterprise WAN edge requirements outlined in the Market Definition/Description section. Alternatively, they may address this need by delivering a managed service that uses in-house developed hardware/software to deliver the service.
  • Producing and releasing enterprise WAN edge networking products for general availability as of 1 June 2019. All components must be publicly available, be shipping and be included on the vendors’ published price list as of this date. Products shipping after this date, and any publicly available marketing information may only have an influence on the Completeness of Vision axis.
  • Provide commercial support and maintenance for their enterprise WAN edge products (24/7) to support deployments on multiple continents. This includes hardware/software support, access to software upgrades, and troubleshooting and technical assistance.

Product Capabilities

Vendors must have generally available products that support all of the following capabilities. These capabilities must be supported natively on branch CPE:
  • The ability to function as/replace the branch office router/CPE (including BGP, OSPF, support hub and spoke, mesh, and partial mesh topologies for a minimum of a 100-site network) with traffic shaping and/or QoS
  • Centralized management for devices (with GUI), including reporting and configuration changes, and software upgrades
  • Zero-touch configuration for branch devices
  • VPN (Advanced Encryption Standard [AES] 256-bit encryption) and NGFW or firewall with the ability to redirect to an SWG
  • Dynamic traffic steering based on business or application policy (not limited to only DiffServ Code Point [DSCP]/ports, IPs/circuits or 5tuple) that responds to network conditions (changes in packet loss, latency, jitter, etc.) in an active/active configuration
  • At least 100 well-known application profiles included (auto discovered)
  • Application visibility identifying specific traffic that traverses the WAN
  • At least two of the following WAN interfaces: Ethernet, xDSL, Tx/Ex, fiber and 4G/LTE
  • Software (ability to operate as a VNF at the branch or in the network and to be hosted in at least one cloud provider, such as AWS) and hardware form factors

Financial Performance

Vendors must show relevance to Gartner’s enterprise clients by meeting at least one of the following with their WAN edge infrastructure solutions that meet the product inclusion criteria:
  • Demonstrate scalability by servicing at least three customers with active support contracts that have at least 100 sites each.
  • Show relevance to Gartner’s enterprise clients on a global basis with at least one of the two below criteria:
    • At least 25 customers with active support contracts and 10 sites each headquartered in two or more geographic regions (NA, SA, EMEA or APAC). This means 25 customers in one region and another 25 customers in a different region.
    • At least 10 customers with active support contracts and 10 sites each headquartered in three or more geographic regions (North America, South America, EMEA or APAC). This means 10 customers each in three different regions, for a total of more than 20 customers.
  • Meet at least one of the four criteria below:
    • Total WAN edge infrastructure revenue of at least $20 million in the 12 months ending December 2018
    • Total WAN edge infrastructure revenue of $13 million in the 12 months ending December 2018, with at least a 100% growth rate during the previous 12 months
    • At least 20,000 WAN edge infrastructure sites deployed and under active support contracts
    • At least 300 WAN edge infrastructure customers under active support contracts with 10 or more sites deployed each

Exclusion Criteria

We exclude NSPs, non-NSPs or other providers/vendors that do not own their WAN edge technologies because they deliver their offerings with commercial vendor products as the underpinning technology.

