Cisco Catalyst SD-WAN Reviews

I work for a global telecom operator. I'm a system integrator. It's deployed on cloud and on-premises.

The most useful features will depend on the clients' requirements.

Cisco SD-WAN doesn't have automation capabilities, artificial intelligence, machine learning, and isn't IOT-based. There are a lot of technologies coming onto the market that Cisco SD-WAN doesn't have. I would like to see AI-driven capabilities.

It should be more cloud-based and compatible with all the clouds.

I have used Cisco SD-WAN for seven years.

Sometimes there are issues on the routing layers. Most of the time, the protocols don't meet the compliance standards. If one site is Cisco and another site is Juniper, then there is a mismatch in the protocols, so there is latency. If all the sites are Cisco, then it's stable.

I would rate the stability as six out of ten.

The scalability is good. I would rate it as seven out of ten.

I would rate technical support as eight out of ten. They're responsive, but many of the people I speak to don't have a lot of technical knowledge.

For new telecom companies that have a 5G or 4G setup, there are other service providers that they can contact.

Initial setup is easy. I would rate setup as seven out of ten. 

It depends on the sites, the connectivity, and how many tunnels there are between various planes, like the control plane and management plane.

The cost is reasonable. I would rate the price as seven out of ten.

Huawei has their own cloud, and they don't have any dependencies. The best part is that there isn't a lot of tactic latency. Cisco doesn't have that kind of feature. Huawei is more advanced compared to Cisco.

I would rate this solution as seven out of ten.

The primary use case for Cisco SD-WAN is secure segmented traffic. Cisco's micro-segmentation products are being used.

It is very simple to deploy. It's a point-and-click type of deployment, so it's fairly simple.

They have taken away our ability to do what we are good at, which is working on the CLI, the interface right on the router. 

They have limited the commands so much that troubleshooting is nearly impossible. 

They should work on their troubleshooting, in my opinion. 

They should do a better job of allowing more troubleshooting on local devices.

There are a few things on the roadmap. It is more about the specifics of how the product works than extra features. Some things don't work in the product that they are working on. It is quite good, in my opinion. It is very good.

We are currently in the process of fully deploying our Cisco SD-WAN, which was formerly known as Zetella but is now simply Cisco SD-WAN.

We started the deployment two years ago.

We are working with the latest version.

Cisco SD-WAN is a stable solution.

Cisco SD-WAN is very scalable.

We have approximately 15 users.

We used Cisco support to assist us with the deployment, and they made it very simple for us.

If I had to do it, or if we had to do it ourselves, it would have been extremely difficult.

We attempted to use Cisco IPAM a few years ago. It was extremely difficult to install and even more difficult to maintain, to the point where we just scrapped it and deleted all the VMs because it was so difficult to install and maintain.

We have F5 in the environment, and I used to be an administrator for F5.

We used GTM as well as LTM. I don't actually maintain them in this role, but in a previous one, I installed and maintained LTM and GTM.

I have also used Riverbed's Suite product.

SteelHead produces acceleration products. In addition, they have a software suite that manages end-to-end traffic. You can see the flow from beginning to end.

I worked with SteelHead for five years. We removed this solution because we disliked it.

We haven't had it in a few years, but I don't recall the last version we had.

The initial setup was fairly complex, but we used a third party. 

It is expensive.

I don't have exact figures, because we have an enterprise agreement, we basically pay one lump sum for a variety of products.

If one is the cheapest, and five is the most expensive, I would rate the pricing a four out of five.

There are additional expenses, such as hardware.

I would strongly advise hiring third-party solutions for this. Definitely outsource the initial installation and let them guide you in the right direction. Do not try to reinvent the wheel.

If you find the right company, they will have done it a hundred times before and will be able to retrofit it to your specific request and needs.

I would rate Cisco SD-WAN an eight out of ten.

We primarily use the solution for MPLS. We use it to have a connection to the telecom and we also have some radio networks that we use it for. We have two WAN ports - one is the MPLS one is the radio backbone.

The solution is excellent mainly for supporting our two WAN ports. We can dedicate which WAN is taking over and which one is available or not. It's great that we can also connect them to the internet. We can have a third line to connect to the internet providers for our internet solution. Everything is redundant and everything is working so far.

Overall, it's been working well for us.

The solution is great at aggregating the traffic and then sending it in one direction.

We have a good knowledge base in-house and good support in general and therefore we have continued to use it over the years.

The product can scale well.

The solution is very stable.

The solution basically does exactly what we need it to do. I can't recall finding a feature that was lacking for our purposes. We aren't actually using many of the features in general.

The solution could be a bit cheaper.

We've been using the solution for about three or four years at this point.

