Should you choose Intelys & Arctic Wolf Security Operations to alleviate, remediate and remove your security pains?
Cybersecurity has an effectiveness problem. Organisations spend over $165 billion each year on cybersecurity, while attacks continue to increase in number and evolve in complexity. Last year was another record-breaking one for data breaches, with reports of massive hacks and huge ransomware demands dominating headlines.
If you ask us, the old ways of protecting your data just don’t work.
Arctic Wolf® security operations solutions and Intelys offer organizations a better way.
We strip out complexity in your environments and leverage your existing tools to deliver truly effective and fully managed cybersecurity, helping you advance along your security journey and end cyber risk for your organization.
How do we do it?
By alleviating, remediating and removing what Arctic Wolf call the six pillars of cybersecurity pain.
1. Alert Fatigue
While tools can enhance protection and visibility, they also generate a massive volume of events and alerts. And therein lies the problem. When faced with a deluge of potential attacks, security analysts can quickly become overwhelmed. In fact, many attacks succeed not because a tool failed to raise an alert, but because the alert was missed or ignored by an analyst. This operating environment of all noise and no signal is known as cybersecurity alert fatigue, and it has real costs for the professionals and businesses impacted by it.
Arctic Wolf Managed Detection and Response® works with your existing tech stack to immediately begin monitoring your environment, ensuring proactive and dynamic detection and response to threats, intrusions, and attacks. Organisations receive timely and actionable intelligence from an always-available team of expert security analysts—without the overwhelming noise of endless false positives.
2. Staff Shortages
Finding, training, and retaining cybersecurity talent has long been a challenge for most organisations, but the problem was exacerbated by the “Great Resignation” of 2021, with 80% of organisations unable to fulfill their target headcounts for security staff.
Arctic Wolf’s Concierge Security® delivery model fills in the staffing gaps, acting as a force multiplier to your existing security team. If you don’t have a security team, you gain instant access to security professionals that are otherwise difficult, if not impossible to find. Our Concierge Security experts continuously monitor security events enriched and analysed by the Arctic Wolf® Platform to provide your team with coverage, security operations expertise, and strategically tailored security recommendations that continuously improve your overall posture and ease the workload of already taxed IT professionals.
3. Vulnerabilities and Security Gaps
The task of effectively managing and remediating vulnerabilities is becoming increasingly difficult for already taxed security teams. Often, even fundamental information like what assets exist, which systems have vulnerabilities, and which systems are misconfigured is difficult to obtain. The growing attack surface compounds cyber risks for organisations. The implementation of new digital initiatives, the adoption of the Internet of Things (IoT), and the continued move to the cloud help drive innovation—but at the cost of increased exposure to threats.
Most organisations are unable to accurately account for assets or fully monitor their environment. This leads to gaps in posture that leave the door open to attackers. After all, if you can’t see it, you can’t protect it.
Arctic Wolf Managed Risk® enables you to discover, assess, and harden your environment against digital risks by contextualizing your attack surface coverage across your networks, endpoints, and cloud environments. Arctic Wolf provide around-the-clock monitoring for vulnerabilities, system misconfigurations, and account takeover exposure, helping ensure you are benchmarking against configuration best practices and continually hardening your security posture.
Our Concierge Security Team will work with you to deploy the Arctic Wolf® Platform, install the Arctic Wolf Agent®, integrate critical data points, configure Cloud Security Posture Management, and build an understanding of your network through internal, external, and host-based vulnerability assessments. Arctic Wolf catch risks other vulnerability scanners miss, like software defects, system misconfigurations, and corporate credential exposure, helping you close the gaps in your environment.
4. Compliance and Regulation Challenges
Compliance is an important part of a cybersecurity program. Heavily regulated industries are often a bigger target for cybercriminals because of their highly valuable data (e.g., patient data in healthcare, financial data in banking, identity data in government). The purpose of cybersecurity laws and regulations are to ensure that organizations take the right steps to protect this data. And regardless of what industry you’re in, you need to comply with privacy laws, GDPR, POPIA, and other regulations that apply to all sectors.
While meeting compliance requirements doesn’t guarantee that your organisation is secure, it provides you with a solid foundation for security practices. Not to mention that non-compliance may lead to fines and other penalties.
Arctic Wolf creates a custom security strategy for your organisation’s specific needs. Through our concierge approach, Arctic Wolf help you meet and maintain industry regulatory obligations, all while working around the clock to keep your organisation safe.
5. Human Error
While security technology is constantly improving and becoming more difficult to circumvent, human nature doesn’t change. Cybercriminals know that it’s much easier to trick people than machines — and they use social engineering schemes like phishing to accomplish this. According to Verizon’s 2022 Data Breach Investigation Report, 82% of all breaches involved the human element, meaning that improperly informed and prepared employees are a major threat to organisations.
Arctic Wolf® Managed Security Awareness prepares your employees to recognise and neutralise social engineering attacks and eliminate human error. Through fun, fresh and constantly updated microlearning sessions, Arctic Wolf address the most common cyberthreats by influencing behaviour and fostering a security culture.
6. Tool and Technology Complexity
Many organizations resort to adding more security tools in an attempt to keep pace with cybercriminals and secure ever-expanding attack surfaces. Rather than reducing risk and increasing efficiency, however, the addition of more tools increases complexity and reduces effectiveness. Plus, properly integrating tools is a time-consuming task that can only be accomplished if your tools are interoperable, and there’s often little incentive for vendors to create tools that integrate and communicate with one another.
Arctic Wolf Managed Detection and Response is vendor-agnostic and works with your existing tech stack to immediately begin monitoring your environment, ensuring proactive and dynamic detection and response to threats, intrusions, and attacks. Built on an open XDR architecture, the Arctic Wolf® Platform provides real-time, continuous monitoring, and threat hunting on your network. And Arctic Wolf do all that for a predictable monthly cost far below what you would spend to stand up your own in-house security operations centre.
If you’re ready to start knocking down your own pain pillars and embrace managed security operations solutions, we’re ready to help.
Get in touch at firstname.lastname@example.org to explore whether or not an Intelys / Arctic Wolf Security Operations solution is right for your business.
We have cemented our relationship with Arctic Wolf and added them as a vendor partner to augment and compliment our already robust cyber security solution offering.
Arctic Wolf has a novel approach to cyber security with their Security Operations Cloud and Concierge Security model.
The Arctic Wolf platform
Spanning thousands of installations, the Arctic Wolf® Platform processes over 2 trillion security events weekly. Built on an open XDR architecture, the platform collects and enriches endpoint, network, and cloud telemetry, and then analyzes it with multiple detection engines. Machine learning and custom detection rules then deliver personalized protection for your organization.
While other products have limited visibility, the vendor-neutral Arctic Wolf® Platform enables broad visibility and works seamlessly with existing technology stacks, making it easy to adopt while eliminating blind spots and vendor lock-in.
Concierge Delivery Model
Arctic Wolf invented the concept of Concierge Security®. With this delivery model, we pair a team of our security operations experts directly with your IT or security staff. Your Concierge Security® Team gives you 24×7 eyes-on-glass coverage. We work with your team on an ongoing basis to learn your security needs so that they can tune solutions for maximum effectiveness and ensure that your security posture gets stronger over time. The Concierge Security® Team combines deep security operations expertise with an understanding of your environment to deliver better outcomes. We take on tactical actions like threat hunting and alert prioritization, and strategic tasks like security posture reviews and risk management.