Vendors of Note

Gartner estimates that more than 70 vendors compete in the WAN edge market; many with specialized offerings. The vendors listed below, along with several others, did not meet the inclusion criteria, but are notable for their offerings and may be of interest to readers of this research:
  • 128 Technology is a privately held company based in Burlington, MA. Although 128 Technology didn’t meet the inclusion criteria, it is relevant to enterprises looking for a software-driven solution.
  • Bigleaf Networks is a privately held company based in Beaverton, Oregon. Although Bigleaf didn’t meet the inclusion criteria, they are relevant to some midmarket customers.
  • Cybera is a privately held company based in Franklin, Tennessee. Although Cybera didn’t meet the inclusion criteria, it is relevant to large, distributed retail enterprises that are primarily U.S.-based.
  • Infovista is a privately held company based in Massy, France. Although Infovista didn’t meet the inclusion criteria, it is relevant to enterprises with a specific focus on application performance.
  • Forcepoint is a privately held company based in Austin, Texas. Although Forcepoint didn’t meet the inclusion criteria, it is relevant to enterprises with a specific focus on security.
  • Cato Networks is a privately held company based in Israel. Although Cato didn’t meet the inclusion criteria, it is relevant to the midmarket, with security and cloud access requirements.
  • Sangfor Technologies is a public company based in China. Although Sangfor didn’t meet the inclusion criteria, it is relevant to enterprises that have a specific focus on security and are based in the APAC region.
  • Lavelle Networks is a private company based in India. Although Lavelle didn’t meet the inclusion criteria, it is relevant for enterprises located in India.
  • Multapplied is a private company based in North Vancouver, BC, Canada. Although Multapplied didn’t meet the inclusion criteria, it is relevant to organizations that purchase from selected service providers.
  • Lancom Systems is a private company based in Munich, Germany. Although Lancom didn’t meet the inclusion criteria, it is relevant to distributed organizations that are based primarily in Europe.

Evaluation Criteria

Ability to Execute

Product/Service: Core goods and services that compete in and/or serve the defined market. This includes current product and service capabilities, quality, feature sets, skills, etc. This can be offered natively or through OEM agreements/partnerships, as defined in the Market Definition and detailed in the subcriteria.
Evaluates vendors by looking at their overall WAN edge networking portfolios, including all hardware and software aspects of WAN edge networking. This includes physical and virtual CPE, controllers, gateways, and the relevant automation, management and orchestration of those components. We consider the breadth and depth of WAN Edge functions that the vendor offers, as well as automation and integration within broader networking workflows and orchestration. Particular attention will be paid to management that is application/business-outcome-focused. We consider product and architectural migration strategies, and the ability to address customers’ multicloud deployment requirements, application performance, security, traffic steering, scalability and resiliency needs. We focus on the vendor’s flagship enterprise offering and/or the products they lead with for enterprise accounts.
Overall Viability: Viability includes an assessment of the organization’s overall financial health, as well as the financial and practical success of the business unit. This evaluates the likelihood of the organization to continue to offer and invest in the product, as well as the product position in the current portfolio.
Sales Execution/Pricing: The organization’s capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support and the overall effectiveness of the sales channel. We also include the vendor’s estimated market share and growth.
Evaluates presales and go-to-market sales activities of both the vendor and its channels, and includes analysis of how the vendor interacts with its customers and prospects. The second aspect of this criterion includes our evaluation of the cost-effectiveness of the solutions for purchase and support over their useful life, and the ability to recognize and position the most appropriate solution in specific sales situations.
Market Responsiveness and Track Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor’s history of responsiveness to changing market demands. This includes how well the vendors’ offerings match buyer’s requirements at the time of purchase.
We assess the vendor’s track record in delivering new capabilities when the market needs them in terms of timing and scope. This criterion also considers the vendor’s history of responsiveness in terms of changing market demands. This evaluation is not limited to products, it involves pricing/licensing as well.
Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization’s message in order to influence the market, promote the brand, increase awareness of products and establish a positive identification in the minds of customers. This “mind share” can be driven by a combination of publicity, promotional, thought leadership, social media, referrals and sales activities.
Focuses on how the vendor is perceived in the market, and how well its marketing programs are recognized in generating awareness. For WAN edge infrastructure, the evaluation focuses on how well the vendor is able to influence and shape perception in the market through marketing activities and thought leadership. An additional indicator for this criterion is how often Gartner clients inquire about a specific vendor in terms of its capabilities and reputation or in a shortlist evaluation process.
Customer Experience: Products and services and/or programs that enable customers to achieve anticipated results with the products evaluated. Specifically, this includes quality supplier/buyer interactions technical support, or account support. This may also include ancillary tools, customer support programs, availability of user groups, service-level agreements (SLAs), etc.
Looks at all aspects of the customer experience (including pricing, setup, day-to-day production, as well as support), with a heavier weighting on postsales service and support activities. This includes customer’s experience with the vendor’s WAN edge products and services used in their production environments. This also includes initial provisioning, as well as the day-to-day operation and management of WANs. It includes the ability to upgrade software and work with technical support to solve problems. Hardware and software quality and how customers describe their experience with the vendors’ products are evaluated.

