Cisco and AT&T today announced new solutions to enhance connectivity and advance the calling landscape for hybrid workforces. Whether on the shop floor, the top floor, at the branch office, the home office, or the commute in between, the modern workforce is not tethered to a single space, device, or geography. With the new offerings, including Cisco’s Webex Calling and SD-WAN solutions alongside AT&T mobile network, businesses of any size can offer employees a simple, secure, consistent experience to thrive in any setting.
The companies today announced plans that will help ensure a seamless and reliable mobile-first collaboration experience, allowing users the flexibility to take calls across multiple devices while traveling for work, running errands, and more.
With the dramatic increase in the use of mobile phones as the primary business device, enterprises need connectivity solutions that are easy to manage, secure, and provide the flexibility and reliability desired for work from anywhere. This integration addresses this need with key features including:
- Single number mobile identity: Combining the capabilities of an AT&T wireless smartphone with the native integration of Webex Calling will provide greater functionality and flexibility for on-the-go communication.
- Reduce costs: This integration helps enterprise customers lower costs by reducing or eliminating the need for traditional fixed business lines.
- Crystal clear voice: AT&T Cloud Voice with Webex Go allows users to securely make and receive business calls using AT&T’s fast, reliable nationwide mobile network and seamlessly elevate calls to a fully immersive Webex collaboration experience across the Webex App and devices1, with capabilities like closed captioning, noise removal, and white boarding.
- Fast, efficient, and secure collaboration: AT&T and Cisco’s joint solution will increase the ability to effectively and securely collaborate no matter the location, resulting in improved knowledge sharing and faster decision making.
AT&T Cloud Voice with Webex Go2 will be available for all Webex Calling users from Cisco partners in the United States later this year.
SD-WAN Connectivity without Compromise:
Demand for unified experiences over secure connectivity to the cloud and site-to-site continues to surge. Cisco and AT&T are working together to bring secure on-demand connectivity for SD-WAN with add-on services that may include over mobile 5G and fiber broadband to businesses of every size.
For small and medium businesses, AT&T is launching a new self-service option to simplify and accelerate SD-WAN deployment. Businesses can now easily connect, protect, manage, and scale their networks using AT&T Business Wi-Fi with Cisco Meraki.
For larger enterprises, AT&T SD-WAN with Cisco is a fully managed connectivity solution with embedded security and analytics. Enterprises can now confidently connect a user or device to any application in their multicloud using a secure access service edge (SASE)-enabled architecture. This delivers integrated security and application optimization for end-to-end visibility.
Cisco will also provide the ability to embed AT&T wireless connectivity into Cisco devices enabling zero touch provisioning for Cisco and AT&T customers, through AT&T Control Center powered by Cisco.
“The network is at the core of the modern workforce. The ability to get things done is no longer reliant on where you are, but how you are connected,” said Jonathan Davidson, Executive Vice President and General Manager of Cisco Networking. “Hybrid work only works when there is a seamless, consistent, and secure experience for workers, regardless of location. Together with AT&T, we are giving businesses what they need to securely connect everything and everyone—wherever they are. Because when everything is connected, then anything is possible.”
“Mobility is key to enabling hybrid work. Businesses want a seamless and reliable communication experience,” said Mike Troiano, Senior Vice President, Business Products, AT&T. “At the heart of our collaboration with Cisco is a shared vision to empower organizations with secure connectivity, unmatched reliability, and deep network expertise. By deeply integrating our technology, businesses can be assured their communications are built on a solid foundation. Together we are unlocking new levels of productivity, agility, and connectivity— enabling teams to thrive in the modern work landscape.”
Webex Go with AT&T’s Mobile Network
We help more than 100 million U.S. families, friends and neighbors, plus nearly 2.5 million businesses, connect to greater possibility. From the first phone call 140+ years ago to our 5G wireless and multi-gig internet offerings today, we @ATT innovate to improve lives. For more information about AT&T Inc. (NYSE:T), please visit us at about.att.com. Investors can learn more at investors.att.com.
Cisco is the worldwide technology leader that securely connects everything to make anything possible. Our purpose is to power an inclusive future for all by helping our customers reimagine their applications, power hybrid work, secure their enterprise, transform their infrastructure, and meet their sustainability goals. Discover more on The Newsroom and follow us on Twitter at @Cisco.
Network-as-a-service startup Graphiant has released a report suggesting MPLS and SD-WAN are insufficient for meeting enterprise networking needs, and that businesses are starting to gravitate towards NaaS products.
In a survey of 200 network architects and admins across North America, Graphiant highlighted three use cases MPLS and SD-WAN are “failing” to meet. According to respondents, the most difficult task is connecting with external entities, such as customers or other companies. Other challenges include connecting to enterprise resources, which has grown more complex due to the rise of remote work, as well as connectivity with public clouds.
“This happens every 10-11 years,” says Khalid Raza, founder & CEO of Graphiant. “I saw this in 2000 while pioneering MPLS at Cisco. I saw it when I co-founded Viptela in 2012. And now It’s time again for a new approach to the network edge.”
Respondents called out three critical uses cases:
- Enterprise connectivity has changed in recent years, with a surge in remote workers, remote offices, and IoT.
- Cloud connectivity is the second use case that stretches enterprise capabilities.
- And trends such as digital transformation and the service economy are pushing enterprises to connect more often with customers and partners.
“These new use cases are tough for MPLS and SD-WAN,” says Robert Spangler, Senior Network Engineer at Ballad Health. “MPLS is too slow to deploy and change and far too expensive. And SD-WAN can’t handle that number of tunnels.”
The survey shows enterprises aren’t happy with MPLS and SD-WAN for these new use cases. Network architects gave both technologies D’s and F’s for metrics such as scalability, agility, and cost.
Graphiant Founder and CEO Khalid Raza told Fierce Telecom while MPLS has the advantage of being private and doesn’t place a heavy operational burden on the enterprise, it’s expensive, slow to provision and its scalability is tied to the service provider.
“If the Provider Edge needs to be upgraded to provide the bandwidth, routing table or site increase…it will take a while to get done,” he said. Regarding SD-WAN, Raza noted it gives enterprises last mile flexibility and the ability to add commodity bandwidth. However, SD-WAN’s need for an overlay (a virtual network created on top of a physical network) for every underlay “create[s] a huge tunnel scale problem,” which leads to challenges with hardware and software licenses and increases the operational burden for enterprises.
