By Kumar Ramachandran
The Silicon Valley rumor mill can sometimes be fun, sometimes insightful, and other times simply absurd. As I grab coffee this morning in Palo Alto, I’m exposed to the latest rumor about Cisco acquiring an SD-WAN vendor, in this case – a startup called Viptela. Being subjected to this rumor is not entirely surprising considering I’m the founder of an SD-WAN company, but I thought it may be worthwhile to run a thought experiment on this rumor.
Before we evaluate Cisco’s approach to SD-WAN, it’s worthwhile to remind ourselves just what in the world is “SD-WAN”. Most customers agree on the following characteristics:
- Application-policy defined WAN: Customers want to build networks by specifying centralized application-policies for performance, security, and compliance, not by trying to retrofit routing protocols. The reasons are self-evident to anyone exposed to the insane complexity of using routing protocols in environments where applications are delivered from multiple locations including SaaS, Clouds and data-centers, and traverse WANs of varying security and performance profiles.
- Cloud-ready: The WAN must deliver not only data-center applications, but also SaaS, UCaaS, and Cloud apps with business criticality, security and performance – WITHOUT creating new dependencies on additional way-points/POPs that could fail.
- WAN Diversity: To support cloud applications and reduce WAN costs, enterprises can no longer rely on MPLS alone, but must deploy Internet broadband and/or LTE securely.
- No proprietary hardware: With the digitization of the remote office, IT wants to deploy application networking, security, visibility and performance management – WITHOUT needing to buy a plethora of expensive, proprietary-hardware devices.
Cisco’s SD-WAN history
Cisco’s approach to the SD-WAN space has been to try and retrofit its legacy proprietary-hardware routers. After all, the ISR routers were very successful in the past, just like Blackberries were all the rage a decade ago. But the ISR was designed for connecting branches to data-centers over MPLS. Now customers want to deliver applications from data centers/Cloud/SaaS over any transport MPLS/Internet broadband/LTE without dependencies on proprietary hardware. And just like Blackberry, Blockbuster, or Mainframe vendors – Cisco is trapped trying to sell something that no longer solves customer problems.
Born a cat and die a dog?
We cannot fault Cisco for not trying. If anything, they have been trying very hard. Let’s look at 5 different “SD-WAN” product choices Cisco sells today or has tried:
- Cisco ISR + iWAN: This is a bag of unrelated technologies that Cisco markets as a product. Customers quickly saw through the complexity and declared it DOA. This is simply the old ISR, a variety of disparate technologies like PfR, DMVPN, legacy QoS, NBAR, Prime etc. that per Cisco’s own documentation frequently don’t even work together. Credit to Cisco that they recognized iWAN’s failure and pivoted to Meraki.
- Cisco Meraki: With a $1B+ acquisition price tag, Meraki makes easy-to-use wireless products. Cisco’s recent attempts to repurpose the Meraki firewall as an SD-WAN device is OK for small and medium business, but lacks basic enterprise features, ability to define custom applications, or solve for anything beyond the simplest of topologies. Nothing wrong with Meraki – just that it is still hard to be born a cat and die a dog.
- Cisco ISR + Velocloud: So, Cisco reverted to the ISR and trying to make it better – Cisco apparently invested in a startup called Velocloud and may have even tried to integrate it with the ISR. This attempt also failed – you bring two packet-based technologies together, you still cannot get application-intelligence. So, Cisco discarded the ISR + Velocloud as a failed SD-WAN product.
- Cisco ISR + APIC-EM: Cisco next turned to some technologies from its newest $1B+ data-center acquisitions and tried injecting application-intelligence from a controller. To nobody’s surprise, we don’t hear much about this at all anymore – certainly not from customers.
- Cisco ISR + Partners: With all the above attempts to make the ISR work failing, Cisco has tried to have external tools for configuration and visibility be marketed as “SD-WAN”. Candidly I think many of these partner-products are great at what they do (configuration simplification, network visibility etc.), just that they cannot make the ISR into an SD-WAN product.
So, Should Cisco acquire Viptela?
The common theme in the previous list of failed attempts is that Cisco wants to:
- Try to preserve the proprietary-hardware based ISR as the platform
- Try to force-fit packet-routing protocols to work in a world where application-intelligence based networking is required
- Try to “inject” application intelligence externally into what is fundamentally a packet-based system.
Viptela’s product offer fits the previous patterns from Cisco. The Viptela solution is:
- Based on proprietary hardware
- Based on packet-routing protocols
- Shows some basic application reports, without using any application knowledge in their networking stack
If the definition of insanity is doing the same thing over and over again and expecting different results, then sure Cisco MUST acquire Viptela. It fits right into Cisco’ previous patterns.
Would it solve the problems Cisco has in missing application-defined networking, cloud-ready policy-models, eliminating dependency on proprietary-hardware and routing? No. But these customer considerations haven’t stopped previous attempts from Cisco! Why stop now?
10 questions your CIO (and CFO) has for Cisco
Some of the questions customers will have to try and get straight answers from Cisco BEFORE spending another dollar with Cisco:
- When is the end-of-life planned for Meraki – should I even buy the Meraki hardware?
- Can you guarantee the ISR hardware won’t be killed within 18 months to make way for Viptela hardware? After all, your executives are measured on new acquisition revenues.
- But the Viptela hardware doesn’t have the modules you upsold me on the ISR for “investment protection”, so will Viptela hardware be killed to make way for ISR?
- I don’t use the Blackberry anymore, why am I still stuck with routing in 2017 – Do I still have to setup and configure routing protocols?
- Can I ever get application-intelligence based networking from Cisco? Why should I trust Cisco given that we’ve been hearing hollow promises for over a decade now?
- Can I access the cloud without dependencies on way-points with any of Cisco SD-WAN?
- Can I use best-of-breed security solutions from vendors like Palo Alto or zScaler in a supported manner with Cisco SD-WAN?
- Does the solution natively provide deep application and network intelligence or am I stuck buying additional tools?
- What are the software, hardware, control, management, visibility tools that need to be re-invested in – of course on my dime?
- Which of the 6-7 SD-WAN products will Cisco kill? Can I get a written, legally-binding guarantee that my investment won’t be killed? Even with executive change?
If the above made your head hurt, you are not alone. Phew! If you want a product designed grounds up to solve the challenges of the modern enterprise, check CloudGenix out. Or listen to one of our many happy customers.
You will find that our CloudGenix Instant-On Networks (ION) SD-WAN products truly revolutionizes the way WANs are built and address your challenges of delivering SaaS, UCaaS, Cloud and data-center applications over heterogeneous networks.
- CloudGenix ION delivers an Application-defined Fabric that eliminates the decades-old dependencies on complex routing protocols. That’s right – no more routers!
- With the App-defined Fabric, you can specify IT and business intent as application polices for performance, security, and compliance to build networks. CloudGenix ION controls network and application performance based upon application-performance SLAs and business priorities rather than just routing packets blindly.
- By eliminating hardware, natively providing app and network insights, and enabling the seamless usage of broadband, LTE and MPLS transports, CloudGenix also reduces WAN costs by 50%-70%. Simple and purpose-built.
You don’t need Superman for the rescue
Already made a preliminary investment in the Cisco ISR that’s making your stomach churn given the uncertainty and failures surrounding Cisco? We got you covered with a Cisco rescue program. Drop us a note at firstname.lastname@example.org or contact us for assistance. You can leave your cape at home, your organization already knows you are the real hero!