We've had absolutely no issues with the stability of the solution. It doesn't crash or freeze. There are no bugs or glitches. It's been quite good overall.

This is deployed in our headquarters. We have them around the country, and we have some large offices and have the solution at all of them. There are likely 1,000 or more users on the solution all over the country.

The same generation and the same product is the easiest to scale and we have them mostly on some of our sites. We have the needed redundancy. That said, I would question the scalability if you are dealing with multiple types or other versions or other products. It needs to be of the same generation to take advantage of the path of least resistance.

We never test it with other solutions, however, with Cisco and other vendors is there is not recommended.

We mainly use the solution directly and as-is. There is a lot of redundancy, so if something goes wrong, there's something to catch it. We don't really use too many features for SD-WAN. So far, we don't need anything added on, and we really don't need too much support from customer service.

We buy support, however, in the latest versions, we really haven't needed assistance. IN the past, we did have some issues and support was there to help us get replacements, for example. They make getting replacements easy.

They usually reply to us within 15 minutes or so, if we do reach out. I'd describe them as pretty responsive. 

The level of difficulty depends on the experience of the engineer. If they don't have as much experience, it may be difficult. However, those that know the product well don't find the setup process complex.

Mainly they're using a command-line interface for years and they don't ask for anything like a GUI, which would be on Windows or Linux civil server. Everybody enjoys command-line. We exchanged some other Cisco products and some other routers recently, which were working for 15 years and are still working. We just asked for new ones with new features, like more traffic, more throughput, et cetera. 

I don't recall any maintenance really being needed. It works 24/7 without much need for assistance.

We did have some outside help, although nothing was from Cisco directly. We have our contact support company, and also we have in-house knowledge. It's done together, using both teams.

It would always be nice if the solution was a bit cheaper, however, the value is good. The cost of ownership is worth it as the solution itself is quite good and lasts years.

As a bigger company, we'd prefer to have a brand and a solution that's reliable as opposed to trying to find the cheapest option and have sleepless nights, afraid it might fail.

To calculate what we buy and how much it costs us for all the services, it's still quite a lot of money.

You have to pay between 3000 and 10,000 euros, or something in that range. The core switches Nexus cost me between 10,000 and 20,000 euros. However, they work, and that's why we use them.

We are just a customer and end-user.

We have 1921 and 4331 router versions. 

Not only does Cisco have a reputation, but we also have a good experience for a number of years, - five, 10, 15, 20 even years of use. Some of them still working even after all of this time.

In general, I would rate the solution at a seven out of ten. If it were more affordable, I might rate it higher.

We use the solution to do a lot of proof of concept to evaluate the deployment, manageability of the solution, application availability, scalability, and cloud. These include secure cloud security integration with Umbrella and software-defined cloud interconnect (SD-WAN) use cases. We also evaluate end-to-end segmentation use cases.

In general, Cisco SD-WAN is a scalable tool that simplifies network management. It can be a great way to transform a legacy network into a more standardized one, which can help reduce operational issues.

Over time, a regular network with different point solutions can become very complex. There are different vendors for WAN, LAN, cloud security firewalls, etc. Each device may be configured separately, and each region may have its own IT team with its own way of working. All of it has created silos over the years. If you want to make a change or a rollout, It takes a lot of time to do a risk and impact assessment because there are hundreds of teams and hundreds of devices. Every device and no team or no region has a similar type of configuration. There is no useability. There are no template extensions. Every device is configured differently depending upon the liking of the individual who has done it on the first go. 

However, with Cisco's SD-WAN, when you manage it through a central dashboard, you use templates, etc. You build that standardized configuration or discipline, for that matter, and you maintain it.

You have a common policy repository, and standard template, and use one template to configure 50 devices or one. If you have 100 similar devices, we do the same thing, which is very easy. It'll be too extreme, but it'll be far easier to understand that if I work 100 branches, this is how the branch organization will look. If I have 50 medium-sized branches or a corporate office, this is how the configuration will look.

The solution gives an immense opportunity for standardizing the network configuration. It reduces mean repair time, mean deployment time, and uses and predictability in operation. This will also improve your first-time deployment because the network is more predictive. Since I've been in the industry for 20 years, every time you make some change, you are 90% expecting one or the other surprises, which you'll have to deal with during the maintenance window. 

Cisco enhances these aspects by providing an opportunity to make networks simpler. Simplicity is crucial for multiple family networks, and Cisco ensures improvement without unnecessary complexity.

The cloud environment, including cloud security integration, is very valuable because of the many API integrations with the SD-WAN. This includes monitoring tools, ThousandEyes, and the programmability aspect.

In the transition from Viptela to Cisco SD-WAN, there have been very huge revision cycles in the