MEF survey reveals top SD-WAN and SASE challenges

The Metro Ethernet Forum (MEF) conducted a survey which showed that the top SD-WAN and SASE challenges are focused on coping with operating a multi-vendor environment. That’s to be expected since there are no standards for multi-vendor interoperability for either of those technologies. MEF surveyed 36 worldwide service provider experts to obtain its results.

The complexity of operating and managing multi-vendor SD-WAN, integrating security options and defining end-to-end service level agreements (SLAs) were the top three challenges.

The top Secure Access Service Edge (SASE) challenges focus more on education and standardization. The top challenges service providers face with SASE are the lack of industry standards, customer education and migration, vendors not offering a complete solution and operating in a multi-vendor environment.

MEF’s research also shows that both SD-WAN and SASE markets are on track to hit analyst expectations. “The global SD-WAN services market should hit double-digit revenue growth in 2022, while most providers who offered SASE in 2021 expect 50%-plus revenue growth in 2022 due to a significant uptick in rollout of SASE services and features,” MEF Principal Analyst Stan Hubbard told SDxCentral via email.

All service providers surveyed already have elements of a SASE offering or plan to introduce a SASE solution in 2022, according to this MEF survey.

“The top SD-WAN and SASE service provider challenges are in line with expectations for the different stages of these markets, On the SD-WAN front, one of the biggest aggravations for providers is the complexity of operating a multivendor environment, which is primarily due to the absence of interoperability among SD-WAN technology vendors. Providers have told us that their need to develop and maintain expertise on various SD-WAN vendor solutions increases skills and training burdens, creates operational inefficiencies, and adds costs. The situation is made worse today because the terminology, architectures, performance metrics, etc., of vendors differ since they do not all adhere to common standards,” Hubbard wrote.

“The SASE services market is in its very early days, confusing, and full of a host of challenges related to customer education, customer migration, lack of industry standards, the lack of complete SASE vendor solutions and more. Multiple service providers agreed the organizational challenge of integrating networking and security is ‘huge’ for customers migrating to a SASE solution. As a large service provider stated, “SASE will be a failure without organizational change” within both customers and service providers,” Hubbard added.

References:

https://www.sdxcentral.com/articles/analysis/sase-sd-wan-markets-to-see-double-digit-growth-in-2022-mef/2022/05/

Shift from SDN to SD-WANs to SASE Explained; Network Virtualization’s important role

MEF New Standards for SD-WAN Services; SASE Work Program

 

Omdia: VMware and Versa Networks are SD-WAN revenue leaders; SD-WAN market to hit $6.7B by 2026

According to a new report by market research firm Omdia (owned by Informa in the UK ), SD-WAN revenue remained on track with forecasts reaching $3.6 billion in 2021.  Edge computing, an increased use of machine learning (ML) and artificial intelligence (AI), and growth in IoT are also increasing demand for SD-WAN services,  Omdia said.  The SD-WAN market exceeded $1 billion in total revenue for Q4 2021, up 24% year-over-year.   Amongst SD-WAN vendors, VMware led in 2021 with 18% market share for Q4, followed closely by Versa Networks (17%) and Cisco (13%).   Both VMware and Cisco got to the top through various SD-WAN acquisitions.  More importantly, SD-WANs (with application aware routing and an overlay network) seem to have totally replaced classical SDN based WANs (with strict separation of Data and Control place, centralized Network layer routing, and NO overlay networks) as we don’t hear anything about that previously ultra-hyped “pie in the sky” technology.

Omidia says that vendors which managed their supply chain, shipping, logistics or relied heavily on uCPE hardware fared the best in 2021. Power management integrated circuits (PMIC) remain the biggest bottleneck for server vendors; interface integrated circuits (ICs), microcontrollers and networking application-specific ICs (ASICs) are among the components in short supply impacting SD-WAN vendors, said Omdia. There are also growing opportunities for vendors and service providers to work together on delivering SD-WAN as a managed service as customer demand trends away from DIY (do it yourself) SD-WAN.

“There is a new opportunity for vendors and CSPs as the market transitions from providing optimization of application packet streams on single links with WAN optimization appliances to agility and cost savings enabled by virtualizing the WAN across multiple link types with SD-WAN,” added Omdia.

The SD-WAN market has also benefitted from increased deployment of cloud and multi-cloud services as a result of enterprise efforts to support a more distributed workforce. Omdia cites adoption of 5G as another driver for SD-WAN demand to “help deploy and manage network capability, connectivity and security cost-effectively.”

“Service providers are beginning to look to SD-WAN to provide traffic steering over 5G LTE links for use cases such as the Industrial Internet of Things (IIoT),” said Omdia. Security is also front-of-mind to protect remote workers but is frequently viewed more as “an additional layer than a priority when selecting an SD-WAN provider,” Omdia added.

SD-WAN deployments in the healthcare industry have also experienced significant growth due to increased reliance on mobile health devices and telehealth services.

Over the next two years, Omdia predicts that SD-WAN vendors will further integrate services to provide vendor interoperability for enterprise customers, and that AI automation technology will be added to SD-WAN software for automated real-time analysis and network optimization for application traffic.

By 2026, the SD-WAN market will reach $6.7 billion in revenue, according to Omdia’s forecast.  That’s up from $3.6 billion revenue in 2021 and results in a CAGR of almost 20%.

References:

https://www.lightreading.com/sd-wan/omdia-sd-wan-boosted-by-5g-edge-computing-growth/d/d-id/776851?

Dell’Oro: SD-WAN market grew 45% YoY; Frost & Sullivan: Fortinet wins SD-WAN leadership award

MEF New Standards for SD-WAN Services; SASE Work Program

VSG Global SD-WAN Leaderboard Rankings and Results

AT&T tops VSG’s U.S. Carrier Managed SD-WAN Leaderboard for 4th year

 

 

AT&T tops VSG’s U.S. Carrier Managed SD-WAN Leaderboard for 4th year

AT&T continues as the #1 U.S. Carrier Managed SD-WAN provider in 2021 for the fourth consecutive year, as per Vertical Systems Group’s annual SD-WAN Leaderboard.  Seven service providers each have 2% or more of the installed and billable Carrier Managed SD-WAN customer sites in the U.S. as of December 31, 2021.

“The U.S. Managed SD-WAN services market emerged from the pandemic in 2021 with solid growth in new site installations, driven by accelerated network transformations and more flexible solutions for customers,” said Rick Malone, principal of Vertical Systems Group. “Competition is heating up as evidenced by the shake up in top provider rankings on our year-end 2021 U.S. LEADERBOARD benchmark.”

Comcast Business rose two places to the No. 2 position on the Leaderboard, bumping down Hughes and Verizon to third and fourth place, respectively. Vertical Systems Group (VSG) says that Comcast Business’s rise on the Leaderboard is due to “organic growth” plus sites added from the acquisition of Masergy.

Three companies attained a Challenge Tier citation for 2021 (in alphabetical order): Fusion Connect, MetTel and TPx. This tier includes service providers with between one percent 1% and 2% share of U.S. Carrier Managed SD-WAN sites.

