You probably know all about the stages of grief, or the stages of project post-mortem examinations. How about the stages of SD-WAN? The fact is that SD-WAN is undergoing a series of parallel revolutions, and the way they interact will shape both the opportunity and the competitive landscape, at both the product and service levels.
SD-WAN is an emerging but still very minor piece of the network services market. Most of the market estimates place total revenues well below $200 million annually, and it’s divided up among a large number of players. Recent market data reported here lists 13 vendors and an “others” category that seems to have about that same number in it. Given that my own model says the SD-WAN opportunity could reach $40 billion by 2022, a two-hundredfold growth rate, it’s no surprise that there are plenty of interested startups and even significant early M&A (Cisco and VMware both bought SD-WAN firms).
The question, of course, is what’s driving the growth. My view is that the drivers in the SD-WAN space have been somewhat diverse from the start, and that a new and very significant set of new feature requirements are being introduced now. It’s these new requirements that will generate the incremental opportunity for SD-WAN, not simply the growth of opportunity based on the factors that dominate the market today. The best way to explore this is to consider the “phases of SD-WAN.”
The first phase of SD-WAN emerged as a requirement set at about the same time as NFV did, which was 2012. The problem that drove the consideration was similar in a sense to the problem that was emerging at the same time in cloud data centers—tenant networking. Applications could be considered “tenants” in the cloud, and the need for uniform application access by workers located anywhere added quickly to the first-phase requirements. The original model was called “hybrid SDN” or “SDN-WA” to distinguish between the data-center-centric SDN model and this newer one.
There were thus two interdependent requirements here. One was the desire to create a Nicira-like independent overlay network that offered greater control of applications and users, and the other was the desire to create an overlay network that could, because it was an overlay network, a new service layer that would span different network connection options. Many sites didn’t have Ethernet access and MPLS VPNs, but they all had Internet access.
Some players in the market, notably Nicira (bought by VMware and made into NSX) and Nuage (bought by Nokia) evolved their capabilities more in line with the notion of “hybrid SDN” and “SDN-WA”. These provided tight integration between their network solution and data center hosting, and in some cases even vertical integration between the service overlay and the underlying services. Others saw an opportunity for a simple premises device (or process) that exploited the specific need for a hybrid between MPLS VPNs and the Internet. This second group makes up what we call “SD-WAN” today, and its emergence marks the mainstream of the first phase of SD-WAN.
Almost as this early SD-WAN vision was maturing, another issue set emerged. Public cloud computing, particularly when it’s used for failover, scaling, and multi-cloud, generates a need to put an application component onto a VPN. Obviously that can’t be done (economically, or at all) in the usual way—putting an MPLS VPN demarcation in the cloud. On the other hand, a software SD-WAN agent could easily be bound into the cloud component, making the connection over the Internet and making each cloud component appear on the corporate VPN.
Having a cloud-ready client has quickly become a requirement for SD-WAN vendors, and it’s this development that characterizes the second phase of SD-WAN maturity.
Before we move on to the next phase, let’s take a moment to explore the market side of the picture. SDN has generally been sold to cloud providers and network operators, and that’s been true for the SDN-centric products from the first. SD-WAN was first sold to MSPs and enterprises, with the balance shifting toward the latter over time. This situation prevailed through the first phase of SD-WAN, largely because network operators saw SD-WAN as cannibalizing their MPLS VPN business.
With the advent of our second phase, network operators started to get into the act, for three reasons. First, many realized that losing their VPN customers to one of their other services was preferable to losing it to another competitor. Second, they realized that SD-WAN didn’t often actually cannibalize MPLS business, it simply extended corporate connectivity. Third, a growing minority saw that SD-WAN could actually help them create a stable model of VPN in what would likely be a changing set of infrastructure options. Operators are the fastest growing channel for SD-WAN sales today, and will likely represent the majority of new sales by the end of the year.
