Does Security Belong Near Endpoints?
Let’s talk about Hybrid WAN or SD-WAN. I do want to start by considering the general state of SDN. Briefly.
When will Software Defined Networking (SDN) reach a broad market? That time is coming. As I’ve been saying, most organizations don’t want to be in the software development business in order to automate their networks. Nor do they want software integration “science projects”. They want solutions. We’re starting to see a lot more marketing of solutions now, with less mention (perhaps) of SDN, programming, automation toolkits. Examples: Cisco ACI or APIC-Enterprise. VMware NSX.
One of the key items required in a next-generation solution is innovation. There’s a growing shortage of skilled technical people, and not just in networking. Businesses need to be able to operate their network (and servers, storage, etc.) with people they can afford to hire. So automation solutions (SDN) need to innovate and add simplicity. The ones that don’t work or are overly complex are going to fail in the long run.
As an example, there are several current (pre-SDN) products I won’t name that provide GUI templates for configuring routers. Does that really help? It may help some if the templates leverage, say, CSV files to automate deployment across several devices. I don’t see templates as all that helpful when all it does is embodies the CLI in a GUI template, however. Where’s the innovation in that?
SDN Central says the solution is vendor solutions with partnerships.
Well, maybe. More narrowly scoped solutions strike me as where the bulk of customers’ interest lies right now.
As witnessed at Network Field Day 9, there is a hotbed of innovation occurring right now in the Hybrid WAN or SD-WAN space. I’m still trying to learn the players. In the hope that it helps, I will list those I know about and provide brief comments and some links.
The other thing to note is that all these vendors have boxes: routers or appliances. One big question is how well they play with existing infrastructure. Are they replacement routers? Do they play well with BGP, OSPF, or (gasp) “Open EIGRP” to integrate with existing routers and failover strategies?
Innovative vendors and startups:
WAN optimization vendors have realized they potentially have visibility into WAN traffic and can do smart things with that, to add value for the customer. Unified Threat Management (UTM) is one of them. While that’s neat, I look for smart path selection and preferably central control as a minimal requirement for being considered an SD-WAN player.
Vendors I identify as coming to SD-WAN from that direction include:
These vendors are (large) enterprise-grade vendors with some degree of centralized management.
Vendors coming from the direction of link bonding:
My current impression is that these vendors are more positioned for the small company end of the market.
This blog is getting to be a bit long, so I’ll leave further research and comments for another time.
Hint for vendors: if I have to register to get basic information about your product, I often go elsewhere instead. Why should I have to dig to find out what your solution does, whether it seems to fit my need, or how it stacks up against your competition? I don’t want to be hounded by salespeople following up the alleged lead. At least provide a checkbox for “please don’t call”!
Comments are welcome, both in agreement or informative disagreement with the above, and especially good questions to ask the NFD9 vendors! Thanks in advance!
Vendors that consider themselves to be in the SD-WAN space that aren’t listed above: please add a brief comment about yourself!
The Network Field Day 9 (#NFD9) web page has a long list of related links to the various sessions. I’ve pulled out the SD-WAN related ones below, along with some other links. The recorded sessions from #NFD9 can be found on YouTube and Vimeo. The video recorded presentations by CloudGenix and VeloCloud can be easily found there.
Hashtags: #NetworkFieldDay, #NFD9, #CloudGenix, #VeloCloud, #GlueNetworks #CiscoChampion #NetCraftsmen
(As a courtesy to two of the #NFD9 vendors, I’ve included links relating to their NFD9 sessions above.)
Does Security Belong Near Endpoints?
Replicating at Speed
Practice Safe BGP
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.