Table 1: Ability to Execute Evaluation Criteria

Enlarge Table
Evaluation Criteria
Weighting
Product or Service
High
Overall Viability
High
Sales Execution/Pricing
Medium
Market Responsiveness/Record
High
Marketing Execution
Medium
Customer Experience
High
Operations
Not Rated
Source: Gartner (November 2019)

Completeness of Vision

Market Understanding: Ability to understand customer needs and translate them into products and services. Vendors with a clear vision of their market listen, understand customer demands, and can shape or enhance market changes with their added vision.
Assesses the vendor’s ability to look into the future needs and drive new ideas into product roadmaps and offerings. This includes the vendor’s understanding of the core WAN edge infrastructure buyers as described in the Market Definition, as well as understanding the competitive nature of the market. In this market, we look at the vendor’s ability to address the challenges associated with distributed branch office locations. This may include simplified central management, large-scale deployments, latency/bandwidth challenges, automation, multicloud networking, changing application deployment scenarios (including on-premises), IaaS/PaaS, and SaaS architectures, openness, choice and investment protection.
Marketing Strategy: Clear, differentiated messaging consistently communicated internally, externalized through social media, advertising, customer programs and positioning statements.
Evaluates the ability of the vendor to influence the market through its messaging and marketing campaigns. Furthermore, this includes the extent to which the vendor articulates a clear, consistent and differentiated message that is aligned with end-user needs. We look for consistent communication throughout the organization and through its website, advertising, customer programs and positioning statements, as well as statements of direction and product roadmaps.
Sales Strategy: A sound strategy for selling that uses the appropriate networks, including direct and indirect sales, marketing, service, and communication. This also includes partners that extend the scope and depth of market reach, expertise, technologies, services and their customer base.
Evaluates the vendor’s use of direct and indirect sales to extend the scope and depth of its market reach. Furthermore, this includes the extent to which the vendor articulates a clear, consistent and differentiated sales strategy that engages with buyers. It involves the development of effective go-to-market strategies, alliances and partnerships leveraging value-added resellers (VARs), SIs, Master Agents, NSPs, MSPs and OEM resellers as appropriate. In addition, this includes how the vendor exploits new business models that are emerging due to market and technology transitions.
Offering (Product) Strategy: An approach to product development and delivery that emphasizes market differentiation, functionality, methodology and features as they map to current and future requirements.
Evaluates how the vendor plans and invests in R&D to continue to innovate in the key market transitions identified in the Market Definition/Description and Extended Market Definition sections. This includes product roadmaps around existing and future WAN edge functions. This also includes not just the raw functions, but also the vendor’s overall architecture across the portfolio.
Business Model: The design, logic and execution of the organization’s business proposition to achieve continued success.
Assesses the soundness and logic of a technology provider’s underlying business proposition and how revenue/profitability is derived.
Vertical/Industry Strategy: The strategy to direct resources (e.g., sales and product development), skills, and products to meet the specific needs of individual market segments, including verticals.
Measures the vendor’s ability to address the unique requirements of particular vertical industries and to employ the associated sales channels to build a sustainable business advantage.
Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or preemptive purposes.
Measures the vendor’s ability to address emerging WAN edge requirements, and/or increasing value to enterprise customers. We look at how the vendor invests in new technologies to move its business and the market forward, with a focus on technologies that are differentiated, unique and offer high value to the enterprise buyer. Specific examples include application centricity, intent-driven networking, security, improved management and automation, and even nonproduct innovations, such as consumption-based pricing and new models (e.g., hybrid offerings that bundle product and managed services).
A key attribute in the WAN edge market is for the vendor to innovate in technology areas that meet emerging enterprise market requirements around simplified management of hybrid WAN architectures, including increasing levels of automation. Innovation is not a checkbox of current and proposed product features. It is not limited to product; it can cover multiple aspects of the vendor’s strategy that delivers new capabilities that differentiates it in the marketplace, including new pricing and operational models.
Geographic Strategy: The vendor’s strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the “home” or native geography, either directly or through partners, channels and subsidiaries, as appropriate, for that geography and market.
It measures the vendor’s ability to address any unique product requirements of particular geographies and to use the associated messaging, partnerships, as well as sales channels, to build a sustainable business advantage.