Dax Andrews, our General Manager of Sales, had this to say:
As a specialist networking and network security business our evolution has been witness to the convergence of the network and security landscape. With that, so too has our business progressed into a niche network security partner.
Selecting a relevant vendor to align with our own strategy, vision and existing partner investments is an important part of our success along with the continued improvements in the customer environments we work in. Augmenting the layers of security services and solutions we offer helps us further entrench the skill we value so much.
When it came to Arctic Wolf, the cultural and strategic alignment was a great fit, and accelerated the conversations we were already having with our customers. With Arctic Wolf being a well-established and proven player in the global market it makes complete sense for us to announce the partnership in the local market.
With Arctic Wolf driving accelerated expansion within South Africa we are in the process of building out an effective eco-system to support our customers. Intelys were an immediate fit for Arctic Wolf by focusing on the customer value and driving a consultancy approach with their customers.
Arctic Wolf and Intelys can ensure customers receive a full 24×7 security operations service offering while receiving a personalized experience. We welcome Intelys to the “pack” and are looking forward to growing together.
We look forward to making the unique solution offerings of Arctic Wolf available to our customers, and believe that they will add incredible value.
I&O leaders responsible for networking are selecting products to connect branches and remote workers to applications and other enterprise locations. They should select software-defined WAN and, increasingly, secure access service edge to connect enterprise sites to cloud workloads securely.
Strategic Planning Assumptions
By 2025, 50% of new software-defined WAN (SD-WAN) purchases will be part of a single-vendor secure access service edge (SASE) offering, which is a major increase from 10% in 2022.
By 2026, 30% of new SD-WAN procurements will be in some form of network as a service (NaaS), which is a major increase from near 0% in 2022.
By 2025, 40% of enterprises with SD-WAN deployments will use artificial intelligence (AI) functions to automate Day 2 operations, compared with fewer than 10% in 2022.
SD-WAN products replace traditional branch routers. They provide dynamic path selection, based on business or application policy, centralized policy and management of appliances, virtual private network (VPN), and zero-touch configuration. SD-WAN products are WAN transport-/carrier-agnostic, and create secure paths across WAN connections. SD-WAN products can be hardware-/software-based, managed directly by enterprises or embedded in a managed service offering.
Common attributes with SD-WAN offerings include the following:
Form factors for branch, data center and cloud locations
Hardware with integrated software
Software deployed on third-party hardware as a virtual network function (VNF), virtual machine (VM) or container
Software deployed in the public cloud
Orchestrator (on-premises or in cloud)
Configuration (zero-touch configuration)
Advanced security (e.g., Layer 7 firewalls, URL/content filtering, antivirus, secure web gateways [SWGs], cloud access security brokers [CASB], zero trust network access [ZTNA] and data loss prevention [DLP]), either on-premises or cloud-delivered to form a SASE offering
Service chaining capabilities with third-party solutions
Cloud gateways for service insertion and simplified cloud connectivity
Application performance optimization capabilities (e.g., forward error correction [FEC], packet duplication, WAN optimization and SaaS optimization)
Extended orchestration beyond SD-WAN to include wireless LAN (WLAN)/LAN/security to form SD-branch
AI networking support for proactive remediation and incident management
Small, low-cost SD-WAN form for remote workers
Figure 1: Magic Quadrant for SD-WAN
Source: Gartner (September 2022)
Vendor Strengths and Cautions
Barracuda is a Niche Player in this Magic Quadrant. It has two SD-WAN products, CloudGen Firewall and CloudGen WAN, with hardware appliances and software with orchestration and management. CloudGen Access is a ZTNA solution optionally delivered with CloudGen WAN. CloudGen Firewall has been its traditional offering, with CloudGen WAN a newer solution. Barracuda is based in California, and Gartner estimates it has more than 11,000 SD-WAN customers. It operates mainly in North America and Europe, the Middle East and Africa (EMEA), primarily with smaller customers and selected verticals. We expect Barracuda will continue to invest in ZTNA, SASE, cloud-based reporting, and extended detection and response (XDR).
KKR completed its acquisition of Barracuda in August 2022. Any analysis during the research process reflected Barracuda’s prior ownership by Thoma Bravo. Gartner will provide additional insight and research to clients as more details become available regarding the acquisition.Strengths
Positive Customer Experience: Barracuda has an above-average customer experience score, primarily based on Gartner client inquiry analysis, compared with other vendors in this research.
Competitive Pricing: Barracuda’s pricing is often lower, compared with other vendors in this research, which is attractive for cost-conscious organizations.
Solid On-Premises Security: Barracuda has an above-average, on-premises security solution for those customers that want SD-WAN integrated with security in a single solution.
Below-Average Market Visibility: Barracuda has low market visibility, based on Gartner client inquiry volume, gartner.com search and overall social media conversations about the vendor.
Lack of Third-Party SSE Integrations: Barracuda lacks integration with security service edge (SSE) vendors, which limits its end-user experience for customers that want to separate their cloud security vendor from their SD-WAN vendor.
Limited CloudGen WAN Adoption: Barracuda’s CloudGen WAN offering has limited adoption as it formerly relied on customers having a presence in Microsoft Azure.
Cisco is a Leader in this Magic Quadrant. Cisco’s offerings include Cisco SD-WAN powered by Viptela and Cisco SD-WAN powered by Meraki. The platforms are separate and provide SD-WAN appliances with optional integrated security feature sets, the requisite management and orchestration, with the option to supplement security via Umbrella Secure Internet Gateway. Cisco is based in California, and Gartner estimates that it has more than 43,000 SD-WAN customers. Its operations are global, and it serves clients of all sizes and verticals. We expect Cisco will continue to invest in its SASE offering, including new consumption models, visibility and predictive insights for cloud traffic, as well as functionality to optimize SaaS and multicloud traffic.Strengths
Comprehensive Sales Channels: The vendor has a massive channel, increasing the likelihood that customers can access Cisco technology.
Innovation: Cisco has a solid roadmap for product and innovation that aligns with emerging customer requirements, such as single-vendor SASE, new consumption models and AI networking.
Strong Marketing Execution: Cisco has strong marketing and a large, loyal installed base, which helps it remain visible on client shortlists.
Multiple Platforms: Cisco’s Viptela and Meraki SD-WAN platforms are separate offerings, with limited integration, which increases the likelihood of a suboptimal investment and/or limits investment protection.
Average Product: Cisco’s Meraki and Viptela SD-WAN products score about average, primarily based on security, deployment flexibility, SD-WAN and application performance optimization capabilities, compared with other vendors in this research.
Average Customer Experience: Cisco’s customer experience score is average, based on Gartner client inquiries, Gartner Peer Insights data and Net Promoter Score (NPS), compared with other vendors in this research.
Citrix did not respond to requests for supplemental information or to review the draft contents of this document. Therefore, Gartner’s analysis is based on other credible sources, including client inquiries, past information shared by the vendor, reviews of public statements, its website and other publicly available data sources.
Citrix is a Niche Player in this Magic Quadrant. Its product, Citrix SD-WAN, includes physical and virtual appliances, and Cloud Direct service managed via the Citrix SD-WAN Orchestrator. Citrix is based in Florida, and Gartner estimates that it has more than 1,700 SD-WAN customers. It also includes Secure Internet Access (SIA) and Secure Workspace Access (SWA) as part of its broader SASE offering. The vendor operates globally and addresses customers of all sizes and in all verticals. Based on the most recent available data, we expect the vendor to invest in enhanced SASE capabilities, higher throughput for cloud and data center appliances, a personal-software-based SD-WAN appliance, and IPv6 dynamic routing.
