Gartner: changes in WAN requirements, SD-WAN/SASE assumptions and magic quadrant for network services
Global network service providers are responding to clients’ transformational WAN requirements to support greater agility and reliability for digital business initiatives. In its review and analysis of global network services providers, Gartner makes the following assumptions:
By 2025, 50% of new software-defined WAN (SD-WAN) purchases will be part of a single-vendor secure access service edge (SASE) offering, which is a major increase from 10% in 2022.
By the end of 2025, at least 30% of enterprises will employ software-defined cloud interconnect (SDCI) services to connect to public communication service providers (CSPs), which is an increase from approximately 10% in 2020.
By 2026, 70% of enterprises will have implemented software-defined wide-area networks (SD-WANs), compared with approximately 45% in 2021.
By 2026, 45% of the enterprise locations will use only internet services for their WAN connectivity.
Growing interest in services like managed SD-WAN and SASE are transforming the enterprise networking market. These are additional ways, rapidly deployed, that organizations can help improve the agility of providers’ network solutions and differentiate themselves to the enterprise audience.
Enhancements to flexible networking technologies, such as NoD and bring your own (BYO) access, offer greater support for self-service. They also offer the rapid accommodation of new endpoints and new applications (including cloud services and the Internet of Things [IoT]) while controlling the organization’s WAN expenditure.
Flexible sourcing approaches, such as network as a service (NaaS), are gaining interest, although offers are still emerging and should be closely examined against alternatives.
The growing use of internet services for WAN transport remains strong and has forced providers to reevaluate their own internet service offerings as well as the extent they partner to peer with local ISPs for greater geographic reach and differentiation.
Gartner has also observed an increased demand for Ethernet and wavelength services to effectively address regional requirements for data center connectivity and very high bandwidth circuits, which are integral to the hybrid solution.
Leader in this global Magic Quadrant for network services include: NTT, AT&T, Orange Business Services, Tata Communications, Vodafone, BT and Verizon.
Figure 1: Magic Quadrant for Network Services, Global
Source: Gartner (February 2023)
Some enterprises are moving to internet services for cost reasons as outdated WAN equipment requires the replacement of traditional branch routers, according to Gartner Analyst Danielle Young. Legacy equipment is often being replaced with SD-WAN appliances and solutions, which Young said is “causing a relook at the WAN overall.”
“SD-WAN provides dynamic path selection based on business or application policy, centralized policy and management of appliances, virtual private network, and zero-touch configuration,” she told SDxCentral.
SD-WAN products are WAN transport- and carrier-agnostic, and notably can create secure paths across all WAN connections, including private, public, and wireless. SD-WAN products can also be hardware- or software-based and either managed directly by enterprises or embedded in a managed service offering, Young noted.
“Most often, enterprises are migrating from private networks to create hybrid networks, which utilize a range of connectivity options depending on bandwidth, reliability, and necessity, including using more readily available internet services,” she said. “Security will need to be addressed regardless of WAN connectivity (private or internet-based); and can be addressed through a variety of different approaches.”
Gartner forecasts that the market for enterprise fixed data networking services in 2023 will be nearly $134 billion, an increase of approximately 2.6% from 2022 for a compound annual growth rate (CAGR) of 1.9% from 2021 through 2026. The number of global NSPs included in this research has decreased, and many more are operating in the broader market and did not meet all our inclusion criteria. In addition to large global providers, enterprises are increasingly willing to consider smaller or regional providers, including managed service providers, with little or no network infrastructure of their own, but who resell network services to their enterprise clients where needed.
Network Transport (“Underlay”) Trends:
WAN transport services (frequently called “underlay” services) continue to see rapid change, especially in terms of migrations and changes to primary connectivity. MPLS — the mainstay of enterprise networks for over two decades — is being augmented and often displaced by internet (transport) services. And while MPLS still brings benefits in terms of high availability and stable performance, it commands a slight premium in price to standard internet services. MPLS is still preferred as the primary link for the most critical locations and in places where internet performance is poor or variable, which includes emerging markets and those where the internet is heavily restricted, resulting in poor performance. The net result is a smaller number of higher-capacity MPLS lines being retained or deployed in new network designs.