Table 2: Completeness of Vision Evaluation Criteria

Enlarge Table
Evaluation Criteria
Weighting
Market Understanding
High
Marketing Strategy
Medium
Sales Strategy
Medium
Offering (Product) Strategy
High
Business Model
Medium
Vertical/Industry Strategy
Low
Innovation
High
Geographic Strategy
Low
Source: Gartner (November 2019)

Quadrant Descriptions

Leaders

A Leader has demonstrated a sustained ability to address changing requirements for enterprise WAN edge. A Leader also can drive, shape and transform the market, as well as maintain strong relationships with its channels and customers.

Challengers

A Challenger has demonstrated sustained execution in the marketplace, and has clear, long-term viability in the market. However, a Challenger has not shown the ability to drive, shape and transform the market.

Visionaries

A Visionary has innovated in some key areas of WAN edge, such as path selection, link remediation, automation, operational efficiency and cost reductions. Visionaries often help to transform the market, from driving new ideas, including new business models, to solving enterprise challenges.

Niche Players

A Niche Player has a complete or near-complete product offering, but has limitations, such as geographic reach or vertical market focus. A Niche Player has a viable product offering, but has not shown the ability to transform the market or maintain sustained execution.

Context

Market Forecast

The WAN edge market (which comprises SD-WAN plus traditional branch routers) is forecast to generate a compound annual growth rate (CAGR) of −6.5% in end-user spending from 2018 through 2023. However, this is the result of the robust growth of SD-WAN (+23.4% CAGR) and the decline of traditional branch office routers (—23.9% CAGR). The decline is due to the lower average selling price of SD-WAN hardware and software.
Gartner expects a functional consolidation of WAN edge functions into a single device to cause declines in the number of devices shipped and the total market size. This is evidenced by dedicated WAN optimization appliances, which are increasingly delivered as an added feature as part of SD-WAN. This bodes well for buyers, as multifunction devices typically sell for less than several dedicated devices.
The increase in WAN speeds from 1.5/2.0 Mbps legacy interfaces and 10 Mbps Ethernet interfaces to speeds and throughputs of 1 Gbps and beyond will drive up the prices of WAN edge equipment, although at a slower rate than the corresponding increase in link speeds, because there isn’t a linear relationship. In other words, the price per bit will go down.

Popular and Emerging Topics

Internet Substitution for MPLS Connections

Many Gartner clients hope to fund their WAN expansion/updates by replacing or reducing the bandwidth of expensive MPLS connections with internet-based virtual private networks (VPNs), often from alternative providers. However, suitability of internet connections varies by geography, access types and oversubscription levels, and service providers mixing connections from multiple vendors increases complexity. SD-WAN has simplified this approach for the following reasons:
  • Due to the simpler operational environment and the ability to use multiple circuits from multiple carriers, enterprises can abstract the transport layer from the logical layer and depend less on their service providers.
  • This decoupling of layers is enabling new MNS providers to emerge to take advantage of the above for customers that still want to outsource their WANs.

Thin Versus Thick Branch

We see one of the major decisions that customers will increasingly need to make in the next few years is whether to select a thick branch with all functions deployed at the customer location or more of a thin branch with some functions on the edge supplemented by functions hosted in the cloud. The former would be for organizations with stronger IT organizations that want more control. The latter is for learner IT and, ultimately, more operational flexibility.