Affiliates of Vista Equity Partners announced their intention to acquire Citrix in January 2022. As of the date of publication of this Magic Quadrant, Citrix met the inclusion criteria and continued to operate as an independent entity. Gartner will provide additional insight and research to clients as more details become available regarding the acquisition.Strengths
Market Responsiveness: Citrix was one of the early vendors to enter this market, and it has consistently delivered features, such as cloud integrations, on time.
Solid Product: Citrix has a broad set of capabilities, including SD-WAN, application performance optimization and security, that address most customers’ needs.
Incumbency: The vendor has a large installed base of customers using other Citrix products, such as Citrix Workspace, which yields opportunities to expand its customer base in this market.
Market Uncertainty/Viability: Based on feedback from clients in Gartner inquiries, Citrix’s commitment to the SD-WAN market is in question. Furthermore, Citrix has reduced the size of critical engineering staff, signaling its intent on scaling back the business.
Limited Sales/Marketing Strategy: Citrix’s go-to-market strategy is limited globally (even in North America) with service providers, which affects its ability to reach clients and grow.
Uncertain Product Strategy: Citrix’s product roadmap is unclear and, coupled with the reduced size of the technical team, Gartner has low confidence that it will meet future enterprise requirements.
Cradlepoint is a Niche Player in this Magic Quadrant. Its offering is the Cradlepoint NetCloud service, E Series of SD-WAN routers and NetCloud Exchange Service Gateways. Cradlepoint, acquired by Ericsson in November 2020, is based in Idaho, and Gartner estimates that it has more than 10,000 SD-WAN customers. In this market, its operations are primarily focused in North America; however, it is expanding globally, with a concentration on wireless WAN use cases in specific verticals, such as retail, transportation and public safety. We expect Cradlepoint to make future investments in application performance over 5G and user-identity-based security.Strengths
Positive Customer Experience: Cradlepoint has a high customer experience score, primarily based on Gartner client inquiries, compared with other vendors in this research.
Strong Vertical Focus: Cradlepoint has strong adoption in traditional cellular wireless verticals, such as retail, transportation and public safety.
Focused Marketing Strategy: Cradlepoint has a focused marketing strategy to reach end buyers with a specific target profile, which results in it scoring above average, compared with other vendors in this research.
Product Limitations: Cradlepoint’s product and product strategy doesn’t align with enterprises that don’t require cellular wireless as the driver of their WAN requirements.
Limited Market Visibility: Cradlepoint has limited SD-WAN market visibility, based on Gartner client inquiries and online conversations among enterprise users.
Slow Market Responsiveness: Cradlepoint has been slow to address key customer requirements, such as supporting turnkey connectivity to cloud providers.
Forcepoint is a Niche Player in this Magic Quadrant. Its offering is the FlexEdge Secure SD-WAN physical or virtual appliance with FlexEdge Secure SD-WAN Manager, and optional integrated next-generation firewall (NGFW) and optional Forcepoint ONE security. Forcepoint is based in Texas, and Gartner estimates that it has more than 2,000 SD-WAN customers. Although the vendor operates globally, it has more presence in EMEA and the Asia/Pacific region, and focuses on the retail, banking, healthcare and government verticals. We expect the vendor to invest in application health monitoring, enhance its SASE solution and deliver cloud-based orchestration during the next year.Strengths
Comprehensive On-Premises Security Capabilities: Forcepoint has a broad set of security capabilities for those customers that want to integrate SD-WAN and security into a common solution.
Incumbency: Forcepoint has an existing incumbency with its traditional NGFW security solutions, giving it access to new customers for its SD-WAN solution.
Geographic Expansion: Forcepoint is focused on geographic expansion with more presence in North America, which will make it more applicable to enterprise buyers.
Low Market Visibility: Forcepoint has low SD-WAN market visibility, based on client inquiries and search on gartner.com.
Below-Average Product Scores: Overall product scores for Forcepoint’s solution ranked below average, based on SD-WAN, cloud features and application performance optimization capabilities, compared with other vendors in this research.
Limited Demonstrated Scalability: Forcepoint doesn’t have as many large customers by branch site count, compared with other vendors in this research.
Fortinet is a Leader in this Magic Quadrant. Its FortiGate Secure SD-WAN product includes FortiGate appliances and virtual appliances with broad on-premises and cloud-based security functions managed with the FortiManager Orchestrator. Fortinet is based in California, and Gartner estimates that it has approximately 19,000 SD-WAN customers. It operates globally and addresses customers across most verticals and sizes. Similarly, it offers multiple purchasing options, including FortiTrust, a consumption-based solution that allows customers to scale security services up or down, independent of hardware. We expect the vendor to continue investing in SASE, predictive AI for IT operations (AIOps) and SaaS monitoring with digital experience management (DEM) tools.Strengths
Integrated Security: Fortinet offers an integrated security solution with both on-premises and SSE functionality.
Innovation: Fortinet’s roadmap has some potentially innovative capabilities, such as new SASE consumption models, as well as implementing an enhanced internet backbone.
Healthy Viability: Fortinet has one of the higher viability scores of all vendors in this research due to strong financials and a commitment to this market.
Average Customer Experience: Fortinet’s customer experience is about average, based on client inquiry, Gartner Peer Insights data and NPS, compared with other vendors in this research.
Limited Mind Share on Networking: Large global clients continue to question Fortinet’s ability to meet complex enterprise networking requirements.
Limited Third-Party SSE Integrations: Fortinet isn’t committed to integrations with third-party SSE vendors, which limits enterprise choice when deploying a SASE architecture.
Hewlett Packard Enterprise (Aruba) is a Leader in this Magic Quadrant. HPE’s SD-WAN offerings include Aruba EdgeConnect Enterprise (formerly Silver Peak) and Aruba EdgeConnect SD-Branch, which provide physical and virtual appliances, and the requisite management and orchestration. Both products are managed through the Aruba Central ESP orchestration platform. HPE (Aruba) is based in Texas, and Gartner estimates that it has nearly 4,000 SD-WAN customers. Its operations are global, and it serves clients of all sizes and verticals. We expect HPE (Aruba) to continue investing in security enhancements to its broader SD-branch offering, enable AI-based insights, add support for 5G and further integrate Aruba EdgeConnect into HPE GreenLake.Strengths
Market Responsiveness: HPE (Aruba) has shown a proven track record of delivering capabilities such as cloud integrations to the SD-WAN market when they are needed.
Comprehensive Partner Integrated Cloud Security: The vendor has automated orchestration with leading SSE vendor offerings, which provides flexible choices for enterprises, yet still delivers the perception of an integrated solution.
Innovation: HPE (Aruba) is driving customer conversations around new flexible consumption models — which it refers to as NaaS — with its SD-branch HPE GreenLake offering, and is changing perceptions about how networks are consumed.
Incomplete Security Roadmap: HPE (Aruba) doesn’t have a plan to deliver native SSE functionality, which will reduce its relevance in the market as more SD-WAN decisions are driven by single-vendor SASE offerings.
Below-Average Customer Experience: HPE (Aruba) has a below-average customer experience score, based on Gartner client inquiries, Gartner Peer Insights data and NPS, compared with other vendors in this research.
Limited Geographic and Vertical Strategy: The vendor’s geographic and vertical strategies are limited, compared with other vendors in the research, which will limit its ability to address certain customer requirements.