Gartner has witnessed that many enterprises using a hybrid of internet and MPLS usually have more and larger internet lines than MPLS lines. Direct internet connectivity allows direct access to SaaS and general internet traffic and offers a wider variety of access types than MPLS, including dedicated internet access (DIA) over Ethernet, as well as broadband and cellular. DIA lines are typically priced similarly to MPLS lines of comparable capability, but can easily be sourced from multiple providers, while MPLS links generally need to be sourced from a single provider.
For global network deployments, traversing the internet brings additional challenges not found in national networks, including the risk of suboptimal routing and congestion as the traffic traverses multiple ISPs. There are a number of ways of overcoming this, including:
Sourcing all internet services from a single provider
Federations of ISPs that offer controlled routing among their members
Network-based SD-WAN gateways terminating the SD-WAN tunnels and passing the traffic over the provider’s backbone
Enhanced internet services that control routing in a way that is agnostic to ISPs and specific SD-WAN technology
Different providers have adopted different approaches from these options and may have multiple options available. Providers who have developed a differentiated internet approach include BT, Deutsche Telekom, NTT, Tata Communications and Vodafone.
Enterprises’ pace of adoption of cloud IT service delivery remains key to transforming their WAN architectures. Fortunately for enterprises, global NSPs have deployed a range of capabilities to address enterprises’ cloud connectivity needs (see How to Optimize Network Connectivity Into Public Cloud Providers The providers in this Magic Quadrant all offer CBCI service directly from their MPLS and Ethernet networks to the top three leading cloud service providers at a minimum. The key differentiators are with the connected specific cloud providers and cities, and the ability to add virtualized services (such as security) into the cloud connection points.
These CBCI services typically allow for the adjustment of capacity — and in some cases, the addition of new cloud endpoints — on demand under portal and/or API control. Such on-demand services may also be extended beyond cloud connectivity to larger enterprise locations and even used for the creation of extranet connections between enterprises. These “network on demand” services typically support bandwidth changes and policy modifications and allow multiple services such as internet and MPLS to be provisioned over a single access line and adjusted as required.
Access Technology Trends:
Traditional leased-line access, such as T1 or E1 lines, to internet services or MPLS are no longer proposed in new deals, except in very rare instances, such as in rural locations or some emerging markets. Pricing for these legacy service types is increasing, and in many cases, the services are reaching the end of their life (see Quick Answer Quick Answer: My Legacy Telecom Service Is Being Shut Down, So What Should I Do?) thereby forcing enterprises to be proactive in identifying new services and potentially new providers.
These legacy access lines have largely been replaced by optical Ethernet access to MPLS and internet, at 10 Mbps, 100 Mbps, 1 gigabit per second (Gbps) or 10 Gbps. The economics of Ethernet access remain attractive, resulting in a tenfold increase in speed, but typically increasing cost by only two to three times. In fact, in developed markets, enterprises now tend to purchase access lines with much higher speeds than they initially require, with the port capacity limited to their current needs. This allows them to easily and quickly upgrade capacity in response to changing requirements.
For smaller, less critical or remote locations, broadband (increasingly, “superfast broadband,” such as VDSL, cable modem or passive optical network [PON]) is the access technology of choice, despite having no SLAs or poorer SLAs than Ethernet access. In some geographies, including the U.S., internet providers have also introduced new access options labeled “business broadband” that offer only incremental SLA improvements compared with consumer offerings. When enterprises require large numbers of broadband connections, they can sometimes find that they are able to get better pricing than that offered by global service providers by sourcing broadband access directly or from aggregators. Many providers now support “bring your own broadband,” which refers to the service provider delivering managed services over broadband sourced by the enterprise.
Gartner is also seeing a renewed and growing demand for Ethernet WAN and wavelength services, in addition to the hybrid network needs. These services have started to regain traction as opportunities to meet very large bandwidth needs (100G) and be utilized more efficiently in a regional or metro environment to support local data centers. Although custom priced, overall pricing continues to decline as the supply of the underlying facilities are more readily available.
