The market for SD-WAN remains white hot with distributed organisations widely deploying the technology to solve WAN bandwidth limitations, provide reliability/resiliency and improve quality of user experience for cloud-based applications.
Dozens of suppliers are rapidly innovating and maturing their SD-WAN products with innovations in cloud onramps, support for leading SaaS applications, security and management/automation platforms.
Here are six top issues to evaluate as SD-WAN moves to its 2.0 phase and beyond during 2020.
SD-WAN is a highly dynamic market with over 50 active suppliers. Basic SD-WAN functionality is becoming standard across all routing and next generation firewall providers. As more suppliers offer SD-WAN differentiating among various feature sets can become more complex.
During 2020, Doyle Research expects several marginal SD-WAN vendors to either exit the market or be acquired. IT executives should carefully evaluate the mid-term viability of their SD-WAN solutions.
Accelerating cloud onramps
Enterprises continue to increase their use of multiple infrastructure as a service platforms (IaaS) such as Amazon AWS, Microsoft Azure, Google Cloud, Oracle and others.
Most SD-WAN suppliers have partnerships with leading cloud platforms, and they use a variety of methods to accelerate traffic coming to and from cloud platforms. One option is to place a virtual copy of the SD-WAN program on the IaaS cloud to streamline traffic flows.
SD-WAN suppliers also leverage point of present (PoP) locations on their private network to hand-off traffic at the nearest point on the AWS or Azure cloud for lowest latency.
Organisations with multi-cloud implementations should evaluate SD-WAN platforms on their ability to seamlessly integrate with the leading cloud platforms, including one-click connectivity from the branch, customisable APIs, performance optimisation and end-to-end performance visibility.
During 2020, SD-WAN technology will improve in its ability to help IT organisations migrate to and from various IaaS platforms.
Improved support for SaaS
Organisations rely on dozens of software as service (SaaS) suppliers to provide best-in-breed applications for unified communications, office suites, CRM, accounting and many more specialised services.
It is challenging for IT to guarantee quality of services to these applications because each SaaS provider has its own unique set of services, security mechanisms, APIs and management tools.
Most SD-WAN platforms can recognise traffic via their IP address and traffic type to and from the leading SaaS providers. IT can set specific policy, security and compliance criteria within the SD-WAN management portal for each SaaS service.
Some SD-WAN products have specific business relationships and tight integration with leading SaaS platforms, especially Microsoft’s Office 386.
SD-WAN platforms also offer pre-set, high-priority policies for real time applications such as unified communications and video. During 2020, SD-WAN suppliers will continue to improve their automation of policies designed to deliver appropriate QoS to critical SaaS applications without IT intervention.
SD-WAN leverages the abundant bandwidth of relatively unsecure internet connections, thus potentially exposing branch locations and edge devices to security attacks and data breaches.
As a result, SD-WAN deployments require additional security to ensure that the corporate policy is enforced at distributed locations. Security features should include traffic visibility, policy controls, and protection against direct threats and attacks.
Most SD-WAN suppliers have added a level of built-in security to their platforms, including encryption and stateful firewalls. Additional security features can include intrusion prevention systems, URL and content filtering, malware detection and DDoS protection.
SD-WAN products should offer robust visibility into applications, protocols, and devices for auditing and compliance. SD-WAN platforms now provide automated policies as to which traffic should traverse specific network links and the ability to whitelist and blacklist traffic from specific locations.
During 2020, SD-WAN suppliers will continue to improve the depth and breadth of their native network security capabilities.
Enhanced security partnerships
Large organisations typically have dedicated security (SecOps) personal mandated to protect corporate assets against attack. They have deployed an array of security products and services from leading security suppliers, including next generation firewalls, application-delivery controllers, IPSes, malware detection, network access control, etc.
IT needs to integrate its SD-WAN implementations within the framework of existing and planned enterprise-security architecture.
During 2020, SD-WAN suppliers will improve the depth of their strategic security partnerships. IT buyers should expect SD-WAN functionality to be integrated with their favourite network security products. These partnerships should provide a single-pane-of-glass console with centralised orchestration and management.
Security or IT personnel should be able to easily distribute security policies to remote branch locations. Network security management will become highly automated and include analytics to warn against attacks.
Management, automation and orchestration
SD-WAN is becoming an integral to IT infrastructure, so it must seamlessly scale to hundreds or thousands of locations and play well with existing network- and application-management platforms. During 2020, SD-WAN providers will continue to improve management and automation with:
- Capabilities to easily set application performance priorities and let the network make routing decisions
- The ability for IT administrators to quickly change locations, add or drop ISPs, onboard new applications or connect IoT devices
- Dashboards that can graphically illustrate the health of the network and the performance of key applications
SD-WAN providers have a long way to go before they deliver the promise of fully automated, intent-based WANs.
But, in 2020, they will improve their ability to help IT easily identify the cause of application-performance slowdowns or outages, quickly connect IoT devices, view the status of the network and unify multiple management consoles.