Huawei is a Challenger in this Magic Quadrant. Its offering includes NetEngine AR series physical and virtual routers, along with security and orchestration functionality. It also offers the HiSecEngine USG series security gateways that address some SD-WAN use cases where strong security is required. Huawei is based in Shenzhen, China, and is estimated to have more than 25,000 SD-WAN customers. The vendor focuses on China specifically and selective countries in the Asia/Pacific, EMEA and Latin American regions. Huawei addresses customers of all sizes and verticals. We expect the vendor to continue investing in a new cloud gateway router, SRv6 and native in-line compression.Strengths
Solid Product Capabilities: Huawei’s product scores are above average, primarily based on SD-WAN, scalability and small platform flexibility, compared with other vendors in this research.
Strong Viability: Huawei has above-average financial viability, compared with other vendors in this research.
Competitive Pricing: Huawei’s pricing is often lower, compared with other vendors in this research, which is attractive for cost-conscious organizations.
Limited Innovations: Huawei’s expected future innovations, such as SRv6, lack an ability to drive and lead the market.
Lack of a Global Market Presence: Huawei doesn’t meaningfully address organizations in the U.S., Canadian, U.K., Australian and Indian markets, due to geopolitical issues, which limits the vendor’s ability to grow.
Slow Market Responsiveness: Huawei has been slow to address key functionality, such as supporting cloud integrations, as well as integrations with SSE vendors.
Juniper Networks is a Visionary in this Magic Quadrant. Its offering is Juniper SD-WAN driven by Mist AI, which includes Session Smart Routers, WAN Assurance and Marvis Virtual Network Assistant. It also offers the SRX solution for specific use cases. Juniper Networks can add SSE capabilities to deliver SASE as part of its Secure Edge offering. Juniper Networks is based in California, and Gartner estimates it has more than 1,900 SD-WAN customers. It operates globally, focusing on the North American, EMEA and Asia/Pacific regions, addressing companies of all sizes in most verticals. We expect Juniper Networks to continue investing in its AI-driven predictive traffic engineering, converged AIOps/SASE and congestion-based load balancing for cloud applications.Strengths
Solid Product Strategy: Juniper Networks has a solid product roadmap that aligns with emerging customer requirements, such as single-vendor SASE and AI networking.
Above-Average Product: Juniper Networks’ product scored above average, compared with other vendors in this research, which makes it applicable to most enterprise use cases.
Strong Viability: Juniper Networks has one of the higher viability scores of all vendors in this research due to strong financials and a commitment to this market.
Below-Average Sales Execution: Juniper isn’t as widely available, compared with most vendors in this research, based on narrow channels, higher observed pricing and overall limited market share.
Low Market Visibility: Juniper SD-WAN doesn’t come up in Gartner client inquiries or appear on shortlists, compared with some other vendors in this research.
Limited Cloud Security Integrations: Juniper has limited integrations with third-party SSE vendors, which adds complexity for organizations that want a tightly integrated multivendor SASE operational experience.
Nuage Networks from Nokia is a Niche Player in this Magic Quadrant. Its offering is Virtualized Network Services (VNS), which is typically deployed as a cloud-managed service but can be deployed on-premises as well. It includes Network Services Gateways (NSG), with corresponding software. Nuage Networks is based in California and is a division of publicly traded Nokia, based in Espoo, Finland. Gartner estimates that it has approximately 3,500 SD-WAN customers. It operates globally and primarily through carrier channels addressing customers of all sizes and most verticals. We expect Nuage Networks to make future investments in third-party SSE integrations, as well as mobile/wired service-edge functions.Strengths
Solid Customer Experience: Nuage Networks has an above-average customer experience score, primarily based on Gartner client inquiries, compared with other vendors in this research.
Partner-Enabled SASE: Nuage Networks scores well, compared with other vendors in this research, with integrating with third-party SSE solutions.
Integration With Service Providers: Nuage Networks has a deep integration with selected service provider partners, which is relevant for enterprises that want to leverage SD-WAN managed services from a carrier.
Limited Innovation: Based on Gartner’s assessment, Nuage Networks has limited innovation going forward, such as focusing on integrations with third-party SSE vendors and mobile operators, which is unlikely to attract new enterprise buyers.
Low Market Visibility: Nuage Networks has low market visibility, based on Gartner client inquiries, searches on gartner.com and Google, and overall evaluation of social media analysis.
Narrow Go-to-Market: Nuage Networks is overly reliant on a limited number of service provider channels and has limited exposure to do-it-yourself (DIY) customers, which limits the vendor’s appeal to all customer segments.
Palo Alto Networks
Palo Alto Networks is a Leader in this Magic Quadrant. Its leading offering is Prisma SD-WAN, which includes Instant-On Network (ION) edge appliances and orchestration (part of its Prisma SASE offering). It also offers the PAN-OS branch firewall with limited SD-WAN capabilities as an upgrade option for existing customers. Palo Alto Networks is based in California, and Gartner estimates it has more than 2,500 SD-WAN customers. It operates globally, focusing on enterprises in all vertical industries and sizes. We expect Palo Alto Networks to continue investing in integrated SASE, predictive AIOps and enhancing support for integrated switchports to enable connectivity for various external devices, such as access points and security cameras.Strengths
Strong SASE Approach: Palo Alto Networks has a strong focus on single-vendor SASE and also third-party integrated SSE vendors, which will align with most customer needs going forward.
Strong Innovation and Product Strategy: Palo Alto Networks’ product strategy and innovations are aligned with future enterprise needs, such as single-vendor SASE, new pricing models and AI networking, and is likely to continue driving the market.
Market Responsiveness: The vendor has been on-time in addressing key customer needs in terms of cloud integrations, as well as SASE.
Below-Average Customer Experience: Palo Alto Networks has a below-average customer experience score based on Gartner client inquiries and Gartner Peer Insights data, compared with other vendors in this research.
Below-Average Sales Execution: Palo Alto Networks’ sales execution is below average, driven primarily by high pricing observed by Gartner and feedback shared in Gartner client inquiries.
Limited On-Premises Security With SD-WAN: Palo Alto Networks lacks a solution that offers a solid SD-WAN solution integrated with on-premises security. Customers are required to choose between a strong on-premises security solution with limited SD-WAN functionality or a strong SD-WAN solution with limited on-premises security functionality.
Peplink is a Niche Player in this Magic Quadrant. It has two product families in this market: Balance for enterprise branch SD-WAN and MAX for Industry and mobility SD-WAN requirements. Both solutions include SpeedFusion software technology and InControl 2 orchestration for management. Peplink is based in Hong Kong, and Gartner estimates that it has more than 17,000 SD-WAN customers. It operates globally across companies of all sizes, with specific verticals focused on wireless WAN use cases. We expect Peplink to continue investing to deliver more SLAs over 4G/5G, expanding SpeedFusion regional coverage and its wider ecosystem, launching a dual 5G router, and integrating with Amazon Web Services (AWS) Wavelength.Strengths
Healthy Viability: Peplink scores above average on financial viability. which shows that it is likely to remain in this market for the foreseeable future.
Strong Geography and Vertical Strategy: Peplink is focused on its targeted geographical expansion and certain verticals to reach organizations that fit its target profile.
Strong Wireless WAN Focus: Peplink also focuses on the wireless WAN market, where cellular wireless is a key component for the enterprise buyer.
