SASE and AI Are Coming to a SD-WAN Deployment Near You
Enterprise deployments of software-defined wide-area networking (SD-WAN) will see big jumps in the use of secure access service edge (SASE) architectures and artificial intelligence (AI) functionality over the next few years, predicts research firm Gartner.
Those predictions come in the company's latest Magic Quadrant report for WAN Edge Infrastructure, which finds VMware among the leaders, topping the "completeness of vision" axis of the report. On the "ability to execute" axis, VMware was behind only Fortinet. Others in the "Leaders" quadrant include Versa Networks, Palo Alto Networks, Cisco and HPE (Aruba and Silver Peak).
The market itself is defined as "products and associated functions that provide network connectivity across the WAN," mainly routers and physical/virtual SD-WAN appliances. Drilling down, that description encompasses connections between distributed enterprise locations such as headquarters, hubs, branches and remote workers, and access resources in private datacenters. Also in the mix are Infrastructure-as-a-Service (IaaS) and Software-as-a-Service (SaaS) connections.
The aforementioned SD-WAN predictions come in the "strategic planning assumptions" part of the report, which lists:
- By 2024, more than 70 percent of SD-WAN customers will have implemented a SASE architecture, compared with 40 percent in 2021.
- By 2025, 40 percent of enterprises with SD-WAN deployments will use AI functions to automate Day 2 operations, compared with fewer than 5 percent in 2021.
- By 2025, to deliver flexible, cost-effective scalable bandwidth, 40 percent of enterprise locations will have only internet WAN connectivity, compared with 15 percent in 2021.
"This market continues to migrate from traditional branch routers (often called 'customer edge routers' in a Multiprotocol Label Switching [MPLS] implementation) used to connect branch locations to the data center to SD-WAN with a more-decentralized architecture and cloud workloads," Gartner said. "SD-WAN is widely replacing edge routers and adding application aware path selection across multiple links, centralized orchestration and native security, as well as other application performance optimization functions (such as WAN optimization). Consequently, it includes incumbent and emerging vendors from adjacent markets (e.g., routing, security, WAN optimization and SD-WAN), each bringing differentiators and limitations. It also includes zero trust network access (ZTNA) functionality for remote workers in lieu of traditional virtual private network (VPN) solutions as part of SASE, which combines SD-WAN and cloud security into an integrated, orchestrated architecture."
As shown in the following Magic Quadrant graphics for the last three years, VMware has consistently topped one or both of the two axes:
Of VMware, Gartner said: "Its offering is branded as VMware SD-WAN, and is part of VMware SASE. The offering includes edge appliances (hardware and software), gateways -- VMware points of presence (POPs) offering various services -- and an orchestrator and its Edge Network Intelligence. VMware provides additional optional security via VMware Cloud Web Security and VMware Secure Access. Based in California, U.S., it has more than 14,000 SD-WAN customers. The vendor operates globally and addresses customers of all sizes, and in all verticals. Gartner expects the vendor to continue investments in this market, including enhancing options for remote workers and building out its SASE offering."
Along with listing VMware at the top, this year's report mirror's last year's report in another way: the strategic assumptions are quite similar, with last year's list including:
- By 2023, to deliver flexible, cost-effective scalable bandwidth, 30 percent of enterprise locations will have only internet WAN connectivity, compared with approximately 15 percent in 2020.
- By 2024, more than 60 percent of SD-WAN customers will have implemented a secure access service edge (SASE) architecture, compared with about 35 percent in 2020.
- By 2024, to enhance agility and support for cloud applications, 60 percent of enterprises will have implemented SD-WAN, compared with about 30 percent in 2020.
- By 2024, 20 percent of SD-WAN centralized configuration and troubleshooting will be touchless via an artificial intelligence (AI) assistant, compared with none in 2020.
Both AI and SASE also figure prominently in Gartner's future trends, which include:
- AI: There is a trend to more autonomous and self-driving networks in which AI/ML technologies can be leveraged to make networking decisions without or with limited human intervention. The objective is to make networking even easier for Day 2 operations for end users, reduce operating expenditures (opex), increase speed/agility and improve uptime/performance. The other emerging objective is to use ML and algorithms to make a dynamic SD-WAN decision without any or very limited human interventions. Although it is still early in many vendors’ product development, we are seeing this functionality being incorporated into an increasing number of vendor solutions offering differentiation. The longer term challenge will be customer trust in using such solutions.
- Single-Vendor SASE: The current SASE market is dominated by multivendor solutions with some type of orchestration tying it together. We expect to see more single-vendor, integrated SASE solutions incorporating the cloud security and SD-WAN branch components. We also expect to see new pricing models from relevant vendors. This will simplify sourcing and offer a tighter technical integration ultimately offering a better user experience.
SASE, a term actually coined by Gartner that has gone mainstream, has become a foremost security approach in the age of ransomware and other cybersecurity threats, along with a Zero Trust approach and increased automation, according to a recent survey report published by FireMon, which included this graphic:
In the new 2021 Gartner report, the company included SASE in one of its market recommendations: "Implement a SASE architecture for branch office and remote worker secure connectivity."
As is typical, the report is available for free in licensed for distribution editions from some of the vendors covered in the report. A simple web search of the report title and some of the top vendors will find them.
David Ramel is an editor and writer for Converge360.