There are baseline security and connectivity requirements for any SD-WAN service, and then there are optional, emerging product capabilities that indicate how the market is maturing and customer requirements are expanding.
Artificial Intelligence (AI) networking support – such as for proactive remediation and incident management – is one of those optional capabilities, according to Gartner, which released its latest analysis of the SD-WAN vendor landscape.
There’s a trend toward AI capabilities that enable networking decisions to be made with little or no human intervention. These capabilities can help enterprises to streamline network design, configuration and ongoing management as well as increase agility and improve performance, according to Gartner.
The research firm predicts that by 2026, generative AI technology embedded in SD-WAN offerings will be used for 20 per cent of initial network configuration, up from near zero in 2023.
“Although it is still early in many vendors’ product development, we are seeing this functionality incorporated into an increasing number of vendor solutions offering differentiation. The longer-term challenge will be customer trust in using such solutions,” Gartner wrote in its new Magic Quadrant for SD-WAN.
Among the vendors that are working to build AI networking support into their respective SD-WAN products is Fortinet. “Fortinet’s planned innovations in GenAI and ‘as a service’ consumption models have an above-average chance of delivering game-changing capabilities to the market,” Gartner wrote.
Huawei, dubbed a challenger in the field of SD-WAN vendors, is expected to invest in its AI-driven predictive route selection and AI-based IoT terminal authorization and access over the next 18 months, Gartner said. Versa Networks, too, has a product roadmap that aligns with emerging requirements for AI networking, according to the report.
Another trend that’s influencing the SD-WAN market is the shift toward secure access service edge (SASE) offerings. According to Gartner’s definition, SASE combines five major technologies: cloud-access security broker, secure web gateway, zero-trust network access, integrated SD-WAN, and firewall as a service.
Security service edge (SSE) is a security-focused subset of SASE, and it typically includes CASB, SWG, and ZTNA.
In the big picture, the SD-WAN market is evolving toward single-vendor SASE, as five technologies converge: SD-WAN, SSE, enhanced internet/WAN backbone, cloud onramp, and multicloud networking. Getting the full SASE stack from a single vendor can simplify deployment and management, but it can be complicated by factors such as an enterprise’s existing multi-vendor SD-WAN environments and poor WAN visibility.
“Today, we primarily see SD-WAN and SSE offerings being integrated and deployed as dual-vendor SASE. This is largely driven by the move to distribute internet access to support cloud applications and change the security perimeter. This goes along with the deployment of SD-WAN at branch locations to manage the internet transport,” the report states.
“As part of a desire to minimise branch sprawl and support access to the cloud, we observe more organizations looking for integrated cloud-delivered security and thin branch SD-WAN solutions.”
By 2026, 60 per cent of new SD-WAN purchases will be part of a single-vendor SASE offering, up from 15 per cent in 2022, Gartner predicts.
Meanwhile, the SD-WAN market continues to grow. Gartner forecasts a compound annual growth rate (CAGR) of 14.6 per cent in end-user spending on SD-WAN from 2022 through 2027, with market penetration of about 60 per cent in 2023.
One driver for SD-WAN market growth is aging infrastructure. Existing branch office router equipment or first-generation SD-WAN equipment needs a refresh either because it has reached the end of its support lifecycle, or it lacks the necessary capabilities for today’s connectivity.
Also, application rollouts with changing traffic patterns are increasing the use of cloud and multicloud resources, which is making on-premises data center WAN architecture obsolete, according to Gartner.
Organisations are also consolidating branch functions such as routing and security, and IT leaders are considering SD-WAN investments to increase scalability, agility, and automation to support digital business transformation and reduce operating expenses, Gartner says.
Leading the SD-WAN pack
Based on its evaluation criteria, Gartner classified six vendors as leaders in the SD-WAN market, one challenger, one visionary, and six niche players. Here’s a look at the strengths and weaknesses of the leaders, which Gartner defines as those vendors that have well established products, long-term viability, and the ability to shape the SD-WAN market.
Two products, Cisco Catalyst SD-WAN and Cisco Meraki SD-WAN, help land the vendor on the leader list. With high market visibility and a loyal installed base, Cisco is in a good position for future success with a product strategy that includes AI networking, integrated security, and cloud onramp. Cisco is estimated to have 46,000 SD-WAN enterprise customers globally.
Yet Gartner identifies Cisco’s multiple SD-WAN products as a potential caution for the vendor, because the separate products with different management platforms limits investment protection for customers. And Cisco’s customer experience is below average, based on Gartner client interactions.
Fortinet’s Security SD-WAN product is singled out for its strong features focused on integrated security. Coupling security with its SD-WAN offering provides Fortinet customers with a simplified approach. Also, as noted before, Gartner says Fortinet’s plans around generative AI and as-a-service consumption could deliver game-changing capabilities to the market.
Still, Fortinet has a few hurdles to clear, according to Gartner. Some clients have expressed doubt about Fortinet’s ability to meet complex enterprise networking requirements, and Gartner reports customer experience with Fortinet is below average. Fortinet also has limited integrations with third-party SSE vendors, Gartner says.
HPE Aruba’s SD-WAN offerings, Aruba EdgeConnect SD-WAN (with optional WAN optimisation) and Aruba EdgeConnect SD-Branch, are both managed through the Aruba Central platform. This vendor has high ratings with customer experience and a proven track record of delivering cloud and SSE integrations as well as new consumption models when needed, Gartner says.
Gartner identifies HPE Aruba’s multiple products that apply to different use cases as a potential caution with customers who could select the wrong offering for their business. Also, Gartner finds HPE Aruba’s planned innovation in its unified fabric and single-vendor SASE functionality “unlikely to delivery game-changing capabilities” to the market.
Palo Alto Networks
Palo Alto Networks’ Prisma SD-WAN offering includes Instant-On Network (ION) edge appliances and orchestration, and the vendor also offers the PAN-OS branch firewall with limited SD-WAN capabilities. Gartner highlights Palo Alto Networks’ “recent and planned innovations in AIOps, visibility, and granular policy control” as having the potential to bring game-changing capabilities to the market.
Potential challenges for this vendor include its high SD-WAN pricing, lack of performance optimisation capabilities, and multiple SD-WAN products, which can introduce some market confusion, according to Gartner. “Customers are required to choose between a strong on-premises security offering with limited SD-WAN functionality or a strong SD-WAN offering with limited on-premises security functionality,” the report states.
Versa Networks’ two offerings, Secure SD-WAN and Versa Titan, are built on the same platform with the latter being delivered as a cloud-based offering. Gartner estimates that the company has some 24,000 SD-WAN enterprise customers globally and expects the vendor to invest in AI, observability, and multicloud support in the next 18 months, which could bolster its already strong product portfolio.
Still, Gartner cautions that the two-product strategy could lead to some confusion among customers because they offer different capabilities, making it possible customers will select the wrong offering. Also, Gartner pinpoints pricing as an issue for this vendor, which could make its Secure SD-WAN product more difficult to procure for some IT buyers.
VMware SD-WAN includes Edge appliances, optional gateway points of presence, software licenses, and a cloud-based orchestrator. Gartner estimates that VMware has about 18,000 SD-WAN customers globally, and the vendor is expected to make future investments in SD-WAN Cloud Transport that would integrate multiple capabilities into a single platform. Gartner also expects VMware to invest more in AI-based digital experience assurance and analytics.
Even with its expected investments, Gartner states that VMware lags behind “in terms of integrated security features natively available in its on-premises appliances.” VMware also lacks a native SD-brand offering integrating WLAN, LAN, network security, and SD-WAN into a single platform, Gartner says.