Below-Average Product: Peplink’s product has limited appeal for enterprise buyers that are not looking for a wireless WAN solution.
Limited Innovation and Product Strategy: Peplink’s innovation and product strategy is not aligned with typical enterprise buyers in this market.
Slow Market Responsiveness: Peplink has been slow to address cloud integrations and to create a strong SASE strategy that meets clients’ current and future enterprise requirements.
Versa Networks is a Leader in this Magic Quadrant. It has two offerings, with the primary one being the full-featured Versa Operating System (VOS). It can be delivered on the Cloud Services Gateway (CSG) or with third-party hardware. The second offering is VOS with Titan, built on the same platform and delivered as a cloud-based solution for lean IT organizations. Versa Networks is based in California, and Gartner estimates that it has more than 19,000 SD-WAN customers. It operates globally and addresses clients of all sizes and in all vertical industries, primarily through service providers. We expect Versa Networks to make future investments in enhancing its secure SD-WAN offering, improving the throughput options by as much as 100 Gbps and enhancing predictive AI/machine learning (ML) capabilities.Strengths
Solid Product Capability: Versa Networks offers one of the broadest and most capable solutions in this market for both networking and security functions.
Comprehensive Market Understanding: Versa Networks has among the strongest understanding of the SD-WAN market in terms of buyers’ needs.
Aligned Product Strategy: Versa Networks has one of the most complete and comprehensive product strategies, compared with other vendors in this market, to align with current and future customer requirements.
Poor Customer Experience: Versa Networks has a low customer experience score, based on Gartner client inquiries and Gartner Peer Insights data, compared with other vendors in this research.
Product Complexity: Based on client inquiry, the vendor’s solution is one of the more complicated offerings in this research, which may be challenging for some DIY enterprises to manage themselves.
Less DIY Experience: Due to its focus on the service provider channel, Versa Networks has less direct experience with enterprises that prefer a DIY model, compared to other vendors in this research.
VMware is a Leader in this Magic Quadrant. Its offering is VMware SD-WAN, which includes edge appliances, optional gateway points of presence (POPs) and a cloud-based orchestrator. VMware also offers optional SASE cloud security capabilities, of which VMware SD-WAN is a part. The vendor’s operations are global, and it serves clients of all sizes and in all vertical industries. VMware is based in California, and Gartner estimates that it has more than 17,000 SD-WAN customers. We expect this vendor to make continued investments in delivering services from its cloud gateways, integrating with home Wi-Fi solutions, supporting zero trust at the edge and improving throughput offerings.
Solid Product: VMware scores as having one of the top products, primarily based on SD-WAN, cloud and scalability capabilities, compared with other vendors in this research.
Innovation: VMware has a strong roadmap of planned product capabilities, which align with emerging customer requirements, such as single-vendor SASE, service insertion in edge POPs and remote worker offerings.
Strong Market Understanding: VMware has strong internal self-awareness and external expertise regarding customers/competitors, which will help it compete in the long term.
Acquisition Concerns: Customers have expressed concern to Gartner over the pending Broadcom acquisition, citing potential pricing increases and support challenges based on prior Broadcom experiences.
Product Dependency: VMware relies on Menlo Security to deliver multiple cloud security functions, which may limit its ability to respond to customer requirements, particularly around SASE.
Basic On-Premises Security: VMware lags other vendors in this research in terms of integrated security features available in on-premises appliances.
Vendors Added and Dropped
We review and adjust our inclusion criteria for Magic Quadrants as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant may change over time. A vendor’s appearance in a Magic Quadrant one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. It may be a reflection of a change in the market and, therefore, changed evaluation criteria, or of a change of focus by that vendor.
Forcepoint was added because it met the inclusion criteria, based on our assessment and data provided by the vendor.
Riverbed was dropped because it failed to meet the inclusion criteria for adoption, based on our assessment and data provided by the vendor.
FatPipe Networks was dropped because it failed to meet the inclusion criteria for the market momentum index defined by Gartner for this Magic Quadrant, based on our assessment.
Inclusion and Exclusion Criteria
Magic Quadrants and Critical Capabilities identify and then analyze the most relevant providers and their products in a market. By default, Gartner uses an upper limit of 20 providers to support the identification of the most relevant providers in a market. On some specific occasions, the upper limit may be extended where the intended research value to our clients might otherwise be diminished. The inclusion criteria represent the specific attributes that Gartner analysts believe are necessary for inclusion in this research.
To qualify for inclusion, vendors need to show relevance to Gartner clients in the following ways:
Provide products/services that address the enterprise SD-WAN requirements outlined in the Market Definition/Description section of this Magic Quadrant.
Produce and release enterprise SD-WAN products for general availability as of 7 June 2022. All components must be publicly available, shipping and included on the vendors’ published price list as of this date. Products shipping after this date, and any publicly available marketing information, may only have an influence on the Completeness of Vision axis.
Provide commercial support and maintenance for their enterprise SD-WAN products (24/7) to support deployments on multiple continents. This includes hardware/software support, access to software upgrades, security patches, and troubleshooting and technical assistance.
Vendors must have generally available products that support all of the following:
The ability to operate as the branch office router (including BGP, OSPF, support hub and spoke, mesh, and partial mesh topologies with automation for a minimum of a 250-site network) with traffic shaping and/or QoS
Centralized management for devices (with GUI), including reporting, troubleshooting, configuration changes and software upgrades
VPN (Advanced Encryption Standard [AES] 256-bit encryption) with basic firewall
Ability to deliver NGFW, either natively or through a partner
Native cloud security functionality (ZTNA, CASB, SWG, etc.) or the ability to redirect to at least two cloud security vendors
Application-aware path selection based on business or application policy (not limited to only DiffServ Code Point [DSCP]/ports, IPs/circuits or 5-tuple) that responds to network conditions (e.g., changes in packet loss, latency, jitter, etc.) in an active/active configuration
Autodiscover at least 200 well-known application profiles
Visibility of application performance data of traffic delivered across the WAN (e.g., packet loss, latency, jitter, etc.)
Software that can be deployed in at least two cloud provider environments (such as AWS and Microsoft Azure)
Vendors must show relevance to Gartner’s enterprise clients by fulfilling the following with their SD-WAN solutions that meet the product capabilities inclusion criteria (above):
Demonstrate baseline scalability and customer adoption by servicing at least 25 customers with active support contracts that have at least 100 sites each
At least 60,000 SD-WAN sites* deployed and under active support contracts
At least 1,500 SD-WAN customers** under active support contracts
Show relevance to Gartner’s enterprise clients on a global basis with at least one of the two following criteria with product or products that fulfill the product inclusion criteria:
At least 200 SD-WAN customers, headquartered in two or more geographic regions (North America, South America, EMEA or Asia/Pacific) under active support contracts. This means 200 customers with headquarters in one region and another 200 customers with headquarters in a different region for a total of at least 400 customers between the two regions.
At least 100 SD-WAN customers, headquartered in three or more geographic regions (North America, South America, EMEA or Asia/Pacific) under active support contracts. This means 100 customers each with headquarters in three different regions, for a total of at least 300 customers between the three regions.
Rank among the top 20 organizations in the market momentum index defined by Gartner for this Magic Quadrant. Data inputs used to calculate SD-WAN market momentum included a balanced set of measures:
Gartner end-user inquiry volume per vendor
Gartner.com search data
Google trends data
Social media analysis
* SD-WAN sites are defined as branch locations with an SD-WAN device deployed and operating as part of a WAN with features defined in the product inclusion criteria section.