The operator interest in SD-WAN has had the perhaps-undesirable effect of nailing part of the SD-WAN phase evolution, the feature part, to the ground. Most of the operator-driven SD-WAN is focused purely on extending connectivity. The other features of SD-WAN have been generally ignored, and that could be an issue because of the onrush of phase three of SD-WAN.
Phase two, you’ll recall, was characterized by the goal of establishing cloud-friendly VPN connectivity. Perhaps the most important thing about this new requirement is that it’s only the first step in the real mission of SD-WAN, which is providing a bridge between the churning world of mobile workers and the continuously variable relationship between applications, components, and hosting points that virtualization has created. This is what I’ve been calling logical networking, because it focuses on connectivity as the virtual world demands it, rather than on the fixed-network-service-access-point model of IP overall.
Phase three is the critical stage of SD-WAN evolution for two reasons. First, it defines the set of virtualization-linked feature requirements that will drive broad adoption of SD-WAN. We could see, if this phase progresses, SD-WAN becoming a near-universal approach to building business networks, and even as the foundation of things like 5G and CDNs. It could become the fabric of the carrier cloud. Second, it divides the two sales channels for SD-WAN services, and if that division persists, SD-WAN might take much longer to adopt.
Recall that SD-WAN is now being offered by network operators and that this is the fastest-growing channel. It’s also offered directly to enterprises, and through MSPs and other virtual operator types. Right now, I’m seeing interest in the third SD-WAN phase confined to the latter market channel. If that remains true, then as the operators gain ascendancy in number of new SD-WAN customers, they cement the second-phase model into place and make it harder for SD-WAN to achieve its full potential.
In the long term, I don’t think operators will remain stuck in phase two of SD-WAN. The problem is competition among operators, which is a sure thing (and according to some operators and enterprise buyers, already happening). Feature differentiation in connection services is difficult, particularly if you have to rely on a best-efforts network (the Internet) for some of your connectivity. A feature race necessarily turns into a climb of the feature layers toward more logical-modeled services.
In the middle term, MSPs and other virtual-network providers could be expected to use logical-modeled features to differentiate themselves from stogy operator positioning of pure connectivity-linked SD-WAN services. If these SD-WAN providers start to climb the feature ladder to logical networking, they force the operators to do that, and thus contribute to eventual operator competition on higher-level SD-WAN features.
In the short term, it’s going to be up to vendors who provide the SD-WAN service components to promote the third phase. We’re already seeing a lot of competition in the SD-WAN space, even though everyone knows that the market will quickly settle on a number of winners you could count on the fingers of one hand. Today, you could count the number of vendors who have a clear logical-network positioning on a lot fewer fingers—one, in fact (128 Technology, who I’ve noted in past SD-WAN blogs).
Working against vendor-driven progress to phase three of SD-WAN is the fact that the vendors are of course interested in short-term sales traction. With network operators the fastest-growing opportunity, and with them showing little interest so far in phase three features, there is a chance that everyone will chase the sales (low) apples and leave the best fruit unpicked—at least for a while.
The final force to advance SD-WAN may come from that original group of “SDN-WA” players, meaning ones like VMware/NSX and Nokia/Nuage. Both these companies have an SDN orientation but a broad view of extending data center networking to the virtual world and providing branch/remote networking as well. Both also have SD-WAN offerings, but neither of these currently supports my third phase of SD-WAN, logical networking. If that changes, and I think it’s most likely to change with VMware’s positioning of its Virtual Cloud Network, it puts perhaps the most powerful vendor in the space convincingly behind the third phase of SD-WAN.
That doesn’t mean that VMware will sweep the board here, though. First, they have not yet bought into the third-phase value proposition; VeloCloud doesn’t offer full logical networking. Second, their focus with their Virtual Cloud Network is positioning for service providers, and as I’ve noted that space is still mired in simple connection-driven SD-WAN. There’s still plenty of time for other SD-WAN (and SDN) players to embrace the third phase and gain a leading position. Time, but not much time, in my view. I think this space is going to reach maturity within a year and a half, and those who don’t have a seat at the value table will be lost.