Comparing SD-WAN & AI-Driven Access Solutions

SD-WAN solutions for today’s enterprise are not equal. Many assessments narrowly focus on a few traits but miss the bigger picture of delivering better user experiences, simplifying operations and safeguarding all your sites, from client to cloud. You must choose an SD-WAN that supports your business beyond just the WAN with a design that ties the enterprise together. Let’s compare solutions in their breadth and depth of features.

AdobeStock_263461347

Artificial Intelligence for Network Operations (AIOps)

The networking industry is undergoing a paradigm shift, from the traditional, outdated way of operating networks through CLI to an automated, AIOps approach. It’s simply humanly impossible to rely on log files to troubleshoot and gain insights into network issues given the proliferation of devices, users, applications, bandwidth, IoT, etc. With AIOps, you rely on artificial intelligence and machine learning to resolve needle in a haystack issues and to keep pace with the scale of today’s digitization.

Juniper Networks VMWare VeloCloud Cisco SD-WAN Fortinet FortiGate HPE SilverPeak
Value Proposition
Functionalities with AIOps
Functionalities with AIOps

WAN Assurance Visibility into end-user experiences, and shorter mean time to repair

MARVIS Virtual Network Assistant providing automated troubleshooting

Nyansa product aspires to deliver assurance

No AI/AIOps

WAN AIOps added in 2022 Works on log files instead of direct telemetry (slower, less accurate responses) Limited Actions No Natural Language Processing (NLP)

Limited integration of ESP with EdgeConnect WAN product
WAN Service Level Experiences (SLEs)
WAN Service Level Experiences (SLEs)

  • SLE framework that measures the user experience for every session, every minute.
  • SLEs for WAN link health, application experience and gateway health.

Nyansa product aspires to SLEs

No AI/AIOps

Limited SLAs for wired and WAN

Limited integration of ESP with EdgeConnect WAN product
AI-driven insights and assisted actions
AI-driven insights and assisted actions

Deep insights on every aspect of the WAN, from device to WAN links to applications.

Early stages with Nyansa

No AI/AIOps

Actions are only recommended, not proactively taken

Limited integration of ESP with EdgeConnect WAN product

 
AIOps Virtual Network Assistant (VNA)
AIOps Virtual Network Assistant (VNA)

Integration with Marvis & Mist AI for wired, wireless and WAN Assurance

Nyansa has yet to deliver on it.

No AI/AIOps

No NLP or VNA

Limited integration of ESP with EdgeConnect WAN product

WAN Edge Capabilities & Performance

SD-WANs must evolve. Most offerings today rely on cumbersome, expensive tunnels that lack security, add costs, and consume your bandwidth. Instead, Juniper’s Session Smart technology is tunnel free and instead relies on sessions that provide rich, granular data to ensure user experience. When combined with Mist AI, you get a third generation SD-WAN that delivers user experience.

Juniper Networks white text on transparent background VMWare VeloCloud Cisco SD-WAN Fortinet FortiGate HPE SilverPeak
Value Proposition
User-centric design, optimized for user experience
User-centric design, optimized for user experience

Session-based technology results in better user experience. Deep session-based visibility, insights and fine grain app aware routing. Reduced latency by up to 60%.

Traditional approached focuses on the network, not the user’s session

Traditional approached focuses on the network, not the user's session

Limited focus on user sessions Customer experience rated average

Traditional approaches focus on the network, not the user’s session.
SD-WAN economics/bandwidth savings
SD-WAN economics/bandwidth savings

Tunnel-less architecture with SVR eliminates overhead resulting in 30-50% bandwidth savings and enables up to 75% reduction in infrastructure costs

Bandwidth hungry tunnel-based approach.

Bandwidth hungry tunnel-based approach.

Bandwidth hungry tunnel-based approach.

Bandwidth hungry tunnel-based approach.
Intelligent Encryption
Intelligent Encryption

Session Smart Adaptive Encryption conserves bandwidth, so if application traffic is already encrypted no need to encrypt twice.