Merging of Security and Networking

It used to be that security and network procurements were handled separately. Increasingly, we see network and security decisions being made at the same time and at times with the same solution. This is largely driven by the move to distribute internet access and change the security perimeter. This goes with the deployment of SD-WAN at the branch locations to manage the internet transport. As part of a desire to minimize branch sprawl, we expect to see more customers looking for vendors with a combined security and networking solution or part of a broader ecosystem. And the deployment model will also be determined by the decision of the thin versus the thick branch (see “Market Trends: How to Win as WAN Edge and Security Converge into the Secure Access Service Edge”).

Virtualization and NFV

This is primarily driven by the traditional NSPs with their NFV-based offerings, such as uCPE, that combine and orchestrate services (e.g., SD-WAN, security and WAN optimization) from multiple popular and best-of-breed vendors. We also see functions moving more to the cloud or hosted in the service providers’ networks.
Although virtualizing WAN edge functions has been an emerging topic, there are some near-term inhibitors to adoptions, such as standardized and consistent orchestration, networking integration challenges between VNFs, pricing, and performance. As these limitations get addressed, we expect to see more deployments (see “Pump the Brakes on Network Function Virtualization Services”).
DIY virtualization is rare, primarily due to the complexity and lack of standardized solutions.

Routing From Nontraditional Suppliers

Traditionally, enterprise routing has been the domain of a few trusted suppliers. The emergence of SD-WAN has demonstrated that routing has become more commoditized, and many vendors are as good, or perhaps even better, at branch office routing than the incumbents. As a result, trusted suppliers from adjacent markets, typically security and WAN optimization, have aggressively expanded into this market. Client inquiries often involve the suitability of these supplier solutions and the possible saving of as much as 40% when refreshing routing. However, it should be noted that prices have been increasing, due to elevated demand as a result of product and vendors maturing and success realized in the market.

Feature Breadth Versus Feature Depth

There are two approaches to selecting WAN edge equipment. Some Gartner clients prefer feature depth, and they often favor dedicated devices per function in the belief that they can achieve a more robust solution via best-of-breed products. Others prefer the simplicity of a single device and management console in the belief that the consolidated function device is more than good enough, especially since it can be easier to correctly configure the entire technology stack via one interface.

Automation and Agility

Many WAN changes remain manual and CLI-driven (approximately 70% for many enterprises). Thus, in many inquiries regarding WAN, Gartner clients mention a desire to improve automation and agility. In some instances, the focus is on dedicated SD-WAN tools; however, this desire occasionally drives investment in nontraditional tooling, such as Ansible or intent-based networking. Gartner clients report operational savings as high as 90%, when comparing the better WAN Edge solutions with traditional router-based deployments (administration time of five minutes/month versus one hour/month).

Combining LAN, WLAN and WAN

Gartner increasingly sees vendors building a common orchestration between the LAN, WLAN and WAN, and, sometimes, security, which is increasingly known as SD-Branch. Although this is not a formal Gartner term, it offers increased simplicity in managing WLAN, LAN and WAN policies and profiles with a single solution. Integrating these domains will increasingly be a differentiating factor for some vendors. Although Gartner still sees customers procuring LAN/WLAN separate from WAN, there is increasing evidence that this may change for certain customer environments.

Leveraging AI/ML

There is a trend to more autonomous and self-driving networks where leveraging AI/ML technologies can learn and adapt to network traffic patterns. The objective is to make networking even easier for end users, reduce operating expenditures (opex), increase speed/agility and improve uptime/performance. Although it is still early in many vendors’ product development, we are seeing this functionality being incorporated into an increasing number of vendor solutions offering differentiation.

Application Analytics

Application visibility and analytics are becoming more important to get better feedback as to the applications running on the network. Whether this is for on-premises applications or applications in the cloud, enterprises are looking for more details to help troubleshoot, plan and confirm that specific applications performance and QoE is being delivered for end users.

