Over the last decade and a half, networking vendors have been using various methods to bundle wired, wireless, voice over IP, and security products into a solution sale. These companies tried various combinations of routers, WAN optimization, security, Wi-Fi, switching, and voice over IP (VoIP). No single hardware product had all the services, but most provided three or more: Cisco’s ISR routers combine security, routing, and WAN optimization capabilities, and HPE’s FlexBranch integrates routing, switching, security, wireless LAN, and VoIP services.
Most of the vendors will highlight the efficiency benefits of a single appliance, but this messaging is self-serving. Their goal is to increase their footprint and revenue per transaction. There’s nothing wrong with this, as it’s a common “steak and potatoes” business strategy. However, the concept hasn’t been much of a moneymaker for vendors, because vendors struggled to:
- Create a product portfolio to match the market. Remote offices can be quick-service restaurants, sales offices, manufacturing sites, acute care centers, and stadiums, to name a few. The networking and security services can vary significantly between sites. The resilience and security needs of an acute care center are significantly higher than a quick-service restaurant. The price, fit, form, and function of the products will vary dramatically, too. Frankly, vendors don’t have the resources to put all the hardware variations on the price list and still be profitable.
- Create secondary services that matched performance or richness of best-in-breed services. ROBO boxes deliver a lot of features, but they’re ultimately subject to compromises on factors like buffer size, ASICs, ports, and tables. This means vendors have to make sacrifices. Riverbed Technology, Silver Peak Systems, and others captured this opportunity when it came to WAN optimization versus traditional routing and switching vendors that tried to integrate WAN opt into a router.
The networking industry is back to its old tricks using a new product — SD-WAN — to push the integrated service story. I highlighted this in my Six Aspects To Palo Alto’s Acquisition Of CloudGenix blog. SD-WAN, for all intents and purposes, was just a repacking of routing and some WAN opt capabilities. SD-WAN simplified performance-based routing like Apple’s first iPhone did to mobile phones. The central, easy-to-use systems make setting up features like load balancing, best path, and active-active much easier. CloudGenix, VeloCloud, and Viptela were savvy to highlight cost benefits of using generic internet — and, in theory, getting rid of MPLS (multiprotocol label switching). Most of that is just a red herring. Forrester’s “SDWAN — More Than Just Cutting WAN Costs” report digs into the real SD-WAN benefits.
While the market exploded with the excitement of easily creating WAN fabrics, many companies struggled to deal with security challenges exposed by WAN fabrics, cloud, SD-WAN, and remote site internet links. Then came the idea of integrating security services into SD-WAN. This resurrected the whole ROBO feature compromise. Security, WAN opt, and routing vendors have been coming from different directions to build an integrated set of services that looks similar to what they proposed years ago. And marketing messages are the same.
What I find interesting is that all the open, disaggregated, switching white-box pundits have been awfully quiet in this round. Where’s the fear about vendor lock-in? That’s another blog, and I’m not suggesting that as the right path since the cost benefits aren’t there.
Instead, learn from the giant cloud providers that harness virtual network functions (VNFs), spin up services as needed, and service-chain them together. Enterprise teams have even more service options when they include cloud-based networking and security services. Technology teams can include those with VNFs and create a dynamic, flexible networking infrastructure with security in its DNA. These technology teams will have a larger pool of resources to use and not be forced into a single vendor play. I outline all of this in Forrester’s “Five Tenets Define Virtual Network Infrastructure, A Bold New Business Network” report.
This approach isn’t easy like most of today’s SD-WAN “buy and implement” offerings, but many SD-WAN solutions come with little long-term benefit. The automated, orchestrated service-chaining approach requires a long-term investment and will take some fundamental changes to the skills, process, procedures, and metrics. This approach will require a businesswide investment into networking automation and orchestration, which most organizations have barely started. Forrester’s “Get Control Over Your Bots With Forrester’s Automation Framework” report outlines eight major categories of automation that professionals can use to guide their automation journeys. Our “Jump-Start Your Network Automation” report provides some examples on where to start.
As always, I am happy to help you with the planning and execution of your networking strategy. Please reach out to firstname.lastname@example.org to schedule time to talk.