Finally, cellular connectivity (4G and emerging 5G) increasingly is being used for backup, rapid deployment or temporary locations, although it does not typically offer network performance or availability SLAs. As with broadband, enterprises may be able to get attractive deals for data-only mobile services themselves, which will then be managed by their global provider.
Network Overlay Trends:
New global network proposals are almost exclusively based on managed SD-WAN services with either a hybrid mix on MPLS and internet or all-internet-based underlay links. The global network providers have most commonly developed a portfolio of three to six SD-WAN vendors because the market is more fragmented and differentiated than the legacy CPE market it is replacing. In fact, Gartner believes that providers should support at least two SD-WAN vendors, offer strong integration and demonstrate a strong customer base. Providers that support a large number of SD-WAN vendors (10-plus) but have limited integration and fewer customers could present higher risks to the enterprise.
Some providers offer network-based SD-WAN gateways, allowing for easier migration to SD-WAN and improved scalability. Such gateways allow the network to use the internet for access and use the providers’ higher-quality backbones for the long haul, greatly improving reliability and performance. A similar outcome can be achieved by using stand-alone enhanced internet backbone services on ISP federations.
Managed SD-WAN services typically offer the option of local internet access (split tunneling) from every site, which is especially useful for access to SaaS applications, such as Microsoft Office 365. Perimeter security can be provided on-site or as a cloud-based service and is increasingly integrated into the WAN design that Gartner calls the secure access service edge (SASE).
An increasing number of global WANs incorporate managed application visibility, with some providers now offering application-level visibility by default. SD-WAN services, which operate based on application-level policies, also typically offer inherently higher levels of application visibility. WAN optimization is still deployed for some specific use cases where bandwidth is either limited (e.g., very small aperture terminal [VSAT]) or expensive (e.g., the Persian Gulf region).
Network functions such as edge routing, SD-WAN, security, WAN optimization and visibility can be delivered as on-site appliances. However, many providers prefer a uCPE VNF approach versus POP VNFs to support greater geographic breadth to the enterprise. Whether VNFs are running in NFV service nodes in the provider’s POPs or via on-premises uCPEs, which are essentially industry-standard servers deployed at the customers’ locations, either approach can support one or more virtual functions. This makes it easy to rapidly change the functions deployed in the network, which are also usually consumed as-a-service with a monthly subscription fee for each function. Some providers allow customers to run their own software, including edge compute applications, on these platforms. Ideally, a provider will offer both options to the enterprise.
All providers evaluated in this Magic Quadrant offer uCPE. The average number of unique uCPE vendors per provider remained the same at 2.6, and the average number of unique CPE-based VNF functions (typically consisting of SD-WAN, router, firewall and WAN optimization) has increased to 6.2. Many providers have added more vendors to a VNF, especially in the case of security. The average number of countries where uCPE and premises-based VNFs are offered is 144. In contrast, network-based VNFs are available in a much smaller number of countries (34 on average), although the number of average unique VNFs is similar to uCPE-based functions (5.9).
The network service providers are continuing to roll out managed SASE offerings as either best-of-breed dual vendor or single-vendor SASE solutions. This can eliminate the need to service chain and orchestrate SD-WAN functionality and several network security functions, thereby simplifying management and, often, offering better overall performance due to less complexity.
Automation and Operational Trends:
Global networks are also becoming more complex because transport is becoming a hybrid of MPLS and internet with cloud endpoints and a variety of backbone options. SD-WAN and NFV technologies add even more complexity. In addition, the internet, especially using broadband or cellular access, is an inherently less predictable service than MPLS. Visibility capabilities — sometimes referred to as performance analytics — can help by enabling enterprises to see the actual performance of their applications. Enhancements continue around performance reporting tools and portals, enabling the enterprise with improved visibility at the network application layers. And with a focus on continuing to enhance the customer experience, customer satisfaction with global NSPs is improving.