Research Highlights:

  • Rankings changed for five of the seven market leading providers on Vertical’s 2021 U.S. Carrier Managed SD-WAN LEADERBOARD based on latest site share results as compared to the previous year.
  • AT&T retains first position overall for the fourth consecutive year.
  • Comcast Business rises to second position, up from fourth in 2020 based on site share that includes organic growth plus sites added from its Masergy acquisition.
  • Hughes moves to third position, from second overall in 2020. Verizon moves into fourth position, a change from third in the previous year.
  • Lumen advances to rank fifth, up from sixth position. Windstream drops to sixth position from fifth in 2020. Aryaka retains seventh position and rounds out the roster of top providers for 2021.
  • Additionally, TPx drops into the 2021 Challenge Tier from the Leaderboard.
  • MEF 3.0 SD-WAN Service Certification has been attained by five of the 2021 U.S. LEADERBOARD companies: AT&T, Comcast Business, Verizon, Lumen and Windstream. Each of these providers also has employees with MEF SD-WAN Certified Professional training certification.
  • Primary technology suppliers to the service providers ranked on the 2021 Carrier Managed SD-WAN LEADERBOARD include Cisco, Fortinet, Versa and VMware. Additionally, SD-WAN providers Aryaka and Hughes utilize internally developed technologies.

Market Players include providers selling Carrier Managed SD-WAN services in the U.S. with site share below 1%, including global network providers that manage U.S. customer sites. For 2021, the Market Player tier includes the following companies (in alphabetical order):

AireSpring, American Telesis, Arelion, Astound Business, Bigleaf, bSimplify, BT Global Services, C Spire Business, CentraCom, Cincinnati Bell, Cogent, Colt, Consolidated Communications, Cox, Crown Castle, DQE Communications, FirstLight, Frontier, Great Plains Communication, GTT, InfoStructure, Intelsat, Lightpath, Logix Fiber Networks, Meriplex, NTT, Orange Business, PCCW Global, PS Lightwave, SDN Communications, Segra, SES, SingTel, Sparklight Business, Spectrum Enterprise, Syringa, T-Mobile, T-Systems, Tata, Telefonica, Telstra, Transtelco, Unite Private Networks, Uniti, Veracity Networks, Virgin Media Business, Vodafone, Zayo and others.

Vertical’s Definition – Carrier Managed SD-WAN Service:

Vertical Systems Group defines a Carrier Managed SD-WAN Service for segment analysis and share calculations as a carrier-grade offering for business customers that is managed by a network operator. Required components and functionality for these offerings include an SDN service architecture that provides dynamic optimization of traffic flows, a purpose-built SD-WAN appliance or CPE-hosted SD-WAN VNF at each customer edge site, support for multiple active underlay connectivity services, automated failover fast enough to maintain active sessions, and centralized network orchestration with traffic and application visibility end-to-end. Security capabilities may be supplied by a managed SD-WAN service provider based on customer requirements.

New Findings in Aryaka’s 2022 State of the WAN Report: Cloud Adoption, Hybrid Workplaces, Convergence of Network and Security with SASE

Overview:

Aryaka®, a leader in fully managed Cloud-First WAN solutions, today published its 2022 State of the WAN Report, offering a compendium of insights into global SD-WAN and SASE planning. 1,600 information technology (IT) enterprise decision makers across global enterprises answered the survey, the largest response to the survey since its inception.

Key trends identified in this year’s report include:

  • A quarter of the respondents state they have closed 25-50% of their office sites, dovetailing into overall hybrid work initiatives where 75% state that at least a quarter of their employees will remain remote permanently post-pandemic.
  • Accelerating digital transformation initiatives also impact legacy data centers, with 51% planning to eliminate their use within the next 24 months as they move to the cloud.
  • The surveyed group says Microsoft Teams (58%) and Office 365 (55%) are among the most widely adopted SaaS applications, followed by Zoom and Google Docs (35%).
  • A quarter of respondents expect budgets to grow by 25% or more in the next year, with a full three-quarters projecting at least a 10% growth. Investment appears to be accompanied via cost savings.
  • A move to simplify, adopting a more cloud-centric and agile approach, is driving convergence. In the context of network and security, trends include the Secure Access Service Edge (SASE), with 64% deploying or planning to deploy over the next year. Over two-thirds will opt for a managed SASE to help address complexity and costs, but challenges include complexity at 40%, a single or dual-vendor approach at 39%, and developing a phased migration strategy at 33%. Observability and control should help with deployments, identified by over two-thirds as a top imperative.
  • 29% state that they are already deploying what they consider to be a SASE architecture, with another 56% planning to deploy in the next 12-24 months.
  • What capabilities do the respondence require?  The top responses are SD-WAN at 34%, a Cloud Secure Web Gateway (SWG) at 30%, and Firewall as a Service (FWaaS) at 17%.

“This year’s Aryaka State of the WAN includes many valuable insights backing up trends we see in the industry. These include the effects of hybrid work, with 75% projecting a quarter of their employees to remain at least part-time remote, and cloud connectivity demands skyrocketing with 51% planning to move away from traditional data centers over the next two years. Both initiatives will require more sophisticated network-as-a-service (NaaS) solutions with integrated security offerings,” said Scott Raynovich founder and chief analyst of Futuriom.

“The sixth edition of the Global State of the WAN (SOTW) is one of the largest such surveys in the world,” said Shashi Kiran, CMO of Aryaka. “It packages an enormous number of insights from decisions makers from all over the world, drawn from CIOs, CISOs as well as network, security and cloud practitioners. The 2022 edition reveals new enterprise trends on workplaces, cloud adoption, convergence and several other areas putting a spotlight on the impact of the Covid-19 pandemic in the process. We hope this resource serves as a handy companion for enterprise architects engaged in planning their WAN, security and cloud infrastructure for years ahead.”

SD-WAN vendors have long touted the technology’s application- and policy-based routing capabilities as the antidote to network performance and complexity. However, customers are increasingly looking for ways to offload that complexity and consolidate services under a single roof. “There’s a fragmented value chain for SD-WAN, which we’ve seen before and now for SASE as well,” Kiran said.

Of those surveyed, 45% said they were considering a consolidated SASE architecture, up from 39% last year. However, enterprises’ desire for managed services doesn’t stop at SD-WAN or SASE. Respondents expressed a desire for managed last-mile and multi-cloud connectivity. “There is inherent complexity in all of these areas and having something that is managed and delivered as a service appears to be important,” Kiran said.

Year-on-Year Trends and Shifting Priorities:

In Aryaka’s 2021 State of the WAN Report, 21% indicated that half of their workforce would be working remote post-pandemic. This year that number increased by 11%, with 32% reporting that at least half of their workforce would be permanently remote.

Collaboration and Productivity suites have gained traction. The Microsoft suite has gained momentum, with Teams identified by respondents as the most deployed application, growing its footprint by over half, from 34% in 2021 to 58% this year. Conversely, Google Docs dropped from 41% last year to 35% today with Microsoft 365 now at 55%.

For China, basic connectivity concerns dropped noticeably from the last report, at 45% in 2021 to 30% today. In contrast, compliance and regulatory issues are now in the lead at 50%.

A renewed interest in ROI was reflected in this year’s report, with 36% of those responding having cost concerns, an increase of 16% compared to last year. Though budgets are expected to increase by 25%, both for networking and security, the focus on ROI implies that these increases must be spent judiciously.

IT professionals were less concerned vs previous years about the newness of the technology (28% vs 31% in 2021), and whether applications will perform properly (29% vs 36% in 2021), speaking to a greater confidence in application support. As change management takes priority, there is an increased focus on observability and control, increasing by 9% (69% vs 60% last year).

