SD-WAN for enlightened


I'm not sure if the buzzword SD-WAN is used to compensate for another
buzzword that got over-utilized (SDN) or it is a true 'new and improved'
way of doing things that has some innovation into it.

I heard different explanation from different vendors:

1) appliances (+ controller) placed in-line to put traffic in tunnels based
on policy, with some DPI and traffic tagging...(to do performance/policy
based routing) over an expensive link (MPLS) and a cheap one (broadband)
with some 'firewall-like' filtering capabilities.
2) same as above, with a flavor of 'machine learning' to find a pattern for
traffic to optimize utilization.
3) a controller that instantiates and tears down tunnels from 'classic
routers' based on external policies and Network based features to do
performance based routing over an expensive link (MPLS) and a cheap one
(broadband) with encryption.

Is the above a decent high-level summary?

Has anyone tried any of these solutions, any general feedback ?


Hello Kasper,

I will do my best to answer your SD-WAN question, but as you mentioned it is a buzzword that has a bit of confusion in its definitions. I would say that a SD-WAN solution should have the following elements:

1.) Ability to manage multiple WAN connection and choose the path based on user and machine criteria (The Hybrid WAN)
2.) A controller to manage the polices and operations of the SD-WAN devices
3.) Analytics on the network and application level
4.) A software overlay that abstracts and secures the underlying networks

Currently there are a lot of solutions out there by many vendors. Some do all of these and some a subset, so it make the landscape a bit confusing. Lots of times vendors use SD-WAN when they are really just talking about Hybrid WAN (multiple connections) or WAN optimization.

Doug Marschke
415-902-5702 (cell)
415-340-3112 (office)

So who are the big SD-WAN players out there?

Too many to list. I don’t know who is “winning” in market share right now, as I am sure each vendor tracks their wins differently.

There are definitely a few making more noise than others.

Doug Marschke




415-902-5702 (cell)

415-340-3112 (office)

As of this announcement:

there will be one less than before :slight_smile:

Seriously - when I first learned about them, upon service inclusion of the
Viptela products into the VzB SD-WAN offering, they (Viptela -
looked very nice, already, as standalone products. And that was a few years


What I don't understand is how do all these newer, SD-WAN vendors, differ
from any of the managed FireWall companies that have nice pretty GUI's and
web management? For example, Sophos, Meraki, Fortinet, and the other large
firewall vendors that do dual wan, virus filtering, remote management, etc?