NSPs remain focused on improving their lead times, although they remain constrained by the lead times of third-party/local access providers. The increasing speeds of cellular services are making this technology more useful as a rapid deployment (interim) solution to bridge the gap of waiting for fixed connectivity. In addition, it provides a truly diverse backup option. However, the hype around 5G cellular replacing fixed connectivity should be treated with caution, due to maturity issues — especially lack of SLAs and coverage limitations (see Quick Answer: 3 Questions to Answer Before Buying Enterprise 5G).
Providers continue to improve their SLAs with more realistic objectives and more meaningful penalties for failing to meet those objectives. They are increasingly improving to include the right to cancel the contract in the event of chronic breach, ensure on-time delivery, require proactive notification, and complete timely change requests.
In a new trend Gartner has seen this year, many providers have begun adopting artificial intelligence for IT operations (AIOps) and network automation for service onboarding and customer experience improvements. AI is also being leveraged to simulate issues and provide predictive analytics for service improvement and reduced downtime or service degradation (see CSP Tech Trends for 2022: Implications for Network Infrastructure Providers).
Providers are increasingly focused on providing the managed network service “overlay” platform typically using SD-WAN, and optionally security (SASE), which can be delivered from cloud-native platforms or (less often) by using NFV/uCPE. The providers are more willing to support “bring your own access” and other flexible sourcing approaches for the “underlay” network transport components.
However, the majority of enterprises still buy most of their underlay services from their overlay provider, especially when using a hybrid underlay — that is, mixing MPLS and internet access. This integrated sourcing approach is the primary focus of this Magic Quadrant. Enterprises focused specifically on enterprise network operations services can consider most of the providers evaluated in this research, and also those in Magic Quadrant for Managed Network Services.
Most global network service providers are continuing to move toward a more platform-based approach using a software-driven, as-a-service model leveraging rich visibility and self-service via portals and APIs. A benefit of this approach is the ability to offer enterprises the opportunity for co-management where they can themselves manage aspects of the network, such as application and security policies, with benefits in terms of enhanced agility.
In addition, newer NaaS offerings offer a simplified consumption model with usage or subscription-based pricing, which may appeal from a sourcing perspective. However, NaaS appeals to only a small subset of enterprise customers that, among other things, don’t want to own hardware, perceive subscription-based pricing as optimal and have variable bandwidth needs (see What Is NaaS, and Should I Adopt It?).
Downward pressure on global network service prices remains steady during the pandemic, and managed services pricing has also remained steady, though it will be carefully watched as the economy fluctuates and the talent crunch remains in play. To address cost containment amid providers’ investment strategies, some are focusing on extending their own networks, especially internet services, while others rely heavily on expanded partnerships with local providers. Most providers are making greater use of carrier-neutral communication hubs, such as those operated by Equinix, to cost-effectively interconnect with multiple access, backbone and cloud providers.
These hubs, particularly when combined with NFV and/or SD-WAN, have dramatically reduced the level of investment required to be competitive in the global network service market. This has allowed smaller providers to offer solutions competitive with those of the largest providers. However, maintaining a consistent set of service features and user experiences across these different elements remains a challenge.
Managed Services Trends:
Most global WANs are delivered on a managed service basis, with the on-site devices, such as routers and security appliances, provided and managed by the service provider. Transport links are usually sourced from the managed service provider, but might also be separately sourced by the enterprise, which would then give the managed service provider operational responsibility for them. The U.S. is different because, although a substantial fraction of U.S.-headquartered multinationals do use managed network services, a significant number still manage their networks in-house and only source the network underlay from their global providers.
At the same time, networks are moving more to a co-managed reality because more network functions — such as SD-WAN application policies, security policies and NoD bandwidth — are controllable by the enterprise via the providers’ portals and APIs. In this case, responsibilities for various network management functions are divided between the provider and the enterprise. This is especially true when network perimeter security functions are integrated into the SD-WAN solution (SASE), where a separate organization will often control the security policies and actions.
Magic Quadrant for Network Services, Global, Published 22 February 2023 – ID G00766979 (Gartner subscription required to access)