“SD-WAN leverages public transport so connecting to the resources the enterprise needs should be simple, but it’s not,” said Raza. “The security, privacy and compliance concerns that public networks create a huge operational burden that enterprises aren’t prepared to handle.”
Mauricio Sanchez, Dell’Oro Group’s research director of network security, SASE and SD-WAN, said larger enterprises with more sophisticated networking needs and architectures usually run into problems with MPLS and SD-WAN. For MPLS, he brought up the cost component and how “few enterprises are happy with how long it takes carriers to provision or change.”
“With regards to SD-WAN, it’s done wonders in the last mile where access routers used to rule,” Sanchez told Fierce. “However, SD-WAN hasn’t penetrated the middle-mile as much where meshed-SD-WAN stands to replace classic BGP-based [Border Gateway Protocol] networking.”
He explained meshed SD-WAN is more common in the enterprise WAN core than on the WAN edge, meaning smaller branch offices likely have their SD-WAN CPE router connect with a single-head end. Sanchez also noted it’s not easy for enterprises to set up large meshed SD-WAN deployments, “usually because the equipment starts running out of steam.” VPN capacity is one example of an issue.
“So I wouldn’t paper everything in SD-WAN and MPLS as having ‘failed,’ but more so highlight that there are areas where definite improvement opportunity exists,” he concluded.
Author’s Note: I have been blown away by SD-WANs success as there are no standards and therefore no interoperability. Especially needed is a NNI standard that would interconnect different vendor specific SD-WANs to facilitate communications between two or more enterprise networks.
Graphiant’s report indicated more enterprises are thinking about implementing network-as-a-service solutions, with 62% of respondents saying they are “somewhat likely” to move to NaaS.
Launched last September, Graphiant has pitched a combination of MPLS-like performance in speed, scale and security with as-a-service agility. Raza told Fierce enterprises can connect to Graphiant’s core from any location – the data center, branch office, at home or the edge – and build their networks “in minutes instead of months.”
Separately, Graphiant in March closed a $62 million funding round led by Two Bear Capital, Sequoia Capital as well as other VC and private equity firms. The latest round brings Graphiant’s total funding to $96 million.
Comcast Business is expanding its SD-WAN portfolio to give more options to SMB customers. The MSO/ cableco on Friday announced two new solutions geared toward standalone business locations. Comcast says the new solutions cater to partners who need to connect to cloud and Software-as-a-Service (SaaS) applications.
The SD-WAN solutions enable small and medium businesses, with either a single location or multiple standalone locations, to help securely connect and manage their network, applications, and users. These businesses rely on SaaS applications and cloud services to operate, making secure networking a critical requirement. Comcast Business’ full range of global secure networking solutions provide connectivity, security, application optimization and control, as well as threat monitoring and response for single and multi-site customers.
In today’s digital economy, companies of all sizes need to provide their users fast, reliable, and secure connectivity to applications everywhere. This includes delivering high-quality, consistent, and predictable quality of experience for critical applications residing in the Cloud or SaaS and accessed via the public Internet. With the addition of these tailored SD-WAN solutions, Comcast Business can bring the benefits of secure networking to standalone and multi-site businesses around the world.
“Comcast Business’ global SD-WAN solutions are a central component of our secure network solutions strategy,” said Shena Seneca Tharnish, Vice President, Cybersecurity Products, Comcast Business. “With the addition of capabilities that support standalone sites, we are more prepared than ever to partner with businesses of all sizes to tailor solutions that meet their unique needs. At Comcast Business, we’re committed to preparing every business for what’s next.”
The enhancements to Comcast Business’ SD-WAN solutions enable secure networking and application optimization for single or multi-site businesses who need to connect to the Cloud or SaaS applications but may not require site-to-site networking. These solutions provide businesses with resiliency and visibility, as well as intelligent application prioritization and traffic steering, with advanced managed service. Key features include:
- Diverse connectivity, intelligent traffic steering, and direct connections to Cloud services enhance application performance and resiliency
- Advanced security capabilities to help protect against cyberthreats
- 24×7 Security Operations Center (SOC)
- Low-touch deployment capabilities provide easy installation
- Highly competitive pricing
These solutions are ideal for companies that lack IT budgets or a corporate network but need to support single locations with cloud connectivity using public Internet services.
Comcast Business was recognized as a leader by market research firm Frost & Sullivan in its 2022 Managed SD-WAN Services in North America report [1.]. At the time, Comcast was touted as the second-largest provider of SD-WAN connections in North America. Frost & Sullivan noted that the provider is “especially successful among enterprise customers with 250 or more sites.” The market research firm also gave a nod to Comcast’s strategic acquisition of SD-WAN leader Masergy and “the resultant portfolio enhancements and expanded partner ecosystem for SD-WAN and cloud solutions it has enabled.”
Note 1. Frost & Sullivan assessed 12 leading network and managed service providers in the North American market, analyzing their SD-WAN portfolios based on factors including partnerships with SD-WAN equipment vendors, breadth of underlay network technologies, self-service customer portals, and ability to offer value-added virtualized network functions (e.g., firewalls and routers) and other security solutions such as SASE.
Previously, Aryaka announced enhanced SD-WAN and SASE products specifically designed to meet the needs of SMEs with a new entry pricing of under $150 per site. Aryaka Chief Product Officer Renuka Nadkarni told SDxCentral that ease of management is another key concern for many small businesses, which is why so many prefer managed services. Dell’Oro Group predicted the untapped networking and security SMB market will grow significantly this year on the backs of providers who can offer managed services.
About Comcast Business:
Comcast Business offers a suite of Connectivity, Communications, Networking, Cybersecurity, Wireless, and Managed Solutions to help organizations of different sizes prepare for what’s next. Powered by the nation’s largest Gig-speed broadband network, and backed by 24/7 customer support, Comcast Business is the nation’s largest cable provider to small and mid-size businesses and one of the leading service providers to the Enterprise market. Comcast Business has been consistently recognized by industry analysts and associations as a leader and innovator, and one of the fastest growing providers of Ethernet services.