Aryaka 6th Annual State of the WAN 2022 – Four Themes:

1.  Acceleration of Remote and Hybrid Work: The report looks at challenges in supporting the hybrid workforce, hybrid work trends, and investments planned to support this new environment. 75% state that at least a quarter of their employees will remain hybrid post-pandemic, aligned with the closure of physical facilities, with a quarter stating they have closed 25-50% of their office sites. Effectively managing worker movement between on-premises and remote requires dynamic bandwidth reallocation, identified by 61% as very important.

2. Application Performance and Consumption: In addition, the report dives into the diversity of applications in use and resulting challenges, how enterprises plan to address these, and potential concerns. As noted earlier, collaboration and productivity applications like Microsoft Teams and Office 365 experienced some of the strongest growth, but there was an overall uptick in SaaS application adoption including Zoom (35%), Salesforce (28%), and SAP/HANA (25%). Performance still must improve, with 42% identifying slow performance for remote and mobile users a key issue, followed by 37% calling out slow performance at the branch.

3. Managing Complexity and Managed Services Adoption: The report addresses what managed services enterprises expect, including SD-WAN and SASE implementation plans and budgets, as well as perceived barriers to adoption. This section also looks at MPLS migration. In evaluating managed services, enterprises continue to demand more from their providers, and are looking for a wider set of offers, an all-in-one SD-WAN and SASE that includes the WAN (45%), security (67%), application optimization (40%), last mile management (29%), and multi-cloud connectivity (27%). The movement to SD-WAN and SASE also follows the movement away from MPLS, with 46% planning to terminate some or all contracts over the next year. Enterprises are generally bullish on their budgets, with a quarter expecting it to grow by 25% or more, and a total of three quarters expecting at least 10% growth.

4. Networking and Security Convergence Including a SASE Architecture: SASE represents a promise of a converged Cloud-First architecture, but there are concerns on complexity and adoption. 42% state that lackluster application performance is a time sink, and 34% consider security to be a major priority. This path to SASE adoption includes setting a strategy (35%), phasing out of legacy VPNs (32%), as well as consolidating cloud security with zero-trust (29%).

Top desired capabilities include a SWG (47%), SD-WAN (36%), and FWaaS (28%). Implementation concerns identified earlier are balanced by expected advantages that include time and cost reduction (37%), as well as agility (33%), while decision-making is still mostly distributed across networking and security, 41% state it is now consolidated. Finally, over two-thirds plan to consume SASE as a managed offer.

What are the biggest challenges you’re facing with your WAN?

Total Responses 1,386

  • High complexity/difficult to manage or maintain     37%
  • Slow access to cloud services & SaaS applications  33%
  • Slow performance of on-premises applications       32%
  • Long deployment times to bring up new sites         29%
  • Lack of adequate security                                     28%
  • Poor voice or video quality                                    23%
  • High cost                                                             20%
  • Lack of visibility                                                   20%

*Respondents chose maximum three responses

–>­The WAN continues to be a challenge, impacting manageability, performance, security, agility, and cost.

Study Methodology:

The Sixth Annual Global Aryaka 2022 State of the WAN study surveyed over 1600 enterprise decision makers and practitioners including CIOs, CTOs, as well as IT, network, and security managers. Respondents were based in the Americas, EMEA, and APAC, with their companies representing every vertical, led by technology, software, manufacturing, financial, and retail. The survey asked respondents about their networking and performance challenges, priorities, and their plans for 2022 and beyond.

Download the Report:

Download Aryaka’s 6th Annual State of the WAN Report here.

…………………………………………………………………………………………………………………………………………………………………………………………………..

MPLS to SD-WAN Migration (Source: Aryaka):

Aryaka’s fully managed SD-WAN and SASE solution leverages a flexible core architecture, FlexCoreTM, optimized for per-site and per-application performance requirements. It offers full per customer resource reservation, end-to-end, at a global level. The HybridWAN solution also leverages direct MPLS and public internet connectivity options.

Aryaka manages the last-mile internet link performance with patented technology to eliminate packet loss and deliver on superior latency and jitter performance. By leveraging a private global L2 network, Aryaka eliminates the issue of guaranteeing deterministic QoS when multiple service provider administrative domains are involved (which is almost always the case in a global network).

Aryaka customers rely on its architecture to deliver on better-than-MPLS performance at a global level and at reduced cost, either augmenting the existing MPLS infrastructure or replacing it altogether over time.

Source: Aryaka

References:

https://www.businesswire.com/news/home/20220120005248/en/Aryaka-Releases-6th-Annual-State-of-the-WAN-Report-1600-Global-Enterprises-Surveyed-Presents-New-Findings-on-Cloud-Adoption-Hybrid-Workplaces-and-the-Convergence-of-Network-and-Security-with-SASE

MPLS to SD-WAN Migration

Shift from SDN to SD-WANs to SASE Explained; Network Virtualization’s important role

Dell’Oro: SD-WAN market grew 45% YoY; Frost & Sullivan: Fortinet wins SD-WAN leadership award

MEF New Standards for SD-WAN Services; SASE Work Program

VSG Global SD-WAN Leaderboard Rankings and Results

Futurium: 2020 SD-WAN market set to accelerate

 

 

MEF New Standards for SD-WAN Services; SASE Work Program

The Metro Ethernet Forum (MEF) [1.] has published new SD-WAN standards that add critical enhancements, including new service capabilities for underlay connectivity, important application performance metrics, and security zones for service providers deploying SD-WAN managed services.

Note 1. The MEF is an industry forum empowering enterprises to transform digitally with standard services and APIs for network, cloud, and technology providers.  While initially focused on Carrier Ethernet, the MEF scope has broadened to encompass overlay services like SD-WAN.  The ITU-T does not have an active SD-WAN standardization program so the industry must look to the MEF for service definitions and standards for that subject.

…………………………………………………………………………………….

The new MEF standards include:

  • MEF 70.1 updates MEF 70, the industry’s first global SD-WAN standard, to include new service attributes for underlay connectivity services, new measurable performance metrics that provide visibility into an application’s performance within the provider network and across multiple service providers, and the infrastructure to support application-based security defined in MEF 88 (see below).
  • MEF 88, MEF’s first security standard, enhances an SD-WAN service to add security functions. These include defining threats, malware protections, security policy terminology and attributes, and describing what actions a policy should take in response to certain threats.
  • MEF 95 provides a unified policy framework for MEF’s SD-WAN (MEF 70.1), Network Slicing (MEF 84), and SASE (MEF W117) and Zero Trust (MEF W118) standards coming in 2022.

“We’re seeing a healthy uptick in SD-WAN deployments driven by work from anywhere, as more users are connecting to the cloud and cloud-based applications. We estimate the global SD-WAN service market will grow from $2.85B in 2020 to $14.5B in 2025 (CAGR of 38%),” said Roopa Honnachari, vice president of research & global program leader – network & edge services, Frost & Sullivan.

“MEF’s work in standardizing and certifying SD-WAN managed services is helping to drive that adoption, and we believe certified services and professionals will continue to play an important role in moving the market forward.”

“MEF develops standards and certifications to provide clarity and assurance and remove complexity for SD-WAN managed services.

The new standards define the service behavior and associated policy language needed to deliver high-performance, secure SD-WAN managed services,” said Pascal Menezes, CTO, MEF.

Source:  MEF

……………………………………………………………………………………..

“These standards, and the forthcoming SASE and Zero Trust standards, benefit both customers and providers—customers know what to expect when purchasing SD-WAN managed services from a provider, and providers have the tools needed to deliver secure SD-WAN services that drive customer satisfaction,” Pascal added.

