Top SD-WAN Providers & Vendors for 2021

A software-defined wide area network (SD-WAN), as the name implies, is the implementation of the software-defined concept to networking. By doing so, the management and operation of the WAN is simplified by decoupling the underlying networking hardware. 

The SD-WAN is also a good way for enterprises to save money. Deploying fiber optic cables between sites provides greater bandwidth, however it is expensive, complex, and can struggle when it comes to permitting underground passages for cabling, etc. As the SD-WAN operates over the internet, it is often the go-to method of connecting sites via private networking links. 

Another benefit is cutting through the complexity inherent in setting up router-based WANs. Such features enable SD-WANs to operate seamlessly between on-premise and cloud resources. 

In an SD-WAN, internet-bound traffic from the enterprise is channeled through a server, appliance, or cloud service that runs WAN software. Encryption is typically used to keep the network and its traffic secured.

Core Features of an SD-WAN

SD-WANs have evolved in a great many different ways and from a variety of technologies. The tools available reflect this. Some trace their DNA to the security side while others began in routing, WAN optimization, or other areas of the networking field. As a result, the feature set of the various products and services varies tremendously. 

Further, products and services differ in the ways in which they are deployed. Some are delivered via an appliance, some via software sitting on a server, and others via a cloud-based SD-WAN service. There is no one way that works best. It depends on the architectural preferences of the enterprise, the existing vendor mix, and other factors. 

The core features are roughly as follows: 

  • Uninterrupted networking performance. 
  • Protecting the hybrid workforce from cybersecurity threats through a SASE architecture. (SD-WAN + cloud security + zero trust network access, encryption, encapsulation, and general network protection). 
  • Integrated management. 
  • Optimization of speeds for different types of traffic between sites.
  • Ability to easily add new sites to the network.
  • Spanning any private backbone or network in use, MPLS, Dedicated Internet Access (DIA), Enhanced Internet, 4G LTE, and 5G.  
  • Multi-cloud access spanning IaaS/PaaS/SaaS. 

Also read: SD-WAN is Important for an IoT and AI Future

Top SD-WAN Vendors 

Enterprise Networking Planet evaluated various SD-WAN vendors. Here are our top picks, in no particular order. 

Aryaka 

Aryaka logo.

Aryaka offers a fully managed service with what it calls a cloud-first WAN approach. It leverages a platform that integrates networking and security (i.e., a combination of SD-WAN and SASE). Networking includes connectivity, optimization, and multi-cloud access as a Software-Defined Cloud Interconnect (SDCI). 

Key Differentiators 

  • The managed service integrates all of the capabilities required by enterprises for their WAN and digital transformation – connectivity, security, automated regional-based multi-cloud access, network and application optimization, and cloud-based observability and co-management.  
  • A services PoP-based architecture enables a rich set of capabilities at the cloud-edge, including hybrid workplace support by integrating branch office/headquarters, and remote worker connectivity, SASE functionality, and advanced optimization.  
  • The middle-mile is based on a Layer 2 over fiber architecture, which avoids issues with ISP peering and drives high performance.  
  • A single vendor solution eliminates service and support issues where a telco or regular managed service provider (MSP) relies on technology from a third party. 
  • A managed service, integrating NaaS and NSaaS (Network Security as-a-Service) aligns to the SASE architecture definition.

Citrix

Citrix Logo

Citrix SD-WAN delivers a reliable, high-performance digital workspace experience, empowering employees to access resources. It can optimize application performance and automate connectivity for all users wherever they are. It is a core networking capability of the Citrix Secure Access Service Edge (SASE) architecture approach, which gives the flexibility to choose whether security capabilities are enabled on-premise or in the cloud. 

Key Differentiators

  • When used in conjunction with Citrix Workspace, Citrix SD-WAN can deliver performance improvements. 
  • Through visibility into Citrix Virtual Apps and Desktops traffic (HDX) with site, session and user reporting, it speeds troubleshooting.
  • Leveraging cloud-managed automated deployments and route learning, it enables companies to move to a multi-cloud architecture quickly.
  • Consolidates security, SD-WAN, and centralized policy management. 
  • Provides a multi-tenant cloud-hosted single pane of glass for networking and security.
  • Enables sub-second failover over any type of connectivity (4G LTE, MPLS, Internet) to cloud, SaaS and virtual apps.

Versa 

Versa logo

Versa offers an SD-WAN solution that implements capabilities that enable a SASE architecture (full stack security, advanced routing, genuine multi-tenancy). This includes visibility into traffic traversing the network between users, applications, and devices regardless of location. Networking, security, visibility, automation, and performance capabilities are built into the architecture. 

Key Differentiators

  • With a single software image and through a single management portal, Versa offers SD-WAN with a secure and application optimized single-pass architecture that does not require service chaining or API integrations. 
  • Helps organizations overcome the challenges of on-premises, hybrid, or multi-cloud environments. 
  • All networking and security services are offered natively from the Versa platform.
  • One screen to manage all networking and security vulnerabilities, gaps, and issues. 
  • Integrated security, scalable routing, multi-tenancy, and analytics running on one image. 
  • Visualized and configured centrally.

Algoblu

The Algoblu Network Element Virtualization (NEV) solution offers bandwidth efficiency, network security, multi-cloud access, simplified network provisioning and troubleshooting. NEV sits between Layer 1 and 2 in the OSI seven-layer model. It can virtualize the underlying network resources (e.g. fiber ports) into 100,000 individual atomic channels through the FPGA-based chip. The scheduler and orchestrator allocate a certain amount of atomic channels to form the sIF (Service Interface) per resource requirement. The sIF can be assigned to any specific application with guaranteed SLA. The implementation of the whole NEV protocol is completed by the self-developed chip, which ensures efficiency.

