Top SD-WAN vendors 2023

SD-WAN Matrix: Technologies VMware SD-WAN by Technology name of the product Aryaka Cato Networks Oracle Talari Cisco Meraki Versa Secure VelocCloud year SD-WAN product was Year Launched 2009 2016 2007 2015 2012 2012 launched This provider's placement Gartner Magic Quadrant in Gartner's Magic Not Ranked Sample Vendor for SASE Not Ranked Leaders Leaders Leaders 2020 Quadrant for the industry edge-based = only edge 1,000+ global, public devices; gateways = gateways for internet and hosted, used for Internet 32+ global POPs for site- 75+ global POPs for site- cloud trafc. Some SD-WAN Architecture and cloud; POPs = hosted, to-site and optionally to-site, and optionally edge-based edge-based providers have built out edge-based often used for site-to-site, cloud-based trafc cloud trafc their own gateways, and as well as cloud, connected may offer their own by middle mile private middle mile. offers middle-mile network that connects SD- Network Backbone yes yes no no no no WAN POPs and optimizes long-haul trafc appliances may be physical; virtual (VMware, deployed on physical gear, physical; virtual (VMware, physical; virtual (KVM, physical; virtual (VMware); physical; cloud (AWS, KVM); cloud (AWS, Azure) Form Factor as virtual machines, in the physical Hyper-V, KVM); cloud ESXI); cloud (AWS, Azure, cloud (AWS, Azure) Azure) cloud, or even on white (AWS, Azure, Oracle) GCP, Oracle); bare metal may vary by provider boxes (uCPE) total number of SD- # Customers WAN/SASE/SSE 800+ 1000+ 1,500+ 30,000+ 9,000+ 5,000+ customers Gateways allow a customer to optimize their global core network to trafc to cloud and SaaS next-gen rewall, Wi-Fi solve for middle mile global core network; cloud applications; smaller Measurements taken with next-gen rewall; single access point, multi- issues; WAN optimization next-gen rewall built in; devices have Wi-Fi access unique features of the every single packet; pane of glass for other tenancy for service Differentiators built in; Last Mile Services solution supports VPN for points; NFV allows for provider automatic classication of features: Wi-Fi, switching, providers, software-based including circuit remote users; Last Mile integrated security on the trafc security cameras solution runs on various procurement and management SD-WAN edge; integration hardware platforms management with other VMware network intelligence products (AIOps). maximum amount of 3G; aggregate throughput 10G; aggregate Max Throughput per trafc/throughput 1G; duplex throughput 7G; duplex throughput 2G; aggregate throughput 14G; duplex throughput (note that licensing is throughput Device supported on each SD- click here for device list click here for device list click here for device list click here for device list duplex, however) click here for device list WAN edge device Edge510 (2), Edge610 (6), the number of circuits that Edge620 (6), Edge640 (6), 2 wired (active) + 1 LTE Max # WAN Circuits each hardware model can 2 3 Internet + 1 private 8 Edge680 (6), Edge3400 6 (backup) support (8), Edge3800 (8); expandable via USB provider's ability to Palo Alto, CheckPoint, Can deploy Palo Alto and CheckPoint, Palo Alto, and support various other Palo Alto, CheckPoint, Fortinet, Juniper, Cisco, uCPE & VNFs CheckPoint rewalls onto no no Fortinet rewalls can run virtual network functions Oracle SBC Thousand Eyes, Riverbed, Aryaka devices. on VMware devices. on the edge device Secui, Viasat, Adtran Cloud: Azure Virtual WAN, Cloudare, Cloud: Azure Virtual SaaS: Cisco Webex, Zoom, Megaport WAN, AWS Transit Salesforce, O365 Cloud: Azure Virtual WAN Gateway, Equinix Network Security: Checkpoint, Edge signicant related Security: Palo Alto, Forcepoint, Fortinet, IBM, Partnerships & Add-on Security: Zscaler, Palo technology or provider Zscaler, Symantec, UCaaS: RingCentral Cloud: Azure Virtual WAN Palo Alto, Symantec, Services Alto, Checkpoint Security: Splunk partnerships Checkpoint, Radware Zscaler Symantec, Amdocs, UCaaS: Zoom McAfee UCaaS: 8x8, RingCentral, UCaaS: RingCentral, Fuze Zoom, various UCaaS UCaaS: RingCentral providers that offer VMware Throughput licenses are costs in addition to the devices. If the technology has throughput licenses, are they aggregate or duplex? Aggregate is the total data transfer rate no additional licensing Licensing Model* duplex throughput duplex throughput duplex throughput aggregate throughput duplex throughput through the device (i.e., model throughput = upload + download). Duplex uses the higher bandwidth of the upload or download (i.e., throughput = upload or download). basic = zones-based, stateful, layer 7; advanced basic; advanced via basic; advanced via basic; advanced via Firewall = next-gen, with anti- advanced advanced advanced partners partners partners malware, IDS, IPS, content ltering, sandbox WAN Optimization uses data caching, deduplication, WAN Optimization yes limited (TCP optimization) yes no no yes compression, and more to increase efciency of WAN trafc.