To learn more about Comcast Business SD-WAN solutions: https://business.comcast.com/enterprise/products-services/sd-wan-solutions/sd-wan
Gartner: changes in WAN requirements, SD-WAN/SASE assumptions and magic quadrant for network services
Backgrounder – SD-WAN and SASE:
A software-defined wide area network (SD-WAN) uses software-defined network technology, mostly to communicate over the Internet using overlay tunnels which are encrypted when destined for internal organization locations. If standard tunnel setup and configuration messages are supported by all of the network hardware vendors, SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism. This concept is similar to how software-defined networking implements virtualization technology to improve data center management and operation. In practice, proprietary protocols are used to set up and manage an SD-WAN, meaning there is no decoupling of the hardware and its control mechanism.
A key application of SD-WAN is to allow companies to build higher-performance WANs using lower-cost and commercially available Internet access. That enables businesses to partially or wholly replace more expensive private WAN connection technologies such as MPLS. When SD-WAN traffic is carried over the Internet, there are no end-to-end performance guarantees. In sharp contrast, Carrier MPLS VPN WAN services are not carried as Internet traffic, but rather over carefully-controlled carrier capacity, and do come with an end-to-end performance guarantee.
Gartner’s 2022 SD-WAN Magic Quadrant report identified Cisco, Fortinet, VMware, Palo Alto Networks, Hewlett Packard Enterprise (HPE) Aruba, and Versa Networks as market leaders. The analyst firm estimates the top 10 vendors make up more than 80% of the market. To determine SD-WAN leaders, Gartner reviewed vendors’ product capabilities such as the ability to operate as a branch office router, and having a centralized management for devices, zero-touch configuration, and VPN with a basic firewall. The analyst firm also reviewed vendors’ business and financial performance based on their volume of customers, sites, and contracts.
Gartner coined the acronym SASE (Secure Access Service Edge) in an August 2019 report The Future of Network Security in the Cloud and expanded its functionality in their 2021 Strategic Roadmap for SASE Convergence. SASE combines network security functions (such as SWG, CASB, FWaaS and ZTNA), with WAN capabilities (e.g. SD-WAN) to support businesses’ secure access needs. Previously, security for SD-WAN was an open, unresolved issue.
SASE is a holistic framework that brings security and networking connectivity together through a cloud-centric base. Businesses can save equipment, human and financial resources thanks to SASE’s underlying cloud design, and they can scale performance with minimal hardware needs.
Omdia Analyst Fernando Montenegro describes SASE as a “framework architecture, not a solution.”
MEF SD-WAN and SASE Standards:
In August 2019, the MEF published the industry’s first global standard defining an SD-WAN service and its service attributes. SD-WAN Service Attributes and Services (MEF 70). The MEF SD-WAN standard describes requirements for an application-aware, over-the-top WAN connectivity service that uses policies to determine how application flows are directed over multiple underlay networks irrespective of the underlay technologies or service providers who deliver them. However, it does not address interoperability because it does not specify either a UNI or NNI protocol stack.
MEF 70 defines:
- Service attributes that describe the externally visible behavior of an SD-WAN service as experienced by the subscriber.
- Rules associated with how traffic is handled.
- Key technical concepts and definitions like an SD-WAN UNI, the SD-WAN Edge, SD-WAN Tunnel Virtual Connections, SD-WAN Virtual Connection End Points, and Underlay Connectivity Services.
SD-WAN standardization offers numerous benefits that will help accelerate SD-WAN market growth while improving overall customer experience with hybrid networking solutions. Key benefits include:
- Enabling a wide range of ecosystem stakeholders to use the same terminology when buying, selling, assessing, deploying, and delivering SD-WAN services.
- Making it easier to interface policy with intelligent underlay connectivity services to provide a better end-to-end application experience with guaranteed service resiliency.
- Facilitating inclusion of SD-WAN services in standardized LSO architectures, thereby advancing efforts to orchestrate MEF 3.0 SD-WAN services across automated networks.
- Paving the way for creation and implementation of certified MEF 3.0 SD-WAN services, which will give users confidence that a service meets a fundamental set of requirements.
Last year MEF introduced an updated version of its SD-WAN standard, MEF 70.1, which added critical enhancements. MEF is also currently at work on version MEF W70.2 and MEF W119 Universal SD-WAN Edge, which will address the need for interoperability, among other things.
In December 2022, MEF published two Secure Access Service Edge (SASE) standards defining 1.] SASE service attributes, common definitions & a framework and 2.] a Zero Trust framework that together allow organizations to implement dynamic policy-based actions to secure network resources for faster decision making and implementation for enterprises. MEF’s SASE standard defines common terminology and service attributes which is critically important when buying, selling, and delivering SASE services. It also makes it easier to interface policy with security functions for cloud-based cybersecurity from anywhere. MEF’s Zero Trust framework defines service attributes to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.
- SASE Service Attributes and Service Framework Standard: specifies service attributes to be agreed upon between a service provider and a subscriber for SASE services, including security functions, policies, and connectivity services. The standard defines the behaviors of the SASE service that are externally visible to the subscriber irrespective of the implementation of the service. A SASE service based upon the framework defined in the standard enables secure access and secure connectivity of users, devices, or applications to resources for the subscriber. MEF’s SASE standard (MEF 117) includes SASE service attributes and a SASE service framework.
- Zero Trust Framework for MEF Services: The new Zero Trust Framework for MEF Services (MEF 118) defines a framework and requirements of identity, authentication, policy management, and access control processes that are continuously and properly constituted, protected, and free from vulnerabilities when implemented and deployed. This framework also defines service attributes, which are agreed between a subscriber and service provider, to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.
–>PLEASE SEE Pascal Menezes CTO of MEF COMMENTS BELOW THIS ARTICLE.
Enter SSE (Secure Service Edge):
In it’s above referenced 2021 report, Gartner defined SSE (Secure Service Edge) which is a separate entity that doesn’t include SD-WAN. “SSE is the security components of SASE focusing largely on the cloud access security broker, secure web gateway, and zero-trust network access products to enable secure use of the internet and cloud services for a hybrid workforce working from anywhere,” Gartner analyst Charlie Winckless told SDxCentral.
Telefónica tapped cloud security vendor Zscaler to develop a new managed SSE platform in a bid to address changing workforce dynamics and cloud consumption. The announcement illustrated a growing trend around the Gartner-coined product category, in which cloud security and SASE vendors alike announce “new” products and services around the buzzword.