** SD-WAN customers are defined as those that are paying for an SD-WAN solution deployed as part of a WAN with features defined in the product Inclusion Criteria section.
Ability to Execute
Product or Service: Evaluates vendors by looking at their overall SD-WAN networking portfolios, including all hardware and software aspects of SD-WAN networking. We consider the breadth and depth of SD-WAN functions that the vendor offers that address common use cases that enterprise customers have. We consider product and architectural migration strategies, and the ability to address customers’ requirements in the following areas: multicloud, application performance, security, traffic steering, ease of use, agility, manageability and scalability. We focus on the vendor’s flagship enterprise offering and/or the products they lead with for enterprise accounts.
Overall Viability: Includes an assessment of the overall organization’s financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization’s portfolio of products.
Sales Execution/Pricing: Evaluates sales effectiveness and go-to-market activities across geographies and verticals of both the vendor and its channels, and includes analysis of how the vendor interacts with its customers and prospects. The second aspect of this criterion includes our evaluation of the cost-effectiveness of the solutions for purchase and support over their useful life, and the ability to recognize and position the most appropriate solution in specific sales situations.
Market Responsiveness/Record: Assesses the vendor’s track record in delivering new capabilities when the market needs them in terms of on-time with the right scope. This criterion also considers the vendor’s history of responsiveness in terms of changing market demands and addressing limitations. This evaluation is not limited to products as it involves pricing, licensing, operating models, go to market and overall competition dynamics.
Marketing Execution: Focuses on how the vendor is perceived in the market, and how well its marketing programs are recognized. For SD-WAN, the evaluation focuses on how well the vendor is able to influence and shape perception in the market through marketing activities and thought leadership that drives awareness. An additional indicator for this criterion is how often Gartner clients inquire about a specific vendor in terms of capabilities/reputation or in a shortlist evaluation process.
Customer Experience: Looks at all aspects of the customer experience inclusive of pricing, setup, day-to-day production, product features and support. This includes the customer’s experience with the vendor’s SD-WAN products and services used in their production environments. It also includes the ability to upgrade software and working with technical support to solve problems. Hardware and software quality and how existing customers describe their experience with the vendor’s products are also evaluated. Additionally, we assess customer satisfaction, customer loyalty/retention, brand reputation and advocacy, operational quality, and employee engagement.
Table 1: Ability to Execute Evaluation Criteria
Product or Service
Source: Gartner (September 2022)
Completeness of Vision
Market Understanding: Assesses the vendor’s ability to look into the future needs and drive new ideas into product roadmaps and offerings, taking into account market needs and competitor strengths/weaknesses, and identifying new competitors and vendor core competencies. It also involves a vendor self-assessment to determine gaps as well as strengths and weaknesses. In this market, we look at the vendor’s ability to address the challenges associated with distributed branch office locations. This may include, but isn’t limited to, simplifying operations, enhancing application performance, providing robust security, enhancing connectivity to the cloud, go-to-market strategy, vertical strategy, geographical strategy and pricing strategy.
Marketing Strategy: Evaluates the ability of the vendor to influence the market through its messaging and marketing campaigns. This includes the extent to which the vendor articulates a forward-looking marketing message that is clear, consistent, relevant and differentiated, as well as aligned with future end-user needs. We look for new and effective ways that vendors reach customers, evolving customer personas, and how they plan to communicate their message to drive market demand.
Sales Strategy: Evaluates the vendor’s current and proposed use of direct and indirect sales to extend the scope and depth of its market reach. Further, this includes the extent to which the vendor articulates a clear, consistent, relevant and differentiated sales strategy that engages with defined customer profiles. This includes development of effective go-to-market strategies, alliances and partnerships, leveraging value-added resellers (VARs), system integrators (SIs), ISP aggregators, master agents, network service providers (NSPs), managed network service providers and OEM resellers, as appropriate. In addition, this includes how the vendor leverages new pricing, consumption and business models that are emerging due to market and technology transitions.
Offering (Product) Strategy: Evaluates the vendor’s product roadmap around existing and future SD-WAN functions. This also includes not just the raw features and capabilities, but also the vendor’s overall architecture across the portfolio, the uniqueness of the capabilities and the value to the end customer. We evaluate product strategy in terms of various capabilities, including (but not limited to) simplicity, automation, cloud connectivity, visibility, predictive analytics, AI networking, application performance and security. This also includes the overall portfolio across different products.
Vertical/Industry Strategy: Measures the vendor’s ability to address the unique requirements of particular verticals/industries and to employ the associated sales channels, messaging and product features to build a sustainable business advantage.
Innovation: Evaluates the plans to bring future differentiated capabilities to market that will enhance the vendor’s ability to interact with customers and drive business. We assess the vendor’s ability to add value to customers in new, unique ways and/or to solve existing challenges in a more effective manner. Innovation is not simply a list of new features/functionality or product improvements. Instead, it is the ability to bring capabilities to the market that dramatically alter or shift the conversation among buyers. True innovation often changes the “tenor” of a market in terms of customers. Innovation can be created across multiple areas, including product, packaging, pricing, sales, marketing, models and use cases.
Geographic Strategy: Measures the vendor’s ability to address any unique requirements of particular geographies and to employ the associated messaging, partnerships and product features, as well as sales channels to build a sustainable business advantage.
Table 2: Completeness of Vision Evaluation Criteria
Offering (Product) Strategy
Source: Gartner (September 2022)
A Leader has demonstrated a sustained ability to address changing end-user requirements in the SD-WAN market. A Leader can drive, shape and transform the market, as well as maintain strong relationships with its channels and customers. Leaders typically have competitive products that address most use cases across various verticals globally, while at the same time innovating to drive the market forward.
A Challenger has demonstrated sustained execution in the SD-WAN market, and has clear, long-term viability in the market. Typically, Challengers have competitive products that address most use cases across multiple verticals in various geographies. However, a Challenger has not shown the ability to drive, shape and transform the market.
A Visionary has innovated in some key areas of SD-WAN such as SD-branch, AI networking, SASE, NaaS, cloud analytics and more. Visionaries often help transform the market — from driving new ideas/innovations, including new business models to solving enterprise challenges. Although Visionaries often transform the market, they typically lack market share, global coverage and/or complete product capabilities to address most use cases.
A Niche Player has a complete or near-complete SD-WAN product offering, but has limitations, such as geographic reach, vertical market focus, limited market share or limited addressable use cases. Niche Players have a viable product offering, but have not shown the ability to transform the market or maintain sustained execution.
Gartner expects some aspects of the SD-WAN market to evolve into the single-vendor SASE market, where network security is delivered from the cloud. More broadly, we see five technologies converging:
Convergence of Networking and Network Security
Increasingly, we see networking and network security decisions being made at the same time and more often with the same solution. This is largely driven by the move to distribute internet access to support cloud applications and change the security perimeter. This goes with the deployment of SD-WAN at branch locations to manage the internet transport. As part of a desire to minimize branch sprawl and support access to the cloud, we observe more organizations looking for integrated cloud-delivered security and thin branch SD-WAN solutions (see 2022 Strategic Roadmap for SASE Convergence).
