Eight of the industry’s leading SD-WAN products were examined by NSS Labs to help enterprises understand the merits of products in the market and identify the capabilities best suited to meet their use case requirements.
Products in this test were assessed for the quality of experience (QoE) of VoIP and video, performance, total cost of ownership (TCO) and security effectiveness.
NSS Labs defines SD-WAN as the union of software-defined networking (SDN) and WAN technology. Part router, part WAN optimization, and part firewall, SD-WAN enables enterprises to leverage high-bandwidth, consumer-grade links (or links without guaranteed performance) for business-class services at a lower cost than traditional dedicated links.
Enterprises are adopting SD-WANs for their branch office network needs – capitalizing on the visibility, scalability, performance, and control benefits the technology provides.
SD-WAN technology is rapidly evolving, and enterprises exploring SD-WAN technology should focus on network functionality and interoperability maturity to differentiate products. Additionally, SD-WAN is consumable in multiple ways including both appliance or as subscription based services.
This flexibility offers enterprises the choice to deploy and manage their SD-WAN as business needs and IT priorities dictate.
For this second iteration of the SD-WAN Group Test, NSS Labs identified three use cases: manageability and cost, performance, and security in the form of protection against network-delivered exploitation.
Products in this years test performed well against a rigorous series of test cases that capture efficacy in demanding WAN deployments. All products met the use case for quality of experience (QoE) for VoIP and Video, scoring above the minimum recommended by NSS Labs.
Traditionally, the SD-WAN market has been dominated by pure play SD-WAN vendors. In the last few years, security vendors offering threat protections entered the space, now offering a combined firewall/IPS protection with SD-WAN.
- Security vendors already offer protection against network-delivered exploitation.
- Two products with built-in protection against network-delivered exploitation capabilities were tested with the functionality enabled; both products performed equal to or better than products without this functionality enabled. Products with the capabilities but choosing not to enable them for testing should be fully assessed before purchase and deployment.
Two differentiators in this test were TCO per Mbps and protection against network-delivered exploitation. On average, vendors who were tested with network-delivered exploitation protection as part of their SD-WAN had a lower TCO per Mbps than those who did not.
All tested products had performance-to-cost ratios that were better than Multiprotocol Label Switching (MPLS) or dedicated links, making a strong case for deployment of these SD-WAN products.
- Most tested vendors had a simplified branch office configuration creation capability and feature measured deployment time of less than 10 minutes per device, demonstrating a positive impact on business expansion and productivity over legacy network solutions.
“Interest and demand for SD-WAN continues to accelerate as enterprises gain significant cost and operational benefits,” said Jason Brvenik, Chief Executive Officer at NSS Labs.
“All of the products tested in the 2019 SD-WAN Group Test offer a notable return on investment. Products offering integrated threat protections demonstrate further return on investment and operational efficiency. We encourage enterprises exploring SD-WAN technologies to read the results from this year’s test.”
- Barracuda Networks Barracuda CloudGen Firewall F82 v7.2.3
- Citrix Systems Citrix SD-WAN 2100-1000-SE v10.0.0.6
- Forcepoint NGFW 1101 SMC 6.5.3 and Engine 6.5.2
- Fortinet FortiGate 61E v6.0.4 GA Build 0231
- Oracle Talari SD-WAN E1000 v7.3
- Silver Peak Unity EdgeConnect EC-M VXOA 8.1.7
- Versa Networks FlexVNF V220 v16.1R2-S6
- VMware SD-WAN by VeloCloud Edge 2000 v3.2.1