As we kick off 2020, we're experiencing the usual wave of look-back, look-ahead articles across technology publications and prognostications from industry pundits. A pent-up spurt of announcements queued up from the holidays, and timed to align with CES 2020, have also spewed forth. While some of our analyst friends have fun (or suffer the craziness) in Las Vegas at CES, I'd like to take a moment to reflect on the ever-evolving SD-WAN market. For the impatient amongst us, here's a quick TL;DR summary:
• Longer-term visions for SD-WAN like Secure Access Service Edge (SASE) or Fabric for Universal Networking (FUN) will be driven by vendors striving for differentiation and desire to claim thought leadership.
• Enterprises will focus on day-to-day blocking and tackling, so SD-WAN solutions will be evaluated primarily on their ability to solve today's problems: addressing multi-cloud, app-level security, and QoS and, reliability.
• Likewise, CSPs and MSPs will push SD-WAN vendor solutions as managed offerings that provide them with adequate feature-set and ability to add their differentiation as the managed market heats up.
• New and adjacent entrants to the market will continue, along with some consolidation of the market in 2020.
Let's start with the long-term view on the convergence of networking and security, particularly around Gartner's recently announced SASE.
SD-WAN and SASE, who's on top?
Some analysts view SASE as evolution or the logical end-goal of SD-WAN (or even a subset of it), while Gartner has positioned SASE as the unification of essentially all enterprise access security initiatives and WAN networking platforms, which includes SD-WAN. Some of this discussion is likely moot, since Gartner itself acknowledges that SASE is in its infancy, with possibly a 1% adoption rate today. Plus, SD-WAN was never well-defined and had an elastic definition. Even the MEF's effort to put a stake in the ground amounts primarily to picking the most common capabilities in 2019 in their MEF 3.0 definition of SD-WAN, which will inevitably evolve with each new version of that standard.
SASE — a new kitchen sink for security and networking
With essentially zero to insignificant adoption, why push a new label into the market? Conversation starter? Controversy and press generator for Gartner? Perhaps part of it is to address label fatigue in both the networking and security space. And part of it is to address convergence. SASE provides a nice unified collection of technology terms (CASB, SWG, SD-WAN, NGFW, and many more). It checks every box on the CISO's dance cards while lighting up all lines on buzzword bingo cards everywhere. Yet, the scope and complexity of tying all of this together is mind-boggling, and crosses so many enterprise domains that it's hard to fathom how to bring all of it under one roof eventually.
From being SASE to having FUN?
In the past, we at AvidThink have put forward the concept of a FUN that enterprises are striving for. That irreverent term was meant as a catch-all for Cisco's ACI Anywhere and VMware's NSX Everywhere visions, as well as Nuage Networks' original universal policy-based fabric that stretched from the data center to the edge. Compared to SASE, FUN takes a network-centric view that addresses data center micro-segmentation, container networking, cross-component communication in a micro-services architecture across transport networks to remote networks, IoT devices, etc. At that time, our thinking was that due to the complexity of FUN, CIOs would end up handling each domain separately (multiple spans-of-control), but try to create a consistent set of policies and controls that would be implemented separately across each span: data center, SD-WAN, campus networks, etc. Underlying this would be a federation of consistent policies with a tie-in into identity, context, and attribute and policy stores.
AvidThink holds that same opinion today. Long-term, we're all seeking an all-singing, all-dancing, unified fabric across all enterprise endpoints, both managed and unmanaged, that provides unified visibility, policy, and security controls. That holy grail is likely not achievable. Regardless, we agree, SASE or not, that the concept of identity (user, device, application) becomes critical as we try to securely connect devices and locations.
2020 SD-WAN's Citius, Altius, Fortius
Coming back down to the practical, a fast way to summarize what to expect this year is the Olympic motto. The hendiatris Citius, Altius, Fortius (Latin for Faster, Higher, Stronger) could easily apply to SD-WAN in 2020:
• Higher: Lofty SD-WAN cloud expectations prevail. Expect tighter SD-WAN integration into SaaS applications and IaaS platforms, multi-cloud capabilities (including Azure vWAN, AWS Transit Gateways and more).
• Faster: Improved CPEs/uCPEs to handle encrypted traffic in the 10 Gbps or more range; improved end-to-end SLAs via PoPs, private backbones, and direct public cloud access, and faster cross-cloud access.
• Stronger: Better security to resist attacks, cloud-based security scrubbing solutions via partnerships, and improved built-in SD-WAN security capabilities will continue to be announced.
For more detail on this, I recommend checking out Scott Raynovich's views on what he expects in 2020 for the SD-WAN market, which I enjoyed reading and am in alignment with. Certainly, SD-WAN solutions will be bigger, badder, and hopefully better.
SD-WAN needs increased transparency
At the same time, we all are keenly aware of the diversity of solutions in the market, with vendors hailing from all walks of life. That's not changing in 2020 as more vendors jump on the bandwagon. Plus, there's a certain level of opacity and confusion in the market that's never gone away. And the tens to hundreds of millions of dollars spent on SD-WAN marketing to further vendors' unique messages exacerbates this mess. Unfortunately, their positioning differs so subtly that most enterprise IT folks don't pick up on it and stay confused.
Perhaps the recent announcement and release of an open-source codebase by flexiWAN this week will help drive some transparency, though admittedly it's still early days yet for this fledgling startup. One can but hope.
Roy Chua is founder and principal at AvidThink, an independent research and advisory service formed in 2018 out of SDxCentral's research group. Prior to co-founding SDxCentral and running its research and product teams, Chua was a management consultant working with both Fortune 500 and startup technology companies on go-to-market and product consulting. As an early proponent of the software-defined infrastructure movement, Chua is a frequent speaker at technology events in the telco and cloud space and a regular contributor to major leading online publications. A graduate of UC Berkeley's electrical engineering and computer science program and MIT's Sloan School of Business, Chua has 20+ years of experience in telco and enterprise cloud computing, networking and security, including founding several Silicon Valley startups. He can be reached at [email protected]; follow him at @avidthink and @wireroy
Industry Voices are opinion columns written by outside contributors—often industry experts or analysts—who are invited to the conversation by FierceTelecom staff. They do not represent the opinions of FierceTelecom.