Market Overview

Gartner’s view of the market is focused on transformational technologies or approaches delivering on the future needs of end users. It is not exclusively focused on the market as it is today.
This dynamic market, with emerging client needs, has created a deeply fragmented vendor landscape, with both large established vendors and smaller providers from multiple segments competing for market share. Differentiation can be feature-based (e.g., ease of cloud connectivity, embedded NGFW or application performance), business-model-based (e.g., pure subscription or WAN as a service using proprietary technologies) or go-to-market (e.g., direct, master agents, product-focused VARs or system integrators [SIs] as MSPs). Some vendors focus on feature depth on a specific use case or two, while others choose an “all-in-one offering” approach. Scale of deployment and the ability to support complex environments remain differentiators at the high end of the market, where some customers require deployments of several thousand branches across multiple geographies.

Market Drivers

The WAN edge market is primarily driven by seven factors:
  • Refresh of existing branch office router equipment that is at end of support or lacks the desired capabilities
  • Renewal of NSP or managed service contracts, where a new service provider also means new equipment
  • The changing traffic patterns resulting from the increasing use of cloud and multicloud resources, which renders the traditional hub-and-spoke from remote branch to on-premises data center WAN architecture obsolete
  • By distributing internet access to the branch, the security perimeter changes, which typically drives new solutions
  • The expansion of capacity (i.e., physical build-outs) within existing locations
  • The desire to increase agility and automation to address the needs of digital business transformation and lower opex
  • The desire to consolidate more than one branch function, such as routing, security and WAN optimization
Moving forward, Gartner views SD-WAN and NFV as key technologies to help enterprises transform their networks from fragile to agile. NFV can be in the cloud or on-premises, and Gartner expects to see more functions supported in the cloud. The resulting deployments will increasingly become a choice between a thick branch with more functions operated locally, versus a thin branch with more functions operated in the cloud. Increasingly, we see the consolidation and integration of network and security functions to be a driver in this decision.

Vendor Landscape Changes

Just a few years ago, the WAN edge market was dominated by a few suppliers with long histories of providing routing. Security and WAN optimization was often provided by separate dedicated appliances, and even when device consolidation was available, cost savings were small.
With the acceptance of SD-WAN and the demonstration that routing was increasingly becoming commoditized, companies that often offered adjacent solutions are now aggressively competing.
This Magic Quadrant covers well-known incumbent vendors, as well as a number of smaller suppliers. In total, the WAN edge market is estimated to have more than 70 suppliers that Gartner is aware of, and more are likely to enter the market. We expect this market to remain extremely fragmented during the next few years, with little sign of significant consolidation. It is likely that more than 10 mainstream suppliers will remain, as we look out five years.
WAN refresh opportunities often now involve several trusted existing suppliers and one or two new providers. In many cases, vendors from adjacent markets are competing by bundling multiple functions (e.g., security plus routing) in a single offering that is priced only slightly higher than a single-function offering. Additionally, some of these incumbent solutions can be upgraded to offer SD-WAN by just updating the software on-site and retaining the hardware already deployed.

Market Recommendations

I&O leaders responsible for building and operating WANs should:

Extended Market Definition

Characteristics of the Market

Typical business outcomes: The fundamental business outcome is connectivity between enterprise users, applications and services that reside in distributed locations. Locations include headquarters, branches, corporate data centers, colocation/hosting facilities, SaaS providers and cloud service providers. Increasingly, buyers require improved agility, automation, flexibility and application control.
Market: WAN edge infrastructure provides network functions that support connectivity for distributed locations (typically branches). This market includes functionality that Gartner defines as traditional routers, security appliances, WAN optimization controllers (WOCs), WAN path controllers and SD-WAN.
Typical buyers: Within the enterprise, CIOs, CTOs, the vice president of I&O, the director of networking, and network and telecom managers are typically the buyers of WAN edge infrastructure. Branch managers, as well as enterprise architects, are strong influencers in larger enterprises as well.
How buyers shape their buying decisions: When selecting WAN edge infrastructure, buyers typically focus on several factors including vendor incumbency and familiarity, feature/functionality, pricing options, performance, form factor, deployment options, ease of management, visibility/analytics, customer support/experience, overall product architecture, vertical focus and geographical strength. The solution set is strongly influenced by changing traffic patterns affecting the enterprise WAN.
Deliverables: The primary deliverables include network functions that enable connectivity for users at branches. Typical network functions include edge routing, security and VPN, WAN optimization, WAN path control and SD-WAN. These functions can be delivered to the enterprise as integrated, dedicated hardware appliances (such as routers, WOCs, security or SD-WAN edge-devices) or as a software instance of these functions (e.g., a VNF). These may reside at the customer premises, in provider points of presence (POPs) or as a network-based/cloud service.
How providers package, market and deliver: Buyers typically source their WAN edge infrastructure products directly from network equipment suppliers, or via a network or MSP (that is, as a managed service). WAN edge infrastructure can be procured via purchase, leasing, subscription or consumption-based pricing models. Furthermore, there is a diverse set of deployment options for these networking functions, including via hardware appliances, software (e.g., VNF) or cloud-based services.