Key Differentiators

  • NEV is a shortcut to enable carriers to provide multi-tier services to meet users’ personalized requirements with guaranteed QoS and without changing the existing network infrastructure.
  • Supports multi-tier environments. 
  • Underlying carrier networks are slides into multiple, separated and secured parts. 
  • The sliced network has independent resources and QoS guarantees, and the traffic is physically isolated. 
  • Network slicing service can help users build layer 2 or layer 3 private networks serving specific applications, such as enterprise multi-site private networks, private networks of supply chain partners, secure surveillance networks, and video conferencing networks. 
  • It provides strict SLAs and a QoS guarantee at a competitive price. 

Silver Peak 

Silver Peak Unity EdgeConnect is a unified SD-WAN platform. It enables application performance, security, and routing that are dictated by top-down business policies, not bottoms-up technology constraints. Its architectural model utilizes virtual WAN overlays based on business requirements (business intent overlays) for every class of application. 

Key Differentiators

  • Once overlays and their associated policies have been defined via Unity Orchestrator, configurations are pushed to all sites across the network.
  • Traffic handling is fully automated to route applications based on pre-configured parameters. 
  • Continuously learns about any network condition changes and adapts traffic handling to maintain continuous compliance to application QoS and security requirements.
  • Consistent, always-available application performance, including voice and video, across any combination of transport services including consumer broadband services. 
  • Centralized orchestration simplifies the implementation of changes, minimizes human errors and enables faster troubleshooting.
  • Automates real-time response, eliminating the impact of brownouts and blackouts as continuous monitoring and analytics detect changing conditions and trigger immediate adjustments.
  • Adaptive internet breakout automates application definitions and IP address updates daily thousands of SaaS applications and 300 million web domains. 
  • Unifies SD-WAN, firewall, segmentation, routing, WAN optimization, and application visibility and control in one platform. 

Fortinet 

Fortinet Logo

Fortinet FortiGate delivers a fast, scalable, and flexible SD-WAN. With a security driven networking approach, it consolidates SD-WAN, next-generation firewall (NGFW), and advanced routing in one appliance. 

Key Differentiators

  • Orchestrate consistent network and security policies. 
  • WAN and security powered by one operating system. 
  • One management console covers SD-WAN, advanced routing, and NGFW controls.  
  • Simplify branch architecture with SD-WAN and integrated NAC, WLAN, LAN, and LTE/4G/5G. 
  • Scalable to 1,000s of sites.
  • Connectivity to the cloud, in the cloud, and between clouds. 
  • Cloud on-ramp orchestration reduces the footprint and simplifies management.
  • Centrally manages deployments, configurations, and on-going operations with visibility, analytics and reporting. 

VMware

VMware Logo

VMware SD-WAN evolved from its acquisition of VeloCloud. It leverages cloud-hosting to simplify deployment and management of network devices and employs traffic steering to applications in the data center and the cloud. It combines the bandwidth of broadband with existing WAN connections to connect users to data center and cloud-based applications from any location in the network. 

Key Differentiators

  • Optimizes traffic over multiple available connections (MPLS, broadband, LTE) to deliver traffic across the network. 
  • Dynamically steers traffic to the best available link, and if the available links show any transmission issues, it will apply remediation for jitter and packet loss based on policies to ensure performance of the high-priority applications. 
  • Cloud-based management allows for ubiquitous access across all device types for ease of management. 
  • Allows for quick adaptation to changing needs, including adding access to cloud-based services, standing up new branches or remote offices. 
  • Dynamic steering of all traffic for optimized application and data delivery. 
  • The components connect to a central orchestrator when brought online, and configurations are pushed from the central orchestrator to the edge device. 

Cisco Meraki SD-WAN 

Cisco Meraki provides network security and SD-WAN in one appliance. These MX appliances create a framework for Cisco SD-WAN powered by Meraki by securely auto-provisioning IPsec VPN tunnels between sites. The Meraki dashboard automatically negotiates VPN routes, authentication and encryption protocols, and key exchange for all Meraki MX appliances in an organization to create hub-and-spoke or mesh VPN topologies.

Key Differentiators 

  • The Meraki MX security and SD-WAN appliance includes a next-gen layer-7 firewall, Cisco Advanced Malware Protection (AMP), intrusion prevention, SSL decryption/inspection, data loss prevention (DLP), cloud access security broker (CASB), SaaS tenant restrictions, granular app control, and file type control.
  • Virtual MX (vMX) is a virtual instance of a Meraki security & SD-WAN appliance providing simple configuration benefits of site-to-site auto VPN.
  • Securely connect branch sites with a physical MX appliance to resources in public cloud environments in two clicks with Auto VPN. 
  • Extend SD-WAN to public cloud environments for optimized access to business-critical resources. 
  • An optimal path can be maintained using Dynamic Path Selection, for traffic destined for regular servers in a data center behind a physical MX, or virtual servers behind a virtual MX.

Read next: The Home SD-WAN and SASE Markets are Rapidly Expanding

Drew Robb
Drew Robb has been a full-time professional writer and editor for more than twenty years. He currently works freelance for a number of IT publications, including eSecurity Planet and CIO Insight. He is also the editor-in-chief of an international engineering magazine.

Latest Articles

Follow Us On Social Media

Explore More