Unintelligent encryption.

Unintelligent encryption.

Unintelligent encryption.

Unintelligent encryption.
Breadth of deployment options for hardway and software and universal CPE
Breadth of deployment options for hardway and software and universal CPE

Session Smart Routers are available in dedicated SSR Series appliance, but can also be deployed on whitebox, x86, or as a VNF on NFX. Juniper NFX Series delivers full breadth of connectivity and scale and is widely recognized and deployed.

Dell EMC Edge appliance

Cisco 5000 ENCS

No universal CPE portfolio

No universal CPE portfolio
SD-WAN Edge for any deployment (supporting small-medium-large deployments)
SD-WAN Edge for any deployment (supporting small-medium-large deployments)

Juniper has a breadth of portfolio ranging from desktop form factors to large campus/enterprise

WAN edge device with limited routing capabilities

Large product range, but split product lines with different management solutions

Difficulty meeting complex networking requirements

Limited routing capabilities.
Resilient WAN edge design
Resilient WAN edge design

Redundancy at every level (Active/Active, Active/Backup, Datacenter hub, control plane & data plane redundancy)

Architecture

Many of the solutions today are based on outdated architectures, riddled with technical debt. A modern solution built for today’s cloud era must also be built on a modern day microservices cloud architecture. This ensures agility for your business and allows your network to keep pace with your business operations.

Juniper Networks white text on transparent background VMWare VeloCloud Cisco SD-WAN Fortinet FortiGate HPE SilverPeak
Value Proposition
Design architected for Cloud Era
Design architected for Cloud Era

Modern microservices based cloud architecture:

  • Service containerization
  • Quick and low-risk feature updates
  • Near real-time bug fixing without network disruption

First generation cloud.

Meraki:

  • 1st generation cloud
  • Legacy sharded database in hosted database 'cloud'
  • Virtual controller-based

Cisco:

  • Controller-based legacy monolithic software architecture
  • Lack of strong cloud solution - limited to SMB
  • Lots of hardware & boxes all needing proper versions
  • Multiple non-integrated products and OS (10+)

Fragmented cloud offering an on-premise solution CLI based

  • Aruba ESP is the redesign of Aruba Central with Management
  • The controller-based architecture has Four different clouds
  • Users must upgrade, maintain and integrate all of the software
  • Monolithic code bases are expensive to scale and difficult to manage
  • Limited API support
Scalability
Scalability

  • Cloud scale with microservices architecture
  • Templates enable fast deployments while accounting for site to site differences
  • Best goodput performance allows more cost effective cloud connections
  • No expensive hardware required

Multitenant and multi-site scale requires adding many orchestrators and gateways.

Scaling is complex and requires managing vManage, vBond and vSmart components in the management and control plane. Cisco recommends Meraki for Lean IT, meaning there is a forklift software and hardware upgrade to its full featured SD-WAN.

Can’t do complex networking at scale: no real switching or routing features. Failover is seconds, not milliseconds

Scaling based on cloud VPC performance
Automation versatility (APIs, Plugins for extension)
Automation versatility (APIs, Plugins for extension)

  • Simple 100% API driven. API and Config templates. Customers can create their own plugins for extensibility.
  • Integration with Splunk & ServiceNow

Basic APIs to Velocloud Orchestrator

Rest APIs available with Devnet support

Complexity due to dependence on multiple python modules.

RESTful APIs available.
Agility
Agility

  • Modern, microservices-based cloud, instead of monolithic code base
  • Rapid updates without network disruption

First generation cloud. Lacks a microservices based cloud architecture.