Both service providers and vendors can attain certification for MEF’s SD-WAN standards in the MEF 3.0 SD-WAN certification program which validates compliance with MEF standards for delivering managed SD-WAN services and the underlying technology.  The objective is to eliminate market confusion, and enable faster SD-WAN market adoption.

In 2022, secure SD-WAN requirements will be added to the MEF 3.0 certification program. Currently, 17 companies have achieved MEF 3.0 SD-WAN certification. In addition, the MEF-SDCP Professional Certification training and certification provides an opportunity for the engineers, architects, product managers, and others deploying SD-WAN solutions to demonstrate their expertise in MEF 3.0 service standards.

  • Worldwide, there are over 700 MEF-SDCP professionals employed by more than 120 companies.
  • Over 60 service providers have either the Carrier Ethernet or SD-WAN certification within the MEF 3.0 framework, and a handful have both.
  • AT&T, Verizon, Comcast Business and Windstream are among the service providers with MEF 3.0 SD-WAN Certification.  Those companies also rank within the top five of Vertical Systems Group’s 2020 US Carrier Managed SD-WAN Leaderboard.

MEF SASE Work:

MEF will also be releasing SASE (MEF W117) and Zero Trust (MEF W118) standards in 2022. MEF started developing its secure access service edge (SASE) framework last fall to clarify the service attributes and definitions for SASE.

The SD WAN market has already become bogged down by different SASE definitions, which has led to confusion among enterprise customers and frustration for service providers.

MEF defines SASE as a “service connecting users (machine or human) with their applications in the cloud while providing connectivity performance and security assurance determined by policies set by the Subscriber.” The networking and security functions within a SASE service include routing, VPN, path selection, traffic shaping, firewall, threat prevention and more.

Yet finding one vendor that meets all those requirements, and delivers a SASE service that is simple to deploy, is proving challenging for service providers that want to provide SASE as a managed service to enterprise customers.

“The ideal is one vendor, right? That’s the ideal, we all agree with it. But at least for enterprise customers, we’d haven’t found a single vendor solution that meets their needs yet from a SASE perspective,” said Verizon’s Vincent Lee.

MEF Media Contact: Melissa Power [email protected]

……………………………………………………………………………………..

References:

MEF Introduces New Standards for High-Performance, Secure SD-WAN Services

https://www.mef.net/service-standards/overlay-services/sase/

https://www.lightreading.com/sd-wan/mef-adds-application-security-updates-to-sd-wan-standard/d/d-id/774205?

 

Dell’Oro: SD-WAN market grew 45% YoY; Frost & Sullivan: Fortinet wins SD-WAN leadership award

According to a recently published report by Dell’Oro Group, the worldwide SD-WAN market grew 45% in the third quarter of 2021 compared to the prior year. Cisco maintained the top position for the revenue share for the quarter and was followed by Fortinet and VMware in the second and third spots.

“Enterprises are upgrading network infrastructures at accelerated rates compared to pre-pandemic times, and our research finds that the SD-WAN market is growing at strong double-digit rates in all regions of the world,” said Shin Umeda, Vice President at Dell’Oro Group. “Because SD-WAN is software-based technology, the global supply chain disruptions have had less of an effect compared to hardware-based networking products,” added Umeda.

Additional highlights from the 3Q 2021 SD-WAN Report:

  • The SD-WAN market continues to consolidate around a small number of vendors with the top six vendors accounting for 69 percent market share in 3Q 2021.
  • Cisco’s quarterly SD-WAN revenue nearly doubled in 3Q 2021 with especially strong growth in the North America region.
  • The market for hardware-based Access Routers grew quarterly revenues for the first time in almost two years.

About the Report

The Dell’Oro Group SD-WAN & Enterprise Router Quarterly Report offers complete, in-depth coverage of the SD-WAN and Enterprise Router markets for future current and historical periods. The report includes qualitative analysis and detailed statistics for manufacture revenue by regions, customer types, and use cases, average selling prices, and unit and port shipments. To purchase these reports, please contact us by email at [email protected].

About Dell’Oro Group

Dell’Oro Group is a market research firm that specializes in strategic competitive analysis in the telecommunications, networks, and data center IT markets.  Our firm provides in-depth quantitative data and qualitative analysis to facilitate critical, fact-based business decisions.  For more information, contact Dell’Oro Group at +1.650.622.9400 or visit www.delloro.com.

…………………………………………………………………………………………………………………………………………………………………………………………………………………………………

Separately,  Frost & Sullivan recently analyzed the global SD-WAN vendor market, and recognized Fortinet with the 2021 Global SD-WAN Vendor Product Leadership Award for transforming and securing the WAN. Fortinet’s Security-driven Networking approach to SD-WAN enables a wide range of use cases including secure and optimized connections to cloud-based applications. The company’s Secure SD-WAN solution integrates SD-WAN capabilities, advanced routing functions, next-generation firewall (NGFW), and zero trust network access (ZTNA) proxy on a single appliance or a single virtual machine (VM) to deliver secure networking capability. The solution can be deployed in a virtual or physical format on-premise or as a VM in the cloud, with a throughput of 20 Gbps, the highest available in the industry.

Fortinet’s Secure SD-WAN solution, powered by the industry’s first SOC4 SD-WAN ASIC [1.] for accelerated performance, features an unrestricted WAN bandwidth consumption model on appliances that is unique in the industry. Cloud adoption continues to grow, but enterprises have generally struggled to implement and maintain a secure, high-performing WAN that allows for efficient access to cloud-based applications across their user base. With the rise in remote working and with distributed users accessing cloud-hosted applications, the enterprise perimeter is no longer limited to users within the company site. Fortinet’s solution securely connects users to cloud-based applications delivering consistent policies off- and on-network.

Note 1.  On Apr 9, 2019 John Maddison, EVP of product and solutions, Fortinet said:

“The WAN edge is now a part of digital attack surfaces, but the edge of your network must never be a bottleneck. For branch offices, the ability to provide best-of-breed WAN Edge — including SD-WAN, WAN optimization, security and orchestration — with optimal performance and security is critical to enable the digital experience. Fortinet’s SoC4 SD-WAN ASIC allows organizations to realize security-driven networking whether they have 100 or 10,000 branch offices.”

…………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………….

Roopa Honnachari, VP of Research, Network Services & Edge, explained that “Fortinet has been a long-time leader in the network security market, which has enabled them to deliver a solution that tightly knits advanced security features with SD-WAN. Though Fortinet is best known as a security company, they have shown their strength and innovation in networking as one of the top SD-WAN solutions on the market capable of supporting enterprise digital transformation.”

To break the perception that it is a security vendor that also does SD-WAN and to eliminate the risk of not appealing to enterprise infrastructure or network decision makers, the company has consciously focused on highlighting its routing and networking capabilities in marketing activities and proofs of concept.”

With its focus on SD-WAN with integrated advanced security and ability to deliver multiple functions in a single hardware appliance or VM, Fortinet has experienced significant growth in the last three years. The company sells 100% through channel partners, including large telcos, such as AT&T, Verizon, British Telecom, Masergy, GTT, KDDI, Orange, and Windstream, that are looking to add secure SD-WAN to their portfolios. As a result, Fortinet has nearly doubled its revenue.