But for the most part, these SSE products aren’t so much new as they’re rebranded and repackaged SASE services that’ve been stripped of their SD-WAN capabilities, if they ever had them in the first place. Zscaler’s SSE is built around the same Zscaler Internet Access and Zscaler Private Access products that, just a few months ago, it was calling SASE.
“The contrast is that SASE focuses on a user’s secure access needs as a part of the solution. SSE, on the other hand, mainly focuses on cloud-centric security services for the protection of users,” according to Juta Gurinaviciute, Forbes Councils Member and CTO for NordLayer, a remote access security provider. Gurinaviciute explained that SSE is SASE minus SD-WAN. SSE is essentially a way for enterprises to focus more on cloud-based security as a stepping stone to a full SASE service. She wrote:
As per Gartner’s suggestion, some companies may select a single-provider SASE offering, while others prefer partnered SD-WAN and SSE offerings from separate providers based on companies’ needs. Your business may have already invested in SD-WAN in advance. SSE would be a more meaningful choice in the short-term in such a case. If your company’s current setup doesn’t need SD-WAN, security may be a much more urgent requirement, in which case SSE would make more sense. Even if your organization only has a single regional branch or a simple branch, SSE may still be helpful.
Considering all of these reasons, SASE, the implementation of which may seem challenging and daunting for security professionals, can be done much faster with SSE adaptation first. The journey can be completed much more smoothly using this option, and SSE may benefit a wide range of companies that need robust protection.
“I think everybody’s really excited about SASE because enterprises keep asking about it,” Omdia Analyst Adeline Phua told Light Reading in a recent podcast. “It’s got so much buzz in the market.” However, Phua found that excitement about SASE/SSE hasn’t necessarily equated to mass adoption of the service. “We’re thinking that maybe adoption is really hitting that tipping point, only to find out when we talk to service providers and to enterprises that the adoption is really not there yet,” she added.
A Dell’Oro group July 2022 report found that the SSE market grew 40% year-over-year to more than $800 million in the first quarter. A December report noted that SSE achieved its tenth consecutive quarter of sequential revenue expansion in 3Q-2022. Dell’Oro’s Director of Network Security, SASE, and SD-WAN Mauricio Sanchez said the strong growth is a testament to more enterprises preferring cloud-delivered security over traditional on-premises solutions. Sanchez told SDX Central: “The growth factors that have existed largely since the pandemic started are still with us. That’s the shift to hybrid work, the shift of workloads to the cloud, and the importance of the digital experience.”
While Dell’Oro forecasts the overall SASE market to grow to $8 B for the full year 2023, an Omdia survey found that SD-WAN is only expected to achieve 87% market penetration at the end of 2023. Omdia’ Phua says that enterprises which are using SD-WAN aren’t deploying it at all their sites. Part of the problem stems from supply chain challenges triggered by COVID-19 which have resulted in a shortage of products and SD-WAN deployment delays.
Where service providers can make progress in assisting their enterprise customers’ adoption of SASE is by providing it as a managed service with significant value add “on top of just the staff, the platform itself,” explained Omdia’s Fernando Montenegro. That might look like providing more visibility into network health and potential security threats.
Phua echoed Montenegro’s assessment: “Service providers will still need to keep looking out for new innovations and what else can we onboard to make sure that is a more complete solution for the enterprise customers. So there’s still a lot of way to go in terms of this journey.”
Gartner: SASE tops Gartner list of 6 trends impacting Infrastructure & Operations over next 12 to 18 months
Dell’Oro: Secure Access Service Edge (SASE) market to hit $13B by 2026; Gartner forecasts $14.7B by 2025; Omdia bullish on security
A new IDC study, commissioned by GTC, reveals that over 95% of enterprises have deployed software-defined wide area networks (SD-WANs) or plan to do so within the next 24 months. However, nearly half (42%) reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all.
Enterprises today are facing what IDC calls “storms of disruption:” waves of economic, political, and social disruptions that are hampering companies’ efforts to become “truly digital enterprises” – like the Russia-Ukraine war, global recession, and industry-wide skills gaps. Networks need to support businesses in their move toward a cloud-native, digital-first, hybrid-working model of operation, and SD-WAN is now a cornerstone of network transformation, IDC stated in its GTT-commissioned study.
When asked to list the challenges they faced when taking a do-it-yourself (DIY) approach to SD-WAN, respondents cited difficulties related to hiring and retaining a skilled in-house workforce, keeping up with technology developments and the ability to negotiate favorable terms with technology vendors.
“Now that SD-WAN has matured and has been widely adopted, the complexity of deployments has grown, challenging enterprises on multiple fronts and compromising their ability to realize the full benefits of the technology,” said James Eibisch, research director, European Infrastructure and Telecoms, IDC.
“Enterprises are increasingly reliant on the resources and expertise of a managed service provider to ensure they deploy SD-WAN in a way best suited to their meet their organizations’ objectives. Security approaches like Secure Access Service Edge (SASE) [1.] that combine the benefits of SD-WAN with zero trust network access and content filtering features are well poised to dominate the next phase of SD-WAN enhancements as enterprises continue to enable the cloud IT model and a hybrid workforce.”
Note 1. SASE, when combined with a SD-WAN overlay network, is seen as a less expensive way to get circuits exactly where they are needed — especially to remote locations — than using traditional architectures like IP-MPLS. Scaling the enterprise WAN out to more user devices and more locations also becomes easier, a necessity at a time when hybrid and remote working continues to be popular.
The IDC survey found that more than 80% of respondents worldwide have either made SASE a priority (39%) or have recognized its benefits and are already incorporating it into company initiatives (42%). Only 19% of respondents worldwide reported they do not view SASE as a priority.
Despite this widespread recognition of the value of integrating security and SD-WAN, the survey found that many enterprises have not been able to leverage these benefits. In the U.S., 45% of respondents said they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all. In some countries, such as Switzerland and France, that figure was more than 50%. This trend held across vertical industries such as manufacturing (47%), retail (46%), healthcare (47%) and transportation (49%). Financial and business services were exceptions, with only 32% and 34%, respectively. Seven out of 10 respondents (71%) worldwide expect to use integrated security in the next 12 months.