Characteristics of WAN Edge Solutions

WAN edge solutions are characterized by the following elements:
Physical interfaces: This refers to physical interfaces to plug into the service providers’ circuits. Ethernet is rapidly becoming the default connection and link speeds are increasing to multigigabit speeds. Flexible options beyond just Ethernet offer more value to customers.
Physical topology: Traditional hub-and-spoke WAN architectures are no longer suitable for most enterprises. Enterprises are altering their WAN architectures in support of new digital business initiatives and the adoption of public cloud services (e.g., SaaS, IaaS and PaaS). The rationale behind this is that migration of applications to the public cloud can lead to distinct challenges, including:
  • Network performance problems as traffic is backhauled, which typically increases latency and congestion
  • WAN expenses increase due to backhauled internet traffic with cost of paying for bandwidth twice (MPLS to the data center and from the data center to the internet).

Routing, WAN Optimization and Security

With part of the first phase of SD-WAN, we saw some SD-WAN deployments deployed behind traditional routers. However, as SD-WAN routing functionality has improved, vendor products have largely been proved, and traditional routers are reaching end of life, we see SD-WAN operating as the main WAN edge function in customer networks.
Increasingly we are seeing two approaches from vendors where they are natively incorporating multiple functions into their solution (e.g., SD-WAN, WAN optimization and security) or partnering with other point solution vendors.

Deployment Options

We see several deployment methods available for the enterprise to consume network functions:
  • Dedicated hardware appliance — This is the traditional style of deployment, in which a single network function is delivered as a turnkey integrated hardware appliance. Although still common, the trend is to move aware from this option as on-site technology becomes obsolete or inefficient. If retained, we do see the trend of at least the on-site router migrating to an SD-WAN solution.
  • Multifunctional integrated platform — This platform combines proprietary hardware and software to deliver multiple functions, such as WAN optimization, routing and security. This can be deployed in two ways:
    • Native functionality by the vendor
    • Partnership by the vendor with another best-of-breed solution that is tightly integrated
  • Examples include FortiGate appliances, Silver Peak Unity EdgeConnect with Unity Boost, VMware SD-WAN by VeloCloud, and Versa’s FlexVNF.
  • Virtualized network function — This is a software-based instance of a network function that can be delivered on an x86-based computing platform. Nearly all routing, WAN optimization and SD-WAN vendors deliver a VNF version of their software.
  • uCPE platform — This multifunctional platform supports an NFV architecture, designed around industry standards to run multiple virtual functions, with possibly different vendors’ functions in the same device. The platform allows multiple VNFs to be installed, and typically makes use of industry-standard x86 devices, rather than function-specific appliances. Juniper Networks’ NFX and Cisco ENCS are examples of a hardware uCPE platform. Universal CPE is one delivery method for an NFV deployment with the functions residing on-premises. With the goal to increase the agility of enterprise networks, enabling them to respond to changing needs more rapidly in a more on-demand manner and avoid vendor lock-in. Today, uCPE is primarily a carrier-driven technology, and has near-term adoption challenges with pricing, performance, standard orchestration and networking integration. However, we expect these challenges to subside in the next couple of years.
  • Cloud-based OTT — Network function is delivered via a cloud platform, and the enterprise subscribes to the functionality. An example is Aryaka, which provides WAN optimization and other application performance functionality. Additionally, we are seeing security delivered in this model, which will drive adoption of the thin CPE model.