Honnachari added that “Fortinet has emerged as a formidable competitor in the enterprise secure networking space. While the company has always served as a leading competitor in the network security space, the transformation to adding SD-WAN, NGFW, ZTNA access proxy, and advanced routing capabilities on a single operating system and managed by a single console is highly commendable.”

Gartner’s  Magic Quadrant for WAN Edge Infrastructure

Cisco is a leader in this Magic Quadrant. It has two branded offerings: Cisco SD-WAN powered by Viptela and Cisco SD-WAN powered by Meraki. Both include hardware and software appliances, and associated orchestration and management. Cisco also provides optional additional security via the Cisco Umbrella Security Internet Gateway (SIG) platform. Cisco is based in California, U.S., and has more than 40,000 WAN edge customers. The vendor operates globally and addresses customers of all sizes, in all verticals. We expect the vendor to continue to invest in this market, particularly in the areas of improved self-healing capabilities, new consumption-based pricing models and integrated security to enable a single-vendor SASE offering.

Fortinet is a leader in this Magic Quadrant. Its offering is the FortiGate Secure SD-WAN product, which includes physical, virtual appliances and cloud-based services managed with FortiManager orchestrator. Fortinet is based in Sunnyvale, California, U.S., and Gartner estimates that it has more than 34,000 WAN edge customers with more than 10,000 SD-WAN customers. FortiOS v.7.0 combines ZTNA to its broad WAN and network security functionalities to deliver a capable SASE offering. It has a wide global presence, addressing customers across multiple verticals and sizes. We expect the vendor to continue investing in SASE, artificial intelligence for IT operations (AIOps) and 5G functionality.

VMware is a leader in this Magic Quadrant. Its offering is branded as VMware SD-WAN, and is part of VMware SASE. The offering includes edge appliances (hardware and software), gateways — VMware points of presence (POPs) offering various services — and an orchestrator and its Edge Network Intelligence. VMware provides additional optional security via VMware Cloud Web Security and VMware Secure Access. Based in California, U.S., it has more than 14,000 SD-WAN customers. The vendor operates globally and addresses customers of all sizes, and in all verticals. Gartner expects the vendor to continue investments in this market, including enhancing options for remote workers and building out its SASE offering.

………………………………………………………………………………………………………………………

Each year, Frost & Sullivan presents this award to the company that has developed a product with innovative features and functionality that is gaining rapid market acceptance. The award recognizes the quality of the solution and the customer value enhancements it enables.

About Frost & Sullivan:

For six decades, Frost & Sullivan has been world-renowned for its role in helping investors, corporate leaders, and governments navigate economic changes and identify disruptive technologies, Mega Trends, new business models, and companies to action, resulting in a continuous flow of growth opportunities to drive future success. Contact us: Start the discussion. Contact us: Start the discussion.

Contact: Bianca Torres
P: 1.210.477.8418
E: [email protected]

References:

https://www.prnewswire.com/news-releases/sd-wan-market-surged-45-percent-to-a-record-level-in-3q-2021-according-to-delloro-group-301441432.html

https://www.prnewswire.com/news-releases/fortinet-receives-frost–sullivans-2021-global-sd-wan-vendor-product-leadership-award-301441406.html

https://www.gartner.com/doc/reprints?id=1-27EGPR7B&ct=210909&st=sb

ONF and Deutsche Telekom Demonstrate Fully Disaggregated Open RAN and SD-WAN

Deutsche Telekom is working with the Open Networking Foundation (ONF) and eight vendors to test software-defined radio access networks (SD-RAN) and Open RAN in what it calls a fully disaggregated system.  This is the first field trial implementing fully disaggregated open RAN solutions using ONF’s RAN Intelligent Controller (RIC) software platform as defined by the O-RAN architecture. This 4G and 5G Standalone (SA) outdoor trial is live at Deutsche Telekom in Berlin, Germany.

In addition, the Facebook-backed Telecom Infra Project (TIP) is taking part by providing hardware and facilities out of the TIP Community Lab in Berlin hosted by Deutsche Telekom.

Carriers are investing in open RAN to enable a new breed of modular and customizable 5G solutions to accelerate innovation and enable the mix-and-match of best-of-breed components from multiple vendors.  Open RAN gives operators choice and flexibility to customize and optimize their networks. This SD-RAN trial hosted by DT highlights the promise and flexibility of open RAN by integrating components from eight companies: AirHop, Edgecore, Facebook, Foxconn, Intel, Radisys, Supermicro and Wiwynn. Additionally, the Telecom Infra Project (TIP) is participating by providing hardware and facilities out of the TIP Community Lab in Berlin hosted by DT. The on-site field trial integration and testing is being coordinated and supported by Highstreet Technologies.

The live trial features horizontally disaggregated hardware (separate RU, DU, and CU units), as well as vertically disaggregated software components including an open source near real-time RIC (nRT-RIC) and xApps coming from the ONF’s SD-RAN project. By integrating proprietary and open source components, including a near real-time RIC and xApps, this ground-breaking trial exemplifies a model for how future open RAN deployments are envisioned to take shape.

The entirety of the trial is operationalized leveraging ONF’s Aether platform, a centrally-managed, multi-cloud, cloud-native platform providing Connectivity-as-a-Service, and highlights network slicing with multiple UPFs running at the edge. The SD-Core component of Aether provides 5G connectivity and the control plane running from the public cloud while SD-Fabric is a fully programmable network fabric optimized for the edge cloud used to instantiate a P4-based 4G/5G UPF in hardware.

Aether hosts the Radisys containerized CU while the Intel® Smart Edge Open (formerly known as OpenNESS) software toolkit hosts the Radisys DU to enable cloud-native deployment of the RAN workload with optimization on  the 3rd Gen Intel® Xeon® Scalable processor and Intel® vRAN Dedicated Accelerator ACC100. The CU and DU are integrated with ONF’s nRT-RIC, xApps, SD-Core 5G core and Foxconn O-RU.

“The Berlin SD-RAN Open RAN Trial, is a momentous step towards realizing the vision of fully disaggregated and intelligent RAN, leveraging ONF’s leading open source RAN Intelligent Controller software platform. In addition to open fronthaul, this trial includes disaggregated RU/DU/CU units, and also vertically disaggregates the RIC and xApps according to SDN principles. Together, we are demonstrating the power of truly open RAN and ecosystem collaboration to accelerate innovation.”
– Alex Choi, Senior Vice President Strategy & Technology Innovation, Deutsche Telekom and Founding Board Member, O-RAN Alliance

“The SD-RAN Berlin Trial with DT is a significant industry milestone for open RAN.  At ONF we are seeing tremendous interest from the mobile community for our open source implementation of the O-RAN architecture, and this trial demonstrates the maturity of the SD-RAN open source RIC and xApp development platform.”
– Guru Parulkar, Executive Director, ONF

“AirHop is thrilled to be participating in this DT SD-RAN trial. We are contributing commercially hardened 5G xApps that work with the complete Open RAN end-to-end solution.  The trial demonstrates that commercial xApps can be quickly integrated and deployed using O-RAN defined standard interfaces to deliver automated performance optimization.”
– Yan Hui, CEO, AirHop

“Open systems are the future, and Edgecore is pleased to be leading the charge and to be providing open network hardware that is running software from ONF as part of this DT SD-RAN trial. It has been amazing working with this dynamic community, and a real pleasure to be collaborating with DT on this effort.”
– Jeff Catlin, VP of Technology, Edgecore Networks