Image Credit: Fortinet
“This IDC study highlights the critical role of expert managed services support for enterprises deploying SD-WAN. Experienced managed services providers can help integrate technology, connectivity and security, while also managing costs and increased complexity,” said Lisa Brown, CMO at GTT. “The research shows that a DIY approach to SD-WAN presents a number of challenges that can be addressed by teaming with a managed services provider.”
When respondents who were adopting a managed services approach to SD-WAN were asked for their reasons, many said they wanted to outsource day-to-day management tasks. The top reason cited by respondents globally for using a managed services provider was the benefit of always-on help desk support in local languages, with 36% citing this as a reason. Running a close second, 35% cited visibility, insights and control without the need for technology certification as a benefit. In addition, 34% cited ease of configuration management; the ability to manage, maintain and facilitate technology upgrades; and better protection against security threats.
Todd Kiehn, SVP at GTT, told SDxCentral, “There will be a continued evolution to SD-WAN integrated with cloud security over the coming year. The IT organization is going to require ever-increasing visibility into the actions of the end user. Consistently through our customers, prospects, CIO roundtables and through this recent research, the biggest obstacle enterprises are having in implementing new security solutions is finding and securing a staff with the necessary skills. The cybersecurity skill shortage particularly is a global problem.”
Companies that have no position on SD-WAN-specific security yet face the challenge of adopting these new technologies on their own or through managed service provider partnerships — either of which take time and resources.
“Enterprises can view SASE as a security architecture transformation alongside the deployment of SD-WAN. Our customers are deploying security to support their varied digital transformation initiatives such as work from anywhere, branch transformation or cloud migrations,” Kiehn noted.
“Security solutions based on the SASE framework provide choice and a roadmap to address the specific business needs of the enterprise such as enhancing the security posture of mobile users by replacing legacy VPN technology, improving security for guests and employees at brick and mortar locations, and developing a more comprehensive posture to support a hybrid cloud model,” Kiehn added.
GTT is a managed network and security services provider to global organizations. We design and deliver solutions that leverage advanced cloud, networking and security technologies. We complement our solutions with a suite of professional services and exceptional sales and support teams in local markets around the world. We serve thousands of national and multinational companies with a portfolio that includes SD-WAN, security, Internet, voice and other connectivity options. Our services are uniquely enabled by our top-ranked, global, Tier 1 IP backbone, which spans more than 260 cities on six continents. The company culture is built on a customer-first service experience reinforced by our commitment to operational excellence and continuous improvement in our business, environmental, social and governance practices. For more information, visit www.gtt.net.
The secure access service edge (SASE) market is expected to triple by 2026, exceeding $13 billion, representing a very healthy CAGR, according to a new forecast by Mauricio Sanchez, Research Director at the Dell’Oro Group. The report further divides the total SASE market into its two technology components, Security Service Edge (SSE) and SD-WAN with SSE expected to double the SD-WAN revenue for SASE. The report further breaks down the SSE market into FWaaS, SWG, CASB, and ZTNA.
Sanchez wrote in a blog post:
“Today, enterprises are thinking differently about networking and security. Instead of considering them as separate toolsets to be deployed once and infrequently changed, the problem and solution space is conceptualized along a continuum in the emerging view. The vendor community has responded with a service-centric, cloud-based technology solution that provides network connectivity and enforces security between users, devices, and applications.
SASE utilizes centrally-controlled, Internet-based networks with built-in advanced networking and security-processing capabilities. By addressing the shortcomings of past network and security architectures and improving recent solutions—in particular, SD-WAN and cloud-based network security—SASE aims to bring networking and security into a unified service offering.
While the networking technologies underpinning SASE are understood to be synonymous with well-known SD-WAN, the security facet of SASE consists of numerous security technologies, such as secure web gateway (SWG), cloud access security broker (CASB), zero-trust network access (ZTNA), and firewall-as-a-service (FWaaS). Recently, a new term, security services edge (SSE), emerged to describe this constellation of cloud-delivered network security services that is foundational in SASE.”
As noted above, Dell’Oro divides the total SASE market into two technology components: Security Service Edge (SSE) and SD-WAN with SSE. Security features such as Firewall-as-a-Service (FWaaS), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero Trust Network Access (ZTNA) fall under the umbrella of SSE, according to Dell’Oro. In addition, Dell’Oro predicts that the security component to SASE “will increasingly be the driver and lead SASE’s SSE to exhibit over twice the growth of SASE’s SD-WAN.”
Dell’Oro’s Sanchez wrote, “We see SASE continuing to thrive independent of the ongoing macro-economic uncertainty as enterprises strategically invest for the new age of distributed applications and hybrid work that need a different approach to connectivity and security. We anticipate that security will increasingly be the driver and lead SASE’s SSE to exhibit over twice the growth of SASE’s SD-WAN.”
Additional highlights from SASE and SD-WAN 5-Year Forecast Report:
- Within SSE, Secure Web Gateway (SWG) and Cloud Access Security Broker (CASB) are expected to remain the most significant revenue components over the five-year forecast horizon, but Zero Trust Network Access (ZTNA) and Firewall-as-a-Service (FaaS) are estimated to flourish at a faster rate.
- Unified SASE is expected to exceed disaggregated SASE by almost 6X.
- Enterprise access router revenue is expected to decline at over 5 percent CAGR over the forecast horizon.
Dell’Oro expects that under the umbrella of SSE, Secure Web Gateway and Cloud Access Security Broker will continue as the most significant revenue components over the five-year forecast horizon. However, Zero Trust Network Access and Firewall-as-a-Service are expected to grow at a faster rate.
Unified SASE, which Dell’Oro qualifies as the portion of the market that delivers SASE as an integrated platform, is expected to exceed disaggregated SASE by almost a factor of six over the next five years. The disaggregated type is defined as a multi-vendor or multi-product implementation with less integration than unified type. Dell’Oro also predicts that enterprise access router revenue could decline at over 5% CAGR by 2026.
Gartner has a more optimistic forecast of SASE revenue, predicting the market to reach $14.7 billion as early as 2025. “Gartner predicts that global spending on SASE will grow at a 36% CAGR between 2020 and 2025, far outpacing global spending on information security and risk management,” reported VentureBeat last month. According to Gartner, top SASE vendors include Cato Networks, Fortinet, Palo Alto Networks, Versa Networks, VMware and Zscaler.
