We’re about to POC vendors. So far Palo Alto are in. We were going to POC VMware as well, but they’re been too awkward to deal with so they’re excluded before we’ve even started.
Would like a second vendor to evaluate so it isn’t a one horse race.
We’re using Aruba Edgeconnect (Silverpeak). It’s been a great product so far.
Personal view: Cisco, Velo, Aruba are the top vendors. With Palo Prisma and Versa half a step behind.
Fortinet, Palo SD-WAN (on NGFW) and Meraki are all just automated VPN with BGP. This may work for your use case but does have its limitations over the SDN construct approach.
We use velocloud and I would jump ship in a heartbeat. It’s only great when it works. Non stop issues with VNF insertion (palo alto) and near useless TAC. My last ~5 tickets had no resolution other than “that’s not officially supported.” Also find the graphical data lacking. There is no way to search for detailed netflow (like solarwinds has).
Real SDWAN with de-dup, compression, acceleration, etc, we use SilverPeak. It really is magical in what it can do.
For everyday SDWAN, Fortinet.
Aruba EdgeConnect (formerly SilverPeak) is great.
We use peplink speed fusion vpn to connect all our stores back to the main branch. Works well for us.
Aruba EdgeConnect / SilverPeak
Cisco and SilverPeak
Been using viptella/cisco SDWAN for few years now. Before two weeks ago I would say it was pretty awesome. But two weeks ago we got hit with a bug that tripped up our two vsmart controllers. This cause an outage at three sites. In the 11 years I have worked at this place this was the first time we lost a site for more than 5 mins. The outages were 6 hours…. For 3 sites!
Still it’s not a bad product. I think it’s easy to use and understand. We have survived multiple circuit and equipment outages over last few years for sure. This was due to the SDWAN design.
Rolled out Palo-formerly-Cloudgenix about 2 years back - we have been very satisfied so far. Reliable, predictable, intelligent default settings.
I got a large deployment of Aruba edgeconnects, large healthcare environment with multiple hospitals and hundreds of clinics. Using an Aruba SDwan appliance at every clinic and they are simple and work great
Only used Versa and I’m not exactly thrilled with it honestly. It does the job but we’ve had more hardware failure (Versa hardware, none with white boxes so far) than I’d like, quite a few gotcha moments with firmware and pushing updates and even 4 years in there’s oddities that have left me and my customer (I work for an MSP) less than impressed.
That being said when it works it works well and even my dumb ass can understand it, so that’s definitely a plus. And any time I’ve raised a support case with Versa, even a P2/P3, they’ve been far quicker to not only respond but actually fix than any of the experiences Ive had with Cisco.
Juniper Mist SSR + AP + Switches
- French Chefs kiss*
I’m an Aruba EdgeConnect SE.
Do yourself a favor and include EdgeConnect in your POC.
There’s only a handful of true SDWAN products out there, and out of all of them I’d say we’re the easiest to deploy with the most features that you’ll actually use.
Other popular ones are versa, Meraki, Fortinet, Viptela… depends on the traffic flows, paths required, complexity in the underlay. Juniper have 128t (now called session smart router) which is innovative… and bizarre but if you think about the type of flows going over a network now (mostly SSL already encrypted) it makes sense.
Have to think about sites, how many where they are, where the applications are, foot print required on each location, cloud integration IaaS/PaaS or just SaaS ramps… acceleration is a consideration too.
Some I have found are very good for client/server flows, but less good for server/server flows…
We are in the process of working with Lumen to deploy Versa SD-WAN to our organization.
Never having worked on or with sdwan, I’m eager to get some time with the boxes and check it all out.
I will say that Lumens support in getting this hardware and initial configurations has been a headache.
Unfortunately my manager didn’t do any PoC and just went with what Lumen recommended as we have MPLS with them.
Used meraki in the past works well but limited in what you can do, current gig we’re using fortinet (mostly because we’re already cisco+forti shop), its… not bad but then again we’re not using it as much as we should, but never really failed, only issues we ever have are due to isp routing issues and not forti.
I have deployed Aruba and Velo.
I like both but a do prefer Aruba because it has a ton of cool visualizations + the app optimization feature.
I guess the main question is what are you trying to solve for?
Are you replacing MPLS with lower cost links and hope to have sdwan make up for the quality difference?
Are you looking to remove BGP from your office/branch edge?
My sdwan use case was removing BGP while maintaining “active/active” internet egress based on link quality. I also wanted to avoid any solution that forces you to backhaul your connection to the service provider cloud.
I’ve been fairly happy with Palo Alto/Cloudgenix Prisma SDWAN. There is no dedupe or “RAID” for network traffic, but the appliances do a great job sending traffic out of the best link. Another callout for the IONs is that they only support 1 heartbeat link which is not good.
I have 4 sites (8 if you count management) + hub in aws with another site coming online next quarter.
Another product that I’ve been toying with is the Juniper SSR router. It looks very promising, but hands on experience.