Meraki:

  • 1st generation cloud with VMs and hypervisors
  • Slow updates due to the lack of a modern microservices architecture

Cisco:

  • Monolithic (brittle) software with poor ability to update for new devices/apps/fixes
  • Elevated risk to update

Fragmented cloud offering

  • Monolithic (brittle) software with poor ability to update for new devices/apps/fixes
  • Elevated risk to update
Deployment Flexibility
Deployment Flexibility

  • Scale from the largest to the smallest enterprise businesses for rapid updates
  • Single click activation for streamline rollouts
  • Wired, Wi-Fi, & WAN Assurance for full lifecycle management

Virtual controllers hosted in co-located data centers

  • Controller/Gateway for large customers, Aruba Central for small-midsize customers; monolithic architecture
  • Offers on-premises and cloud solutions
  • Offered across different applications
Multi-tenancy
Multi-tenancy

Hierarchical multi-tenancy for multiple providers, enterprises, and departments, all from one Juniper Mist AI account for Wi-Fi, wired and SD-WAN networks with configurable RBAC, all from a single login. Enables easy management of large organizations and MSPs.

Multitenant cloud gateways and orchestrators. See “Scale” rating, where accommodating many tenants requires many on-premises software instances. LAN n/a.

One vSmart per customer and limited number of customers per v/Bond per vManage. With alternative option, Meraki, multitenancy is not possible.

Switching between tenant views
requires separate logins.

Limited RBAC and no multilayer tenant management.

Client to Cloud

Your SD-WAN solution should help provide a complete picture of your users’ experience, from client to cloud. Hence a complete solution should provide insights and troubleshooting from the moment your users connect to the Wi-Fi, which passes traffic to your wired network and then out to the WAN. It should correlate across all these connections in the network and resolve issues like, “Why is my Zoom call breaking up?.”

Juniper Networks white text on transparent background VMWare VeloCloud Cisco SD-WAN Fortinet FortiGate HPE SilverPeak
Value Proposition
AIOps
AIOps

Driven by Mist AI, get insights and automated troubleshooting that correlates across all point in the network What is AIOps?

AI & ML

Nyansa product aspires to deliver assurance

No AI/AIOps

New, limited AIOps No microservices

Basic capabilities including recommendations rather than remediations with multiple dashboards for the user to solve network issues on their own. No VNA, and lack of time for effective machine learning.
User Experience
User Experience

Wi-Fi, Wired and WAN Assurance driven by Mist AI ensures the best experience for every user, every minute.

Juniper-Mist Cloud Services

Juniper-Mist WAN Assurance

Nyansa product aspires to deliver assurance

Severely limited insight into user experience.

Rated average

Severely limited insight into user experience. Many features demand CLI templates.
Security
Security

Juniper Connected Security and Zero Trust capabilities ensures that all applications, users, devices, data is secured and safeguarded against all threats.

Not an established security vendor and must rely on 3rd party technology for complete advanced security.

ISE and Stealthwatch. Integration with Open DNS

Limited integration with SSE

Not an established security vendor and must rely on 3rd party technology for complete advanced security.
Integrated Wired Access Switching
Integrated Wired Access Switching

Mist AI configures and operates all aspects of the EX Series wired access network with support for any campus architecture including Virtual Chassis, ESI- LAG, MC-LAG, or EVPN-VXLAN

No LAN management

Customers must still choose between two solution types: Software Defined Access for vs Cloud-based

Limited swtiching platforms with inferior stacking solution

  • Limited insight into wired experience
  • Many features require CLI templates
  • Separate product for wired and wireless
  • Dynamic port config requires Clearpass and Mobility Controller with lock-in architectures
  • Port profiles require lots of manual config
Integrated Wi-Fi
Integrated Wi-Fi

World class AI- driven wireless and BLE location technology operation and configuration driven by Mist AI, with AI- driven insights, monitoring and remediation

No LAN or wireless management

Split between Meraki and DNA Lacks a true AIOps solution for insights, monitoring, and remediation.

Not strong in wireless networking Lacks full AIOps for insights, monitoring, and remediation.

  • Lacks a true AIOps solution for insights, monitoring, and remediation.
  • Separate product for wired and wireless