“We are excited to see multiple ecosystem partners collaborating to test and trial this disaggregated Open RAN solution. We have made great progress with the RIC-xApp portability paradigm and we look forward to continuing to make contributions to the SD-RAN project.”
– Manish Singh, Head of Wireless Ecosystem Programs, Facebook

“Foxconn has contributed the Radio Units (RUs) that are deployed in the SD-RAN trial. Given that this represents the first deployment of a truly disaggregated RAN solution, we’ve been very pleased with the collaboration and commitment shown by the whole SD-RAN community.”
– Dr. Benjamin Wang, Sr. 5G RD Director, Infrastructure Product Division, Foxconn

“Our long-standing collaboration with ONF and its partners reflects our priority to collaborate with the Open Source community and aligns very well to initiatives such as Intel Smart Edge Open® targeted for open innovation and developer acceleration. It is great to see an entire portfolio of Intel technologies enabling ONF SD-RAN and SD-Core ranging from Intel® Xeon®  Scalable processors, vRAN accelerators to software offerings such as Intel® FlexRAN  and Smart Edge Open® get featured in this trial, paving the way to the next wave of disaggregated and intelligent networks.”
– Renu Navale, VP & GM in the Network Platforms Group, Intel

“The OCP and ONF have a synergistic relationship, with OCP focused on open hardware and ONF focused on open software that can run on OCP hardware. The SD-RAN trial with DT exemplifies this relationship, demonstrating OCP Inspired™ openEdge servers from Wiwynn, an OCP Certified Solution Provider, running critical components of the SD-RAN solution.”
– Steve Helvie, VP of Channel, Open Compute Project (OCP)

“As a founding member of the SD-RAN initiative with ONF, Radisys is excited to participate in this important SD-RAN trial at DT, demonstrating use cases of RAN optimization and multi-vendor interoperability. We worked closely with the ONF community to develop service models, use cases and in the end-to-end integration of this field trial. This is a significant step towards commercial adoption of O-RAN based solutions by operators.”
– Arun Bhikshesvaran, CEO, Radisys

“Supermicro is excited to have our servers included in the SD-RAN Berlin trial. This trial is a significant step in realizing the potential of open RAN, and it has provided a great opportunity for multi-vendor collaboration and learning. We are a strong supporter of open source and disaggregation, and believe that it is essential for enabling 5G edge, core and cloud networks.”
– Jeff Sharpe, Director, 5G / IoT Edge Solutions, Supermicro

“TIP is pleased to be collaborating to support the SD-RAN Berlin Trial. The RIA sub-group of the TIP OpenRAN project is prioritizing use cases for open RAN that are being highlighted by this effort, so we see terrific synergies working with ONF and the broader SD-RAN community to support this first-of- its-kind trial featuring a multi-vendor mix of RU/DU/CU controlled by an open RIC and xApps.”
– Attilio Zani, Executive Director, Telecom Infra Project 

“Wiwynn is pleased to be providing our edge cloud optimized servers as part of the DT SD-RAN trial. These systems are designed for edge and telco applications, and are certified by ONF for the Aether platform used for this DT trial. We are committed to building solutions optimized for open RAN deployments, and we’re very excited to see this DT trial advancing the state-of-the-art for open RAN.”
-Steven Lu, Senior Vice President, Wiwynn

DEUTSCHE TELEKOM SD-RAN TRIAL EVENT:

ONF and DT will be co-hosting a virtual event October 19th offering an in-depth view into the trial and key learnings from the community. Featuring live keynotes and on-demand talks from operator and vendor leaders from across the open RAN movement. Register to hear about lessons learned directly from the experts who have deployed the first trial of its kind! The event is open to anyone.:

Deutsche Telekom SD-RAN Trial – Webinar
October 19th, 2021
5pm CEST, 11am EDT, 8am PDT
REGISTER HERE

References:

ONF and Deutsche Telekom Demonstrate Fully Disaggregated Open RAN with Open RIC Platform

 

VSG Global SD-WAN Leaderboard Rankings and Results

Orange Business Services (France), AT&T (U.S.), and Verizon (U.S.) topped Vertical Systems Group’s (VSG) latest leaderboard for global carrier-managed SD-WAN. They were followed in the rankings by NTT (Japan), BT (UK), Telefonica Global Solutions (Spain), and Vodafone (UK).  [The rank order is based on site share outside of the provider’s home country, as of June 30, 2021.]

Rosemary Cochran, principal analyst and co-founder of Vertical Systems Group said that global networks are far more complex to manage and administer compared to domestic SD-WAN offerings. They often require service providers to negotiate contracts with multiple countries, meet diverse regulatory requirements, and support numerous network technologies.

This industry benchmark for multinational SD-WAN market presence ranks companies that hold a 5% or higher share of billable retail sites outside of their respective home countries.

Twelve companies qualify for the Mid-2021 Global Provider Managed SD-WAN Challenge Tier (in alphabetical order):

Aryaka (U.S.), Colt (U.K.), Deutsche Telekom (Germany), Global Cloud Xchange (India), GTT (U.S.), Hughes (U.S.), Lumen (U.S.), PCCW Global (Hong  Kong), Singtel (Singapore), Tata (India), Telia (Sweden) and Telstra (Australia).

The Challenge Tier includes companies with site share between 1% and 5% of this defined SD-WAN segment.

“We’re pleased to release the first benchmark that measures Global Provider market presence based on multinational managed SD-WAN customer sites,” said Rick Malone, principal of Vertical Systems Group. “Enterprises with business-essential applications that span multiple regions of the world are choosing SD-WAN solutions from network operators with the global infrastructures, experience, partnerships and technical expertise necessary to deliver world-class services.”

Research Highlights for Global Provider SD-WAN Services:

  1. Orange Business Services gained the top share rank on the Mid-2021 Global Provider Managed SD-WAN LEADERBOARD with the largest number of customer sites installed.
  2. Vertical’s SD-WAN Coverage Analysis for five regional markets – North America, Latin America, Europe, Africa/Middle East, Asia/Pacific – shows that all seven companies ranked on the Mid-2021 Global Provider SD-WAN LEADERBOARD have good to strong coverage in at least three of these regions.
  3. COVID-19 continues to appreciably impact every region of the world. Just being able to get the SD-WAN equipment and support the services has been a disruptive experience for service providers and their customers.
  4. Challenges cited by Global SD-WAN operators include: workforce health protection, tracking the shift back from remote to office environments, service disconnects due to business closures, and supply chain disruptions.
  5. Most multinational Managed SD-WAN customer implementations are hybrid network configurations that incorporate MPLS, IP VPN, Cloud connectivity or other services, plus multiple security capabilities that are integral or supplied by technology partners.
  6. SD-WAN customers with MPLS connections are migrating to more cloud-suitable broadband services that provide bandwidth flexibility and lower pricing.
  7. Ethernet DIA (Dedicated Internet Access) is the preferred choice for SD-WAN customers that require dedicated, symmetrical connectivity.

Fictitious image of a global mesh connected SD-WAN

…………………………………………………………………………………………..

Five of the seven companies on the Mid-2021 Global Provider SD-WAN LEADERBOARD are ranked on the 2020 Global Provider Ethernet LEADERBOARD (in rank order): AT&T, Orange Business Services, Verizon, BT Global Services and NTT.