These disparate predictions could be a result of the nascent nature of the SASE market, a convergence of networking and security services coined by Gartner in 2019. To address the varying definitions for SASE and resulting confusion on the part of enterprise customers, industry forum MEF plans to release SASE (MEF W117) standards this year. MEF started developing its SASE framework in 2020 to clarify service attributes and definitions. (See MEF adds application, security updates to SD-WAN standard and MEF’s Stan Hubbard on accelerating automation with APIs.)
Omdia’s [1.]research also shows security is a major driver for SASE adoption, according to Fernando Montenegro, senior principal analyst with Omdia. “Our own research indicates that end-user organizations value secure web browsing use cases (SWG, CASB, browsing isolation) particularly as they go further into their deployments of SASE projects,” said Montenegro in an email to Light Reading.
Note 1. Omdia and Light Reading are owned by Informa in the UK
Security is critical for organizations in what Omdia calls the age of “digital dominance” and by how the “demands on security teams – both in terms of time and expertise – make the delivery of security functionality via a services model particularly attractive,” Montenegro said.
SASE services also provide “good performance characteristics” when compared to enterprises utilizing their own VPN headends, and especially when hybrid work continues to be popular, added Montenegro.
The Metro Ethernet Forum (MEF) conducted a survey which showed that the top SD-WAN and SASE challenges are focused on coping with operating a multi-vendor environment. That’s to be expected since there are no standards for multi-vendor interoperability for either of those technologies. MEF surveyed 36 worldwide service provider experts to obtain its results.
The complexity of operating and managing multi-vendor SD-WAN, integrating security options and defining end-to-end service level agreements (SLAs) were the top three challenges.
The top Secure Access Service Edge (SASE) challenges focus more on education and standardization. The top challenges service providers face with SASE are the lack of industry standards, customer education and migration, vendors not offering a complete solution and operating in a multi-vendor environment.
MEF’s research also shows that both SD-WAN and SASE markets are on track to hit analyst expectations. “The global SD-WAN services market should hit double-digit revenue growth in 2022, while most providers who offered SASE in 2021 expect 50%-plus revenue growth in 2022 due to a significant uptick in rollout of SASE services and features,” MEF Principal Analyst Stan Hubbard told SDxCentral via email.
All service providers surveyed already have elements of a SASE offering or plan to introduce a SASE solution in 2022, according to this MEF survey.
“The top SD-WAN and SASE service provider challenges are in line with expectations for the different stages of these markets, On the SD-WAN front, one of the biggest aggravations for providers is the complexity of operating a multivendor environment, which is primarily due to the absence of interoperability among SD-WAN technology vendors. Providers have told us that their need to develop and maintain expertise on various SD-WAN vendor solutions increases skills and training burdens, creates operational inefficiencies, and adds costs. The situation is made worse today because the terminology, architectures, performance metrics, etc., of vendors differ since they do not all adhere to common standards,” Hubbard wrote.
“The SASE services market is in its very early days, confusing, and full of a host of challenges related to customer education, customer migration, lack of industry standards, the lack of complete SASE vendor solutions and more. Multiple service providers agreed the organizational challenge of integrating networking and security is ‘huge’ for customers migrating to a SASE solution. As a large service provider stated, “SASE will be a failure without organizational change” within both customers and service providers,” Hubbard added.
According to a new report by market research firm Omdia (owned by Informa in the UK ), SD-WAN revenue remained on track with forecasts reaching $3.6 billion in 2021. Edge computing, an increased use of machine learning (ML) and artificial intelligence (AI), and growth in IoT are also increasing demand for SD-WAN services, Omdia said. The SD-WAN market exceeded $1 billion in total revenue for Q4 2021, up 24% year-over-year. Amongst SD-WAN vendors, VMware led in 2021 with 18% market share for Q4, followed closely by Versa Networks (17%) and Cisco (13%). Both VMware and Cisco got to the top through various SD-WAN acquisitions. More importantly, SD-WANs (with application aware routing and an overlay network) seem to have totally replaced classical SDN based WANs (with strict separation of Data and Control place, centralized Network layer routing, and NO overlay networks) as we don’t hear anything about that previously ultra-hyped “pie in the sky” technology.
Omidia says that vendors which managed their supply chain, shipping, logistics or relied heavily on uCPE hardware fared the best in 2021. Power management integrated circuits (PMIC) remain the biggest bottleneck for server vendors; interface integrated circuits (ICs), microcontrollers and networking application-specific ICs (ASICs) are among the components in short supply impacting SD-WAN vendors, said Omdia. There are also growing opportunities for vendors and service providers to work together on delivering SD-WAN as a managed service as customer demand trends away from DIY (do it yourself) SD-WAN.
“There is a new opportunity for vendors and CSPs as the market transitions from providing optimization of application packet streams on single links with WAN optimization appliances to agility and cost savings enabled by virtualizing the WAN across multiple link types with SD-WAN,” added Omdia.
The SD-WAN market has also benefitted from increased deployment of cloud and multi-cloud services as a result of enterprise efforts to support a more distributed workforce. Omdia cites adoption of 5G as another driver for SD-WAN demand to “help deploy and manage network capability, connectivity and security cost-effectively.”
“Service providers are beginning to look to SD-WAN to provide traffic steering over 5G LTE links for use cases such as the Industrial Internet of Things (IIoT),” said Omdia. Security is also front-of-mind to protect remote workers but is frequently viewed more as “an additional layer than a priority when selecting an SD-WAN provider,” Omdia added.
SD-WAN deployments in the healthcare industry have also experienced significant growth due to increased reliance on mobile health devices and telehealth services.
Over the next two years, Omdia predicts that SD-WAN vendors will further integrate services to provide vendor interoperability for enterprise customers, and that AI automation technology will be added to SD-WAN software for automated real-time analysis and network optimization for application traffic.
By 2026, the SD-WAN market will reach $6.7 billion in revenue, according to Omdia’s forecast. That’s up from $3.6 billion revenue in 2021 and results in a CAGR of almost 20%.
AT&T continues as the #1 U.S. Carrier Managed SD-WAN provider in 2021 for the fourth consecutive year, as per Vertical Systems Group’s annual SD-WAN Leaderboard. Seven service providers each have 2% or more of the installed and billable Carrier Managed SD-WAN customer sites in the U.S. as of December 31, 2021.