To the Cloud
There are various ways to connect to cloud workloads (IaaS, PaaS or SaaS). Options include:
Connecting via carrier-neutral data center providers, such as Equinix in more of a DIY model
Leveraging software-defined cloud internet (SDCI) providers to connect to various cloud workloads for a turnkey managed service
Backhauling traffic to a centralized location leveraging a high-quality connection to a cloud service provider (e.g., Direct Connect or ExpressRoute)
Internet access from the branch connected to virtual instances of SD-WAN gateways to terminate traffic within cloud service providers
Many Gartner clients hope to fund their WAN expansion/updates by replacing or reducing the bandwidth of expensive MPLS connections with internet-based WANs. However, the suitability of internet connections varies by geography, access type and oversubscription levels, and service providers mixing connections from multiple vendors increases management complexity. Furthermore, in some regions, dedicated internet can be roughly the same price as MPLS, so the driver is as much about agility and flexibility as it is about price.
This capability provides premium internet performance and is positioned in between MPLS and the internet. It provides similar performance and reliability of MPLS, but with the scalability and flexibility of the internet, at a price point in the middle (see Include Enhanced Internet as a Viable Option for the Global SD-WAN Backbone). The objective is to minimize packet loss, latency and jitter (if real-time traffic) for users’ access applications hosted in the cloud. This is usually accomplished by a combination of providers’ network backbones (such as public cloud provider) and telemetry-based routing. Limitations of this include lack of last-mile and end-to-end visibility and management, for which additional providers are required.
Remote Worker Access
Gartner expects hybrid work to be the norm in many organizations (see Top Network Practices to Support Hybrid Work). There are multiple use cases for remote worker access, with most being a security-led solution with VPN and increasingly leveraging ZTNA with firewall and SWG. The networking-led solution Gartner observes is for the power user, such as a C-suite executive, financial trader, call center representative, software developer, etc.
The main SD-WAN-related use case is this power user who, in addition to security, is looking for a higher-performing solution to deliver application performance primarily with a low-cost hardware appliance. This is typically for the home office user as the work from anywhere (WFA) user requires more of a cloud-delivered security solution. This remote user solution is increasingly integrated with broad SD-WAN branch fabric orchestration. In the future, we also expect vendors to add lightweight client-based SD-WAN solutions with functionality to improve application performance, which will integrate with existing remote worker access solutions or end-user devices.
Gartner increasingly sees vendors building a common orchestration among LAN, WLAN, WAN and security, which is increasingly known as SD-branch. It offers increased simplicity in managing LAN, WLAN, WAN and security policies and profiles with a single orchestrated solution. Integrating these domains will increasingly be a differentiating factor for some vendors in specific verticals such as retail. Although Gartner still sees customers procuring LAN/WLAN separate from WAN, there is increasing evidence that this may change for certain customer environments.
Long Lead Times
Due to pandemic-related supply chain issues, we observe elongated lead times for hardware appliances that, in some situations, can exceed one year. This has influenced client buying decisions (e.g., choosing an alternative vendor with shorter lead times) and deployment scenarios (e.g., deploying virtual appliances on x86 platforms). We see this supply chain issue continuing into at least 2023 and recommend that clients plan accordingly (see Quick Answer: What Are My Options for Dealing With Long Lead Times on Network Equipment?).
There is a trend to more autonomous and self-driving networks in which AI/ML technologies can be leveraged to make networking decisions without or with limited human intervention (see Quick Answer: What Functionality Should I Expect From Network AIOPs Features?). The objective is to make networking easier for configuration and deployment with a focus more on Day 2 operations for end users, reduce operating expenditures (opex), increase speed/agility and improve uptime/performance. The other emerging objective is to use ML and algorithms to make a dynamic SD-WAN decision without any or very limited human intervention. Although it is still early in many vendors’ product development, we are seeing this functionality incorporated into an increasing number of vendor solutions offering differentiation. The longer-term challenge will be customer trust in using such solutions.
Convergence of Five Adjacent Technologies
Formerly, applications were hosted in the data center, and demarcation points were the branch to the data center and the organization had control over the data center. With the move of more applications to the cloud (SaaS, IaaS and PaaS), we have identified five adjacent markets that we envision converging: SD-WAN, SSE, enhanced internet, cloud onramp and multicloud networking software (see Market Guide for Multicloud Networking Software).
We already see SD-WAN and SSE converging to form SASE. There are quite a few vendors that offer two or three of these functions, with the aim of providing a simpler and integrated solution for the end user. These technologies are converging in multiple ways; there’s no single combination that is dominant. Some suppliers will offer two or three, while others will offer four. Buying patterns are inconsistent, as well, as we don’t see demand for all five together today, but expect it to increase with supplier availability.
The current SASE market is dominated by multivendor solutions with some type of orchestration tying it together. We expect to see more single-vendor, integrated SASE solutions incorporating the SSE and SD-WAN branch components. We also expect to see new pricing models from relevant vendors. This will simplify sourcing and offer a tighter technical integration, ultimately offering a better user experience.
The Cloud Provider Becomes My WAN Vendor
More workloads are moving to the cloud and enterprises are becoming more cloud-first. As a result, we see cloud service provider network backbones becoming part of an enterprise’s WAN solution — not only for connecting to cloud workloads and potentially between workloads, but also to connect branch locations, headquarters and remote workers. For some enterprises, the cloud service provider’s backbone will be its WAN solution of choice.
While not specific to SD-WAN per se, we do see new consumption options that can take advantage of a pure usage/metered/consumption model in terms of per user or unit of bandwidth, in addition to typical subscription models. NaaS incorporates hardware, software and management as a consumption model where the customer doesn’t own the equipment. It includes turnkey self-service and elastic demand options, including network refreshes to simplify consumption (see What Is NaaS, and Should I Adopt It? and Navigating Emerging Network-as-a-Service Promises and Challenges).
The market is mainstream and maturing. The supply side remains a crowded, fragmented vendor landscape, with large established vendors and smaller providers from multiple segments competing for market share. Increasingly, we do see separation from the top vendors in this space as we estimate that the top 10 vendors make up over 80% of the market (see Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 1Q22).
Differentiation can be:
Feature-based — for example, AI networking, cloud connectivity, ease of use, support for complex architectures, security (on-premises or in the cloud), scale or application performance optimization
Business-model-based — for example, capex, opex (pure subscription or NaaS) or hybrid
Deployment options — for example, on-premises (integrated appliance or NFV/uCPE) versus network-/cloud-delivered
Vertical focus — vendors that focus on specific verticals, such as retail, financial, state and local government, etc., based on specific use cases and product focus
Geographical focus — vendors that focus on specific geographies where they can compete most effectively based on where they have resources, channels and unique product capabilities to meet the requirements of end users
Some vendors focus on feature depth on a specific use case or two in a certain set of verticals and/or geographies. Others choose to address a broad set of use cases across the market and focus on feature breadth in a more horizontal approach.
The SD-WAN market is primarily driven by the following factors:
Refresh of existing branch office router equipment (or first-generation SD-WAN equipment) that is at end of support or lacks the desired capabilities.
Renewal of NSP or managed service contracts, where a new service provider also means new equipment. This can drive the move off of MPLS in favor of internet access to the branch, with security perimeter changes that typically drive new solutions.
Application rollouts — changing traffic patterns resulting from increased use of cloud and multicloud resources that render the traditional hub-and-spoke from remote branch to on-premises data center WAN architecture obsolete.
The desire to increase scalability, agility and automation to address the needs of digital business transformation and reduce opex.
The desire to consolidate more than one branch function, such as routing, security and WAN optimization (e.g., SASE and zero trust).
The need to support remote workers where high performance is needed.