  1. Two companies ranked on the Mid-2021 Global Provider SD-WAN LEADERBOARD – AT&T and Verizon – have attained MEF 3.0 SD-WAN Services Certification to date. Additionally, three companies cited in the Challenge Tier – Colt, PCCW Global and Telia – have MEF 3.0 SD-WAN Services certification.
  2. The primary technology suppliers to the nineteen Mid-2021 Carrier Managed SD-WAN LEADERBOARD and Challenge Tier companies are as follows (in alphabetical order): Cisco, Fortinet, HPE Aruba, Nuage Networks (Nokia), Versa and VMware.

The Market Player tier includes providers with site share below 1%. Companies in the Mid-2021 Market Player tier are as follows (in alphabetical order):

Batelco (Bahrain), China Telecom (China), Claro Enterprise Solutions (Mexico), CMC Networks (South Africa), Cogent (U.S.), Epsilon (Singapore), Etisalat (Abu Dhabi), Expereo (Netherlands), HGC Global (Hong Kong), Intelsat (U.S.), KDDI (Japan), Masergy (U.S.), Meriplex (U.S.), PLDT  Enterprise (Philippines), SES (Luxembourg), Sparkle (Italy), StarHub (Singapore), Syringa Networks (U.S.), T-Mobile (U.S.), Telenor (Norway), Telin(Singapore), Transtelco (U.S.), Virgin Media (U.K.), Zayo (U.S.) as well as other providers (unnamed) selling SD-WAN services outside their home country.

Closing Comment:

This VSG report highlights the disparate implementations of global SD-WANs. “…implementations are hybrid network configurations that incorporate MPLS, IP VPN, Cloud connectivity or other services, plus multiple security capabilities that are integral or supplied by technology partners.”

That is because there is no clear definition of functionality (yeah we know about MEF’s definition) and no specification of any exposed interfaces, e.g. UNI, network node to network node, or NNI between two SD-WAN networks.

As such, global SD-WANs are really a concept, not a set of required networking technologies with defined reference points and standardized interfaces/APIs.  As a result, it’s a serious challenge for the global SD-WAN operator to ensure interoperability between each of the different subnetwork interfaces so that end to end connectivity is achieved.

…………………………………………………………………………………………….

References:

Mid-2021 Global Provider Carrier Managed SD-WAN LEADERBOARD

Shift from SDN to SD-WANs to SASE Explained; Network Virtualization’s important role

Futurium: 2020 SD-WAN market set to accelerate

 

Shift from SDN to SD-WANs to SASE Explained; Network Virtualization’s important role

Disclaimer:

The IEEE Techblog has not covered this topic for a very long time, because there are no standards or accepted specifications for any type of SD-WAN or SASE interoperability.  Those networks are all supplied by a single vendor, but that hasn’t stopped them from gaining market share, especially from legacy IP-MPLS VPNs.  That’s even though functionality differs for each vendor’s SD-WAN or SASE offering and there is no interoperability, especially from one provider’s SD-WAN to another’s.

Explanations:

SD-WANs use Application-aware routing across the WAN, whereas classical SDN used a centralized controller to compute routes at the Network layer for the Control plane with “L2/L3 packet forwarding engines” in the Data Plane.  The SDN Control and Data planes are separated with the “OpenFlow” API used to communicate between them.

NFV is not about routing but virtualizing network functions (“virtual appliances”) that would otherwise be implemented in hardware-firmware boxes.

Network virtualization (defined below) has played a key role in the popularity of SD-WAN and SASE, even though that network paradigm was not included in the original definition of SDN in which no overlay networks were permitted.  (That was referred to as “SDN Washing” from 2011-2014, by SDN strongman Guru Parulker, now Executive Director of the Open Network Foundation.)

………………………………………………………………………………………….

Discussion:

At many data networking industry conferences and events from 2011 to 2014, participants claimed that Software Defined Networks (SDNs) would usher in a whole new era for networking.  One colleague of mine said it would be “a new epoch for networking.”  Instead, there were various versions of SDNs, used primarily by hyper-scale cloud service providers (most notably Google and Microsoft) and a few large telcos (e.g. NTT, AT&T).  But SDN never spread to enterprise or campus networks.

When SDN fizzled out, the industry’s focus shifted to Software Defined WANs (SD-WANs), which provides user control of a virtual network overlay via the Application layer. There are three components to a SD-WAN:

  • SD-WAN edge is where the network endpoints reside. This can be a branch office, a remote data center, or cloud platform.
  • SD-WAN Orchestrator is the virtualized manager for network, overseeing traffic and applying policy and protocol set by operators.
  • SD-WAN Controller centralizes management, and enables operators to see the network through a single software interface, and set policy for the orchestrator to execute.

In addition, there are three main types of SD-WAN architecture: on-premises, cloud-enabled, and cloud-enabled with a backbone.

SD-WANs continue to roll out in many different shapes, forms and flavors, without any standards for any type of interoperability (e.g no UNI, NNI, Interface to legacy IP-MPLS VPNs, etc).  Even the definition and certification by the MEF (Metro Ethernet Forum) has failed to catch on so there is no uniform functionality between one SD-WAN and another.

Because of its virtualized network architecture [1.], SD-WANs don’t require specific hardware for specialized network functions. Instead, the infrastructure is made of commercial off-the-shelf (COTS) equipment, also known as white-boxes.  Therefore, all SD-WAN products are 100% software based.

Note 1. Network virtualization is the process of transforming network functions into software and disconnecting them from the hardware they traditionally run on. The software still consumes the hardware’s resources, but is a separate entity that can be changed, moved, and segmented while the hardware remains the same.

The virtualized and software-based version of the network is an overlay on top of the physical network infrastructure. The physical network’s devices like switches and routers still perform tasks like packet forwarding, while how to forward those packets is handled by the software running on the switches and routers.

………………………………………………………………………………………….

Meanwhile a newer entry known as Secure Access Service Edge (SASE) has garnered a lot of media attention.  This Gartner-coined product category, which combines elements of SD-WANcloud-based security, and edge computing, has gained significant traction in the two years since its inception.

SASE’s remote access functionality and low barrier to entry made it an attractive option for enterprises trying to cope with the rapid shift to remote work due to the pandemic. Within months of the first lockdown orders going into effect, nearly every SD-WAN and security vendor had announced a SASE security architecture, either through internal development, partnerships, or acquisitions.

SASE is the convergence of wide area networking, or WAN, and network security services like CASB (Cloud Assisted Security Broker), FWaaS (Firewall as a Service) and Zero Trust, into a single, cloud-delivered service model.

According to Gartner, “SASE capabilities are delivered as a service based upon the identity of the entity, real-time context, enterprise security/compliance policies and continuous assessment of risk/trust throughout the sessions. Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems or edge computing locations.”

Gartner forecasts that, “by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.”

A SASE architecture identifies users and devices, applies policy-based security, and delivers secure access to the appropriate application or data. This approach allows organizations to apply secure access no matter where their users, applications or devices are located.

According to Cisco’s latest CISO Survival Guide, almost all (98%) CISOs plan to spend money on secure access service edge (SASE), and 55% of them intend to prioritize 25% to 75% of future IT security budgets on it, according to

Cisco surveyed more than 100 CISOs and security leaders for this report. The biggest shift for CISOs this year is toward SASE, following the pandemic and related trend of working from anywhere in the world, said Dug Song, chief strategy officer at Cisco Secure.

“I think hybrid work is here to stay,” Song told SDxCentral in an interview. Most organizations have decided to maintain flexible work for employees even post-pandemic, which requires changes to their IT security programs.

………………………………………………………………………………………….