“The U.S. Managed SD-WAN services market emerged from the pandemic in 2021 with solid growth in new site installations, driven by accelerated network transformations and more flexible solutions for customers,” said Rick Malone, principal of Vertical Systems Group. “Competition is heating up as evidenced by the shake up in top provider rankings on our year-end 2021 U.S. LEADERBOARD benchmark.”
Comcast Business rose two places to the No. 2 position on the Leaderboard, bumping down Hughes and Verizon to third and fourth place, respectively. Vertical Systems Group (VSG) says that Comcast Business’s rise on the Leaderboard is due to “organic growth” plus sites added from the acquisition of Masergy.
Three companies attained a Challenge Tier citation for 2021 (in alphabetical order): Fusion Connect, MetTel and TPx. This tier includes service providers with between one percent 1% and 2% share of U.S. Carrier Managed SD-WAN sites.
- Rankings changed for five of the seven market leading providers on Vertical’s 2021 U.S. Carrier Managed SD-WAN LEADERBOARD based on latest site share results as compared to the previous year.
- AT&T retains first position overall for the fourth consecutive year.
- Comcast Business rises to second position, up from fourth in 2020 based on site share that includes organic growth plus sites added from its Masergy acquisition.
- Hughes moves to third position, from second overall in 2020. Verizon moves into fourth position, a change from third in the previous year.
- Lumen advances to rank fifth, up from sixth position. Windstream drops to sixth position from fifth in 2020. Aryaka retains seventh position and rounds out the roster of top providers for 2021.
- Additionally, TPx drops into the 2021 Challenge Tier from the Leaderboard.
- MEF 3.0 SD-WAN Service Certification has been attained by five of the 2021 U.S. LEADERBOARD companies: AT&T, Comcast Business, Verizon, Lumen and Windstream. Each of these providers also has employees with MEF SD-WAN Certified Professional training certification.
- Primary technology suppliers to the service providers ranked on the 2021 Carrier Managed SD-WAN LEADERBOARD include Cisco, Fortinet, Versa and VMware. Additionally, SD-WAN providers Aryaka and Hughes utilize internally developed technologies.
Market Players include providers selling Carrier Managed SD-WAN services in the U.S. with site share below 1%, including global network providers that manage U.S. customer sites. For 2021, the Market Player tier includes the following companies (in alphabetical order):
AireSpring, American Telesis, Arelion, Astound Business, Bigleaf, bSimplify, BT Global Services, C Spire Business, CentraCom, Cincinnati Bell, Cogent, Colt, Consolidated Communications, Cox, Crown Castle, DQE Communications, FirstLight, Frontier, Great Plains Communication, GTT, InfoStructure, Intelsat, Lightpath, Logix Fiber Networks, Meriplex, NTT, Orange Business, PCCW Global, PS Lightwave, SDN Communications, Segra, SES, SingTel, Sparklight Business, Spectrum Enterprise, Syringa, T-Mobile, T-Systems, Tata, Telefonica, Telstra, Transtelco, Unite Private Networks, Uniti, Veracity Networks, Virgin Media Business, Vodafone, Zayo and others.
Vertical’s Definition – Carrier Managed SD-WAN Service:
Vertical Systems Group defines a Carrier Managed SD-WAN Service for segment analysis and share calculations as a carrier-grade offering for business customers that is managed by a network operator. Required components and functionality for these offerings include an SDN service architecture that provides dynamic optimization of traffic flows, a purpose-built SD-WAN appliance or CPE-hosted SD-WAN VNF at each customer edge site, support for multiple active underlay connectivity services, automated failover fast enough to maintain active sessions, and centralized network orchestration with traffic and application visibility end-to-end. Security capabilities may be supplied by a managed SD-WAN service provider based on customer requirements.
Aryaka®, a leader in fully managed Cloud-First WAN solutions, today published its 2022 State of the WAN Report, offering a compendium of insights into global SD-WAN and SASE planning. 1,600 information technology (IT) enterprise decision makers across global enterprises answered the survey, the largest response to the survey since its inception.
Key trends identified in this year’s report include:
- A quarter of the respondents state they have closed 25-50% of their office sites, dovetailing into overall hybrid work initiatives where 75% state that at least a quarter of their employees will remain remote permanently post-pandemic.
- Accelerating digital transformation initiatives also impact legacy data centers, with 51% planning to eliminate their use within the next 24 months as they move to the cloud.
- The surveyed group says Microsoft Teams (58%) and Office 365 (55%) are among the most widely adopted SaaS applications, followed by Zoom and Google Docs (35%).
- A quarter of respondents expect budgets to grow by 25% or more in the next year, with a full three-quarters projecting at least a 10% growth. Investment appears to be accompanied via cost savings.
- A move to simplify, adopting a more cloud-centric and agile approach, is driving convergence. In the context of network and security, trends include the Secure Access Service Edge (SASE), with 64% deploying or planning to deploy over the next year. Over two-thirds will opt for a managed SASE to help address complexity and costs, but challenges include complexity at 40%, a single or dual-vendor approach at 39%, and developing a phased migration strategy at 33%. Observability and control should help with deployments, identified by over two-thirds as a top imperative.
- 29% state that they are already deploying what they consider to be a SASE architecture, with another 56% planning to deploy in the next 12-24 months.
- What capabilities do the respondence require? The top responses are SD-WAN at 34%, a Cloud Secure Web Gateway (SWG) at 30%, and Firewall as a Service (FWaaS) at 17%.
“This year’s Aryaka State of the WAN includes many valuable insights backing up trends we see in the industry. These include the effects of hybrid work, with 75% projecting a quarter of their employees to remain at least part-time remote, and cloud connectivity demands skyrocketing with 51% planning to move away from traditional data centers over the next two years. Both initiatives will require more sophisticated network-as-a-service (NaaS) solutions with integrated security offerings,” said Scott Raynovich founder and chief analyst of Futuriom.
“The sixth edition of the Global State of the WAN (SOTW) is one of the largest such surveys in the world,” said Shashi Kiran, CMO of Aryaka. “It packages an enormous number of insights from decisions makers from all over the world, drawn from CIOs, CISOs as well as network, security and cloud practitioners. The 2022 edition reveals new enterprise trends on workplaces, cloud adoption, convergence and several other areas putting a spotlight on the impact of the Covid-19 pandemic in the process. We hope this resource serves as a handy companion for enterprise architects engaged in planning their WAN, security and cloud infrastructure for years ahead.”