Consumption Models for WAN Edge Infrastructure

Enterprises consume WAN edge infrastructure functionality in multiple ways, including:
  • DIY — Enterprise owns and manages WAN edge functionality itself.
  • NSP — NSP manages the WAN transport and, optionally, the WAN edge equipment.
  • MNS — Managed NSPs include SIs, MSPs, and ISP aggregators that managed the WAN edge equipment and may resell third-party access or, in some cases, allow organizations to bring your own access (BYOA)
  • Hybrid — This is a combination of at least two of the above.
On a global basis, most WAN edge infrastructure is provided as a managed service, either via a NSP, SI, MSP or ISP aggregator. Conversely, in North America, the predominant way of managing WAN edge infrastructure for a large enterprise is DIY. Overall, Gartner sees the trend for more MNSs and the growth is expected to come from non-NSP providers. Additionally, we see an increasing trend of co-management where the client retains control over business policies and the MSP controls how those policies are enforced.
In this research, we focus primarily on WAN edge functionality that can address multiple consumption models.

Evidence

Gartner analysts conducted more than 3000 Gartner client inquiries on the topic of WAN between 1 July 2018 and 30 June 2019.
Gartner analysts conducted more than 700 Gartner client inquiries on the topic of SD-WAN between 1 July 2018 and 30 June 2019.
All vendors in this research responded to an extensive questionnaire regarding their current/future data center networking solutions.
We surveyed reference customers provided by vendors in this research. All vendors in this research provided reference customers, although not all reference customers completed the survey (n = 125).
Analysts reviewed Gartner Peer Insights data for this market.
Social Media Conversation Analysis: Gartner analyzed social media activity regarding WAN edge topics and applicable vendors. Automated social media listening tools were used to track user responses on social media and public discussion forums as leading indicators for consumer sentiment, preferences and activities.
  • The data tracked is specific to quantifiable keywords and phrases, as well as qualitative assessments and evaluations of results and use cases.
  • Definition of social media mentions: “Mentions” are the text inclusion of a monitored keyword in a post on a social media platform. High mention count should NOT be interpreted as “positive sentiment” by default.
Duration of the Research: The time period for the analysis of the overall mention count was considered to be between 1 August 2016 and 23 July 2019. Considering a different time interval may change the most-talked-about conversations.

Evaluation Criteria Definitions

Ability to Execute

Product/Service: Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria.
Overall Viability: Viability includes an assessment of the overall organization’s financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization’s portfolio of products.
Sales Execution/Pricing: The vendor’s capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel.
Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor’s history of responsiveness.
Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization’s message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This “mind share” can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities.
Customer Experience: Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on.
Operations: The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.

Completeness of Vision

Market Understanding: Ability of the vendor to understand buyers’ wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers’ wants and needs, and can shape or enhance those with their added vision.
Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements.
Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base.
Offering (Product) Strategy: The vendor’s approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements.
Business Model: The soundness and logic of the vendor’s underlying business proposition.
Vertical/Industry Strategy: The vendor’s strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.
Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.
Geographic Strategy: The vendor’s strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the “home” or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market.

Research and Scientific Publications

Research and Scientific Publications

IT Interview Questions Cheat Sheet

IT Interview Questions Cheat Sheet

 Questions to Ask

  • What is the current workload?
  • What are the current pain points?
  • What is required for this role?
  • What capabilities do you need for this role?
  • Are there many opportunities for professional development within the company?
  • Where do you see this role in 2 Years? 5 Years?
  • How would you describe the office culture?
  • What do you think are the biggest challenges of the role?
  • Why did you choose this company?
  • What are your growth plans?
  • What does a typical week look like?

Soft Skills