Many industry experts say SASE services must be built on a cloud-native architecture (like 5G SA core network) and distributed across multiple edge locations.

While several vendors including Cisco and Fortinet have rejected the cloud native approach, arguing that networking and security appliances still have a role to play both at the branch and the edge, it’s a principle that’s reflected in Gartner’s own literature and wholeheartedly embraced by VMware, CATO and other SASE vendors.

 

Specifically, VMware offers a cloud-native SASE architecture that has combined multiple solutions in it such as SD-WAN Gateways, VMware Secure Access, ZTNA solution, SWG, CASB, AND VMware NSX Firewall. VMware delivers all these solutions through PoPs. It delivers the network and security services in an intrinsic or sequenced manner.

Cato CMO Yishay Yovel told SDxCentral, “The feeling I have is that a lot of the market is trying to talk about SASE now in a generic way, like everybody has everything, or everybody has the same capabilities, and it doesn’t matter exactly how they’re done.”

Yovel also said that just because a vendor claims to offer the full SASE software stack, doesn’t mean it’s been implemented in a way that’s scalable.

Many of the SASE functions — cloud-based firewalls in particular — are compute-intensive, they usually have to be run in cloud data centers and can’t run on the cloud provider’s more numerous content delivery network edge locations.

This dramatically limits the number of locations a SASE vendor can offer if relying on public cloud infrastructure. For example, Google Cloud claims services in 146 edge locations around the globe, but only operates 21 global data centers, which it refers to as regions.

Scalability and availability are another challenge, Yovel noted. In many cases, these virtual appliances aren’t multi-tenant and have to be assigned to a specific customer account, resulting in additional resources being required should the customer bump up against the limits of a single instance.

Yovel argues that unless a vendor’s SASE software stack is unified, customers may miss out on the ability to share context across multiple security or network functions.  He explained that many functions, SD-WAN for example, are only aware of certain contexts like what application is being used, but this context could be used in conjunction with other contextual information like time, location, or identity to inform other parts of the SASE stack.

“We collect all the context elements. It doesn’t matter which part of these engines need them. Everything is built into a unified thing,” Yovel said.

The bottom line for today’s cybersecurity professionals is that both zero trust and SASE networking trends should be watched closely and integrated into forward-looking enterprise network architectural decisions.

…………………………………………………………………………………….

References:

https://www.sdxcentral.com/networking/sd-wan/definitions/software-defined-sdn-wan/

https://start.paloaltonetworks.com/gartner-report-roadmap-for-sase-convergence.html

https://www.paloaltonetworks.com/cyberpedia/what-is-sase

https://www.softwaretestinghelp.com/top-sase-vendors/

https://www.sdxcentral.com/articles/news/cisco-report-cisos-sase-spend-edges-toward-75-of-budget/2021/07/

https://www.sdxcentral.com/articles/news/cato-ribs-palo-alto-networks-other-sase-imposters/2021/07/

https://www.sdxcentral.com/networking/sd-wan/

https://www.sdxcentral.com/networking/nfv/definitions/network-virtualization-and-how-it-works/

https://searchcloudsecurity.techtarget.com/tip/Why-its-SASE-and-zero-trust-not-SASE-vs-zero-trust

 

Masergy Performance Edge™ minimizes packet loss over public broadband connections

Masergy, a software-defined network and cloud platform company, today announced its latest patent-pending innovation which is aimed at solving a fundamental problem with broadband internet transport. Masergy Performance EdgeTM, a new SD-WAN and SASE (Secure Access Service Edge) capability, minimizes packet loss over public broadband connections, making them perform more like a private Ethernet circuit.

“Today broadband is being used ubiquitously” in home and business sites, says Ajay Pandya, director of Product Management for Masergy. “We are seeing this over the last year a lot. We used to sell 60-70% of our sites with one of the links as broadband. Now it’s in the 90’s.”

Broadband can be up to 70% cheaper than private access networks, says Pandya, but it’s still a “best effort” technology that doesn’t always provide reliable performance for applications such as voice and video conferencing.

“If I’m a contact center person or a power-user executive delivering my quarterly announcement to analysts, I don’t want the connection to be any less than excellent,” says Pandya. He also said that Masergy aims to improve the quality of last-mile connections with its Performance Edge.

“Masergy Performance EdgeTM is revolutionary because it turns the low-cost, low-performance access methodology into a high-performing service meeting the demands of today’s digital-first businesses,” said Zeus Kerravala, Founder and Principal Analyst, ZK Research. “It saves precious IT dollars and removes the productivity uncertainties of working from home all within a SASE environment.”

Most companies have become more dependent on broadband since the 2020 pandemic, but it hasn’t always served them well — particularly in cases where guaranteed performance is needed. According to an Altman Solon 2021 State of SD-WAN Study, 50% of IT leaders using only public access say their application performance is insufficient, and 48% say the cost savings don’t justify the lower quality of service. Inherently broadband is a “best effort” technology unfit for real-time data applications like voice and video conferencing. Thus, broadband often fails to deliver the performance needed, causing losses in productivity, sales, and revenue.

“Masergy is working to ensure our clients’ new need for broadband doesn’t impact their business continuity. Remote work success shouldn’t hinge on network connectivity types, and we’ve created Masergy Performance EdgeTM to make sure it doesn’t,” said Chris MacFarland, CEO, Masergy. “Masergy pioneered software-defined networking 20 years ago. We were the first to market with AIOps integrated in our SD-WAN and SASE solutions, and we’re already on the path to autonomous networking — so there’s no better company to revolutionize broadband, making it the high-performance, predictable service everyone wants it to be.

The patent-pending Performance Edge is aimed at assisting home workers, SD-WAN, SASE and MPLS customers in improving their broadband performance by reducing packet loss. The feature can be added on to Masergy’s SD-WAN and SASE services, but there is an additional cost to utilize Performance Edge. In addition, it’s currently centrally managed, so customers need to request it directly from Masergy to turn the service on.

Masergy Performance EdgeTM is available with Masergy’s Managed SD-WAN Secure and SASE offerings and uses proprietary network architecture along with industry standard and compatible routing algorithms to enable businesses of all sizes to realize increased efficiency and productivity. It provides these key benefits:

  • Better Performance: Minimize packet loss over public broadband connections for more predictable application experiences
  • Less Expensive: Save up to 70% compared to the cost of a private line and reduce outages with AI-powered performance visibility
  • Fast to Install: Connect new sites in days versus weeks and boost existing broadband circuits for immediate results

Image Credit:  Masergy

Zeus Kerravala, founder and principal analyst of ZK Research, told Light Reading that Performance Edge could be useful in delivering the “performance of private IT with broadband” for remote workers, retail and small branch locations. Kerravala says Masergy is “using a multitude of different optimization techniques to make that broadband connection work better” with tools such as WAN optimization, compression and forward-error correction.

“SD-WAN does a good job of load balancing across 2 connections, but there are a number of situations where you only have your broadband connection available … Masergy also has their MPLS backbone, so it’s the combination of two that gives you the end-to-end performance. Performance Edge optimizes the last mile, and Masergy has always been good at the middle mile,” says Kerravala.

References:

https://www.businesswire.com/news/home/20210720005252/en/Transforming-Public-Broadband-Access-into-a-High-Performing-Service-Masergy-Announces-Masergy-Performance-Edge

https://www.lightreading.com/sd-wan/masergy-unveils-broadband-performance-feature-for-last-mile-access/d/d-id/770976?

Learn more about Masergy Performance Edge