SD-WAN vendors have long touted the technology’s application- and policy-based routing capabilities as the antidote to network performance and complexity. However, customers are increasingly looking for ways to offload that complexity and consolidate services under a single roof. “There’s a fragmented value chain for SD-WAN, which we’ve seen before and now for SASE as well,” Kiran said.
Of those surveyed, 45% said they were considering a consolidated SASE architecture, up from 39% last year. However, enterprises’ desire for managed services doesn’t stop at SD-WAN or SASE. Respondents expressed a desire for managed last-mile and multi-cloud connectivity. “There is inherent complexity in all of these areas and having something that is managed and delivered as a service appears to be important,” Kiran said.
Year-on-Year Trends and Shifting Priorities:
In Aryaka’s 2021 State of the WAN Report, 21% indicated that half of their workforce would be working remote post-pandemic. This year that number increased by 11%, with 32% reporting that at least half of their workforce would be permanently remote.
Collaboration and Productivity suites have gained traction. The Microsoft suite has gained momentum, with Teams identified by respondents as the most deployed application, growing its footprint by over half, from 34% in 2021 to 58% this year. Conversely, Google Docs dropped from 41% last year to 35% today with Microsoft 365 now at 55%.
For China, basic connectivity concerns dropped noticeably from the last report, at 45% in 2021 to 30% today. In contrast, compliance and regulatory issues are now in the lead at 50%.
A renewed interest in ROI was reflected in this year’s report, with 36% of those responding having cost concerns, an increase of 16% compared to last year. Though budgets are expected to increase by 25%, both for networking and security, the focus on ROI implies that these increases must be spent judiciously.
IT professionals were less concerned vs previous years about the newness of the technology (28% vs 31% in 2021), and whether applications will perform properly (29% vs 36% in 2021), speaking to a greater confidence in application support. As change management takes priority, there is an increased focus on observability and control, increasing by 9% (69% vs 60% last year).
Aryaka 6th Annual State of the WAN 2022 – Four Themes:
1. Acceleration of Remote and Hybrid Work: The report looks at challenges in supporting the hybrid workforce, hybrid work trends, and investments planned to support this new environment. 75% state that at least a quarter of their employees will remain hybrid post-pandemic, aligned with the closure of physical facilities, with a quarter stating they have closed 25-50% of their office sites. Effectively managing worker movement between on-premises and remote requires dynamic bandwidth reallocation, identified by 61% as very important.
2. Application Performance and Consumption: In addition, the report dives into the diversity of applications in use and resulting challenges, how enterprises plan to address these, and potential concerns. As noted earlier, collaboration and productivity applications like Microsoft Teams and Office 365 experienced some of the strongest growth, but there was an overall uptick in SaaS application adoption including Zoom (35%), Salesforce (28%), and SAP/HANA (25%). Performance still must improve, with 42% identifying slow performance for remote and mobile users a key issue, followed by 37% calling out slow performance at the branch.
3. Managing Complexity and Managed Services Adoption: The report addresses what managed services enterprises expect, including SD-WAN and SASE implementation plans and budgets, as well as perceived barriers to adoption. This section also looks at MPLS migration. In evaluating managed services, enterprises continue to demand more from their providers, and are looking for a wider set of offers, an all-in-one SD-WAN and SASE that includes the WAN (45%), security (67%), application optimization (40%), last mile management (29%), and multi-cloud connectivity (27%). The movement to SD-WAN and SASE also follows the movement away from MPLS, with 46% planning to terminate some or all contracts over the next year. Enterprises are generally bullish on their budgets, with a quarter expecting it to grow by 25% or more, and a total of three quarters expecting at least 10% growth.
4. Networking and Security Convergence Including a SASE Architecture: SASE represents a promise of a converged Cloud-First architecture, but there are concerns on complexity and adoption. 42% state that lackluster application performance is a time sink, and 34% consider security to be a major priority. This path to SASE adoption includes setting a strategy (35%), phasing out of legacy VPNs (32%), as well as consolidating cloud security with zero-trust (29%).
Top desired capabilities include a SWG (47%), SD-WAN (36%), and FWaaS (28%). Implementation concerns identified earlier are balanced by expected advantages that include time and cost reduction (37%), as well as agility (33%), while decision-making is still mostly distributed across networking and security, 41% state it is now consolidated. Finally, over two-thirds plan to consume SASE as a managed offer.
What are the biggest challenges you’re facing with your WAN?
Total Responses 1,386
- High complexity/difficult to manage or maintain 37%
- Slow access to cloud services & SaaS applications 33%
- Slow performance of on-premises applications 32%
- Long deployment times to bring up new sites 29%
- Lack of adequate security 28%
- Poor voice or video quality 23%
- High cost 20%
- Lack of visibility 20%
*Respondents chose maximum three responses
–>The WAN continues to be a challenge, impacting manageability, performance, security, agility, and cost.
The Sixth Annual Global Aryaka 2022 State of the WAN study surveyed over 1600 enterprise decision makers and practitioners including CIOs, CTOs, as well as IT, network, and security managers. Respondents were based in the Americas, EMEA, and APAC, with their companies representing every vertical, led by technology, software, manufacturing, financial, and retail. The survey asked respondents about their networking and performance challenges, priorities, and their plans for 2022 and beyond.
Download the Report:
Download Aryaka’s 6th Annual State of the WAN Report here.
MPLS to SD-WAN Migration (Source: Aryaka):
Aryaka’s fully managed SD-WAN and SASE solution leverages a flexible core architecture, FlexCoreTM, optimized for per-site and per-application performance requirements. It offers full per customer resource reservation, end-to-end, at a global level. The HybridWAN solution also leverages direct MPLS and public internet connectivity options.
Aryaka manages the last-mile internet link performance with patented technology to eliminate packet loss and deliver on superior latency and jitter performance. By leveraging a private global L2 network, Aryaka eliminates the issue of guaranteeing deterministic QoS when multiple service provider administrative domains are involved (which is almost always the case in a global network).
Aryaka customers rely on its architecture to deliver on better-than-MPLS performance at a global level and at reduced cost, either augmenting the existing MPLS infrastructure or replacing it altogether over time.