Ever since he was hired as an analyst by GigaOm in October, Chris Grundemann has been waist-deep in slicing and dicing the SD-WAN sector.
The fruits of those efforts are reflected in the recently published GigaOm "Radar report for SD-WAN," which followed on the heels a previous report by Grundemann called "Key criteria for evaluating SD-WAN."
The Radar report takes the key criteria information, along with defining the types and markets for SD-WAN, to provide a forward look at the SD-WAN sector. With more than 50 SD-WAN vendors currently in the market, the report drilled down on 13.
"We look at the market segments, the deployment models and, and then rank each vendor independently," Grundemann said in an exclusive interview with FierceTelecom. "Then we look at the key criteria and the evaluation metrics. If you try to boil the ocean, it's really hard, but if you look at the individual pieces of 'Okay, how does one technology deal with routing and forwarding' and you look at 'How does Cisco do with WAN optimization' it becomes pretty clear."
In GigaOm's first Radar report for SD-WAN, Grundemann took all of the information from the 13 SD-WAN vendors and plotted them onto the GigaOm Radar graphic. By combining the various metrics, Cisco, Silver Peak, Fortinet, VMware, and CloudGenix scored the highest across the four verticals of "maturity," "feature play," "platform play," and "innovation."
The rest of the vendors in the Radar report, which includes descriptions of their various strengths and challenges, were: Aryaka, Citrix, Nuage, Versa, 128 Technologies, Juniper Networks, Forcepoint and Oracle.
Those same top-five SD-WAN companies scored well across the key criteria comparison of vendors. On the flip side to those five top-vendors, Juniper Networks and Forcepoint had the lowest scores for cloud integration. Even before the coronavirus pandemic hit this year, SD-WAN vendors were forming on ramp partnerships with the large cloud providers. With "work from anywhere" due to the pandemic, businesses of all sizes are moving more of the applications, such as Office 365, to the cloud as they accelerate their digital transformations.
"I've been a Juniper fan for a long time," said Grundemann, who previously helped design networks for CableLabs and tw telecom, among others. "I really had to get objective about this and look at how they're doing SD-WAN. Having them come up towards the back of the pack was a little bit surprising. It's definitely a great engineering company. It seems like they haven't quite hit their stride there (SD-WAN) yet."
For cloud integration, Grundemann gave high marks to VMware, which bought SD-WAN vendor VeloCloud three years ago.
"A big part of their whole play is really building this into their existing cloud infrastructures," he said. "It just really does check a lot of the boxes and really covers what you want in an SD-WAN provider and across cloud access."
Hot takes for SD-WAN
Along with the data in the Radar report, Grundemann provided insights across the SD-WAN sector, including the possibility of more consolidation after Palo Alto Networks struck a deal for CloudGenix and HPE bought Silver Peak to mix into its Aruba portfolio.
As the only pure-play SD-WAN vendor left, Versa Networks has an acquisition target on its back. Grundemann said 128 Technologies was also a possibility, but its approach to SD-WAN is different than Versa's, which may or may not be a selling point. With the large number SD-WAN companies in the marketplace, Grundemann said there's bound to be more consolidation.
"I think the more important question is who might be buying these SD-WAN companies? There are probably some players that aren't in this Radar report that might get snapped up or consolidate together," he said. "There are a ton of companies that are claiming to do SD-WAN right now, way more than we can keep in the report itself. It seems that some of those will fade away, get combined with each other or get acquired."
Among other SD-WAN topics, Grundemann said secure access service edge (SASE) has picked up steam this year after Gartner analysts coined the phrase last year. SASE blends SD-WAN, security functions, such as zero trust, and subscriber policies to, among other things, enable users to access their connectivity services safely from anywhere, which is even more important during the Covid-19 pandemic.
"I think that even SD-WAN, in a lot of cases, was something that people were doing before we started calling it SD-WAN," he said. "But giving it a name gave people a target and a place to shoot for and I think SASE is similar. Based on the responses we've seen this year, Gartner seems to have kicked the hornet's nest, and people are clamoring for it.
"It makes sense to think of that holistic view of security and networking together, and then how that interacts with what you need to do out at the edge of your network and at the edge of your business. It does make sense, but I think that we are in a little bit of a hype bubble around SASE. Everyone wants to call everything SASE at the moment. So it's a little bit hard to separate the wheat from the chaff."
As evidenced by the success of Fortinet and Forcepoint, Grundemann said enterprises are on-board for more security measures, including zero trust security.
"Zero trust network access is a really important thing that's going to show up more and more in these types of solutions," he said. "I think that's going to combine with mobile client support. We'll see more of these kind of SD-WAN technologies incorporate some kind of agent or mobile client that you can essentially VPN in through to that same SD-WAN."
The move of SD-WAN into SD-LAN due to more employees working remotely is another significant trend, according to Grundemann. SD-WAN vendors, such as Versa, are actively working on solutions that are home-office based.
"The push into the branch is something that's definitely happening, and it is going to continue to happen assuming that we are working at branch offices, but maybe even at home," he said. "That includes the combination of the universal CPE that's been on the periphery of people's conversations for a long time with SD-WAN, but also 'Can I turn my SD-WAN into SD-LAN?' as well.
"Can I use a single dashboard to manage my WAN connections, but also look into what's going on inside the LAN, inside of my branches or in an employee's office network at home to make sure that things are secure and be able to troubleshoot those problems from afar? I think that 'branch plus' kind of model is something that is going to be a big trend."