Video Player is loading.

Play Video

Play

Mute

Current Time 0:00

/

Duration 0:00

Loaded: 0%

Stream Type LIVE

Seek to live, currently behind liveLIVE

Remaining Time -0:00

 

1x

Playback Rate

Chapters

• Chapters

Descriptions

• descriptions off, selected

Captions

• captions and subtitles off, selected

Audio Track

Picture-in-PictureFullscreen

This is a modal window.

Beginning of dialog window. Escape will cancel and close the window.

Text

ColorWhiteBlackRedGreenBlueYellowMagentaCyanTransparencyOpaqueSemi-Transparent

Background

ColorBlackWhiteRedGreenBlueYellowMagentaCyanTransparencyOpaqueSemi-TransparentTransparent

Window

ColorBlackWhiteRedGreenBlueYellowMagentaCyanTransparencyTransparentSemi-TransparentOpaque

Font Size

50%75%100%125%150%175%200%300%400%

Text Edge Style

NoneRaisedDepressedUniformDropshadow

Font Family

Proportional Sans-SerifMonospace Sans-SerifProportional SerifMonospace SerifCasualScriptSmall Caps

Reset restore all settings to the default valuesDone

Close Modal Dialog

End of dialog window.

some devices can terminate LTE circuits Yes, via SIM and MX67C or directly via SIM card slots; MX68CW devices. Via yes (SIM card on vEdge yes (SIM card slot on LTE Termination if that’s not an option, a no no no USB air card on other 510LTE device) CSG350) USB modem or separate devices. LTE extender device is required Limited; Application Aware Routing measures if and how the solution Yes; VMware has 1,000+ single-ended metrics measures application shared gateways for path without needing a Cloud App Path Selection performance and makes yes; via 32+ global POPs yes; via 75+ global POPs no no optimization. Providers bookend. Metrics are used decisions for hosted apps, can build out their own to determine the best path such as SaaS gateways as well. to send cloud/SaaS trafc over. the ability to prioritize applications at the edge; Trafc Shaping yes yes yes yes yes yes i.e. drop Netix in times of contention; AKA edge QoS when deployed inline with router, if device goes Fail to Wire down, it becomes a dumb yes no yes no no no wire that still passes trafc through it trafc handling may be session-based (app sessions are on one link or session-based; can be Trafc Handling the other) or packet-based packet-based packet-based packet-based session-based packet-based congured to be packet- (session can take place based over multiple links simultaneously) ability to send packets (i.e. Packet Duplication voice) on both links to yes yes yes no yes yes ensure quality ability to send parity packets that help to Forward Error Correction reconstitute lost packets yes yes no no no yes and improve performance of real-time apps like voice external/internal routing External: BGP BGP, RIPv2, OSPF Routing Protocols protocols supported when BGP BGP, OSPF BGP, OSPF BGP, OSPF, RIP (roadmap) replacing a router Internal: BGP, OSPF Ability to VPN to your SD- WAN solution using a third-party device. yes; via gateways, not edge VPN Tunnels Existing investments can yes yes yes yes yes devices often be leveraged while phasing the network to the new solution or over time. Will send a VMware 510 Will ship a small appliance strategies offered for work Remote user VPN using LTE device to each home- (E50) to a user's home. from home or remote Remote user VPN using Remote user VPN using devices as VPN hubs. based user for QoS at the Remote user VPN using Can also integrate with Remote User Strategy employees (e.g., remote gateways and devices as gateways and devices as Some providers are edge, FEC, and LTE gateways or devices as remote user VPNs (like user VPN, sending a device VPN hubs VPN hubs offering to ship home- backup. VPN hubs Zscaler), but cannot sell to user's home, etc.) based users devices. them. may vary by provider AireSpring, AT&T, BCN AireSpring, AT&T, BCN Telecom, BullsEye Telecom, BullsEye Telecom, CBTS, CISSDM, Telecom, CBTS, CISSDM, Expereo, Granite, GTT, Expereo, Globalgig, Halo Global, Hypercore CISSDM, Comcast Granite, Halo Global, Cato Networks, Expereo, Networks, Lumen, MetTel, Business, Halo Global, service providers who will Hypercore Networks, Halo Global, Hypercore Granite, Halo Global, Mosaic NetworX, Lumen, NETRIO, Nitel, Solution Providers manage the respective Aryaka Lumen, Mosaic NetworX, Networks, Mosaic Oracle Communications NetFortris, NETRIO, New Peerless Networks (Call technologies NETRIO, NetWolves, NetworX, NETRIO Horizons One), Verizon, WCS / BCM Peerless Networks (Call Communications, One One), Securus RapidScale, Spectrotel, Communications, TPx Communications, Spectrotel, TPx WCS / BCM One, Communications, Verizon Windstream Enterprise