Vendor Landscape Changes
We estimate that the SD-WAN market has about 70 suppliers, and we still see more vendors entering the market. We expect this market to remain crowded during the next few years, with continued merger and acquisition (M&A) activity.
Acquisitions may come in the form of small vendors combining to achieve scale, vendors looking to enter the space, and continued consolidation among networking and security vendors. As we look out three years, more than 10 mainstream suppliers are likely to remain, but we do see increasing separation by the top six or eight vendors from the rest of the market.
Recent M&A activity in this space includes Extreme Networks buying Ipanema (previously owned by Infovista), the announcement of Broadcom’s intent to acquire VMware, KKR’s completed acquisition of Barracuda from Thoma Bravo, Netskope’s announced acquisition of Infiot and the announcement of affiliates of Vista Equity Partners’ intent to purchase Citrix.
I&O leaders responsible for building and managing WANs should:
Build a WAN architecture that aligns with end users, branches and applications. This may mean a hybrid WAN with MPLS and internet, or internet only with dual internet. This depends on how many on-premises workloads versus cloud workloads exist, the types of applications, the number of users at a site and locations of end users.
Shortlist at least two SD-WAN product vendors (for example, a small vendor and a large vendor) in addition to their incumbent routing/SD-WAN vendors for significant WAN expansion or router refresh.
Quantify the total cost of ownership (TCO) of an SD-WAN deployment. SD-WAN solutions more commonly have opex-friendly business models, with a strong shift from upfront capex to annual license subscriptions. This may dramatically increase TCO. To perform a proper evaluation and comparison, quotes should include all platform, license and support costs for a three-year baseline.
Select SD-WAN vendors that can improve Day 2 operations with network automation and AI networking capabilities. As differentiation between features/capabilities reduces, organizations should look at how to optimize supporting the network to improve uptime, performance and efficiency.
Give preference to SD-branch solutions to simplify the management of LAN, WLAN, WAN and security for small branch offices.
Prioritize vendors with strong automation and orchestration with cloud onramp to simplify distributed cloud access for cloud-first companies, and evaluate enhanced Internet capabilities to ensure a consistent, high-performing end-user experience.
Implement a SASE architecture for branch office and remote worker secure connectivity to cloud workloads. Favor single-vendor SASE solutions where sourcing simplicity, product integration and cost are main drivers. Favor partner-integrated SASE solutions for larger networks where vendor choice is key.
Run a pilot to test the SD-WAN solution in a production capacity to validate performance in a real-world environment. Ensure that at least one critical site is tested with the solution deployed, before any final decision is made.
Gartner analysts conducted more than 3,000 Gartner client inquiries on the topic of WAN between 1 July 2021 and 30 June 2022.
Gartner analysts conducted more than 1,500 Gartner client inquiries on the topic of SD-WAN between 1 July 2021 and 30 June 2022.
Gartner analysts conducted more than 2,000 Gartner client inquiries on the topic of SASE between 1 July 2021 and 30 June 2022.
Analysts reviewed Gartner Peer Insights data for this market.
Gartner analysts reviewed publicly available information online.
Social media conversation analysis: Gartner conducts social listening analyses leveraging third-party data tools to complement or supplement the other fact bases presented in this document. Due to its qualitative and organic nature, the results should not be used separately from the rest of this research. No conclusions should be drawn from this data alone. Social media data in reference is from 1 January 2019 through 31 March 2022 in all geographies (except China) and recognized languages.
Sources covered: By default, social media sources considered for analysis include Twitter, Facebook (publicly available information only), aggregator websites, blogs, news, mainstream media, forums and videos (comments only); unless and until specified.
We included data to create a market momentum index that included relevance in Gartner client inquiries, Google Trends, searches on gartner.com and social media presence analysis
Gartner collected information from Glassdoor, Indeed and other sources to evaluate as part of this research.
Citrix did not respond to requests for supplemental information or to review the draft contents of this document. Gartner’s analysis is therefore based on other credible sources, including client inquiry, past information shared by the vendor, reviewing public statements, the website and other publicly available data sources.
Evaluation Criteria Definitions
Ability to Execute
Product/Service: Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria.
Overall Viability: Viability includes an assessment of the overall organization’s financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization’s portfolio of products.
Sales Execution/Pricing: The vendor’s capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel.
Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor’s history of responsiveness.
Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization’s message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This “mind share” can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities.
Customer Experience: Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on.
Operations: The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.
Completeness of Vision
Market Understanding: Ability of the vendor to understand buyers’ wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers’ wants and needs, and can shape or enhance those with their added vision.
Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements.
Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base.
Offering (Product) Strategy: The vendor’s approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements.
Business Model: The soundness and logic of the vendor’s underlying business proposition.
Vertical/Industry Strategy: The vendor’s strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.
Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.
Geographic Strategy: The vendor’s strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the “home” or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market.
The zero-trust network security model has become a pervasive topic for IT professionals . Many organizations have a vision of what they want or need in terms of zero-trust and zero-trust network access (ZTNA), but the completeness of their vision isn’t necessarily being translated into the solutions they’re able to put in place .
Most organizations claim to either have a zero-trust access (ZTA) or ZTNA strategy either in place or in active deployment. However, most also report that they cannot consistently authenticate users or devices and struggle to monitor users after authentication.
Additionally, many organizations also report that implementing zero trust across an extended network is difficult . Because these are generally considered to be fundamental zero-trust functions, it appears that many organizations either misunderstand zero trust or that their solutions are being incompletely deployed.
Download the State of Zero Trust report by clicking here or on the image below.
What does a Zero Trust Access solution look like? Click here for the run-down.
According to Fortinet, Web Application Firewalls (WAFs) are designed to inspect and protect HTTP connections and prevent web-based attacks such as cross-site scripting (XSS) and SQL injection. While WAF tools and devices have been around for over a decade, and are a required technology for organizations that process credit card transactions (PCI-DSS), they are just now starting to gain traction in many networks.
Snapt say that every business exposing online applications, services, and APIs needs a Web Application Firewall (WAF) to operate safely and protect against cybersecurity threats. A WAF identifies and blocks attacks that lead to downtime, leaked data, and compromised transactions and accounts.
This topic is often how the SD-WAN discussion starts.
A network migration to SD-WAN (software defined wide area network) may deliver cost savings, performance improvements and better security.
According to our partnersFortinet, the short answer is that SD-WAN offers better visibility, availability, enhanced performance, and more freedom of action. It’s why the industry has seen interest in SD-WAN rising over the past few years.
Fortinet list the following benefits of SD-WAN over MPLS:
SD-WAN delivers potential cost savings.
By reducing the amount of traffic that needs to traverse the MPLS links, one may utilize commodity internet, reducing MPLS costs.
Secure SD-WAN from Fortinet provides better protection than MPLS, because the solution is delivered as an integrated function within a next-generation firewall appliance.
A wide array of security tools, such as IPS, firewall, WAF, web filtering, anti-virus, and anti-malware are simultaneously deployed, as these are natively part of the NGFW firewall / SD-WAN device.
SD-WAN delivers better network performance, utilizing diverse links and paths based on application or traffic type, for example.
SD-WAN is application-aware, and can thus prioritize traffic accordingly, based on bandwidth, latency and other requirements.
Click here for more information on Fortinet’s Secure SD-WAN solution, or get in touch to discuss a SD-WAN solution that’s right for you and your business.
Our other partner, Aruba Networks, have made this short video which succinctly describes SD-WAN: