Blog post

SDN Hits the WAN

By Andrew Lerner | May 08, 2014 | 3 Comments


For the most part, managing the WANs is tedious (if not hard), and I’ve been responsible for this in large enterprise.  Despite the seemingly simple goal of connecting users to applications with appropriate amounts of performance, resiliency and cost effectiveness, this was and remains no small task.

From a connectivity perspective, there are several new architectures to consider, which we’ve published research on here (for SaaS) and here (for IaaS).  However, from the perspective of a Network Engineer/Architect, you have to deal with a plethora of technologies including MPLS, VPN, routing protocols, first-hop gateway protocols, SWG, WOC, firewalls etc etc.  Keeping these pieces glued together is a very MacGuyvery proposition.


And this is only getting more complicated/tedious with the explosion in cloud and mobility, as you’re now responsible for more user and application “locations”.  In essence, you no longer own the WAN but are still responsible for its performance (gone are the days where the majority of your users sit in corporate offices on corporate-owned devices connecting to apps run out of the corporate data center).  That said, in just the last two weeks, there have been a lot of hype around the topic of improved WAN Orchestration.

While the mainstay incumbent network vendors have products that certainly help in this area (Cisco Prime, HP IMC, Juniper SPACE, Riverbed CMC etc) they are primarily NMS-focused.  We’re now seeing the emergence of newer entrants focused on simplifying WAN configuration/orchestration along with SDN-like capability.  Just a few comments on some of these newer players in the space… Note:   This is just a sampling, not an exhaustive list (there are other players as well).


Cloudgenix emerged from stealth last week and their Software-Defined Enterprise WAN (SDEwan) aims to simplify WAN administration via using a business-centric policy framework.  Again, this is in contrast to the IT/Network-centric view of the world that most of us grew up with (i.e., routers, circuits, VPN, BGP, NAT, etc.). Details are scant on the how they do this and whether it is primarily orchestration or if it offers true SDN capability via decoupling.


Not to be outdone by Cloudgenix, Viptela emerged from stealth this week with their SEN (Secure Extensible Network) architecture.  This essentially allows you to run a VPN over your existing WAN (which they call transport-agnostic VPN), including multiple transport methods (Internet, MPLS etc.).  The solution has 3 key components:  vEdge routers which sit in your remote locations, an SDN controller (vSmart) and an NMS. The use-cases they cite include multi-tenancy, optimal path/routing selection, and the insertion of L4-7 network services like FW/IDS.

Glue Networks,

Compared to Cloudgenix and Viptela, Glue is an elder statesman in the space.  Their bread and butter solution is WAN orchestration software called Gluware.  Gartner profiled Glue Networks as a cool vendor in 2013 because they were …one of the first solutions that leverages a central, policy-based controller with ongoing policy enforcement, extending intelligence outside the data center to the WAN…” To date, their focus has been on orchestration of Cisco-based WANs (they are on the Global Cisco Price List).  Technically, it works via connecting to Cisco routers securely (via SSH) and “orchestrating” them via TCL scripts.  Gluware can do management, provisioning, configuration and advanced traffic engineering (i.e., provides a nice front-end to Cisco PfR) within Cisco-based WANs.

Anuta Networks,

Anuta Networks is focused on the broader enterprise network, not just the WAN.  We just profiled them as a Cool Vendor in 2014 because their solution “delivers complete network service orchestration for campus, branch and data center networks”.  Anuta’s solution uses VM-based agents and APIs to communicate with other NMS/Orchestration systems. My colleague, Simon Richard (@simonSDN) has also written about Anuta here.


I am not scoring, evaluating or promoting these products, just pointing out that there are now a new class of players in the space which can offer fresh approaches to solve long-standing WAN pain points.  Overall, there is relatively limited adoption of these solutions, but if you’re feeling a little MacGuyver-esque these days, they can give you some new ideas…

Side note:  For those not familiar with MacGuyver, it was an awesome ’80s TV show about a guy who could do just about anything with limited resources (i.e., diffuse a bomb with paperclips and duct tape)…

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Leave a Comment


  • Jan Hichert says:

    Allow me to add to your list:


    Ocedo is a complete, integrated SDN system: Ocedo Connect is a cloud-based console, from which IT service providers manage Ocedo Gateways, Ocedo Access Points, and Ocedo Switches. Ocedo is headquartered in Karlsruhe, Germany.

    Thank you.

    Jan Hichert
    Ocedo Co-founder and CEO

  • Greg Tennant says:

    Cybera was awarded Gartner Groups’ Cool new Vendor in Infrastructure security 2014 for it leadership in pioneering the SDN WAN. Cybera has over 30,000 sites already in production and has been delivering SDN WAN solutions for over two years to companies such as Shell Oil, Little Ceasers, VeriFone, ExxonMobil, Puma and many more. Cybera provides the only proven SDN WAN platform in the industry today, but is excited to see other companies validating our market.

    Cybera welcomes Viptela, CloudGenix, Glue, Anuta and Ocedo to the WAN SDN market.

  • And for anyone looking into how to mange all those local internet vendors. There is a solution using a virtual network operator allowing you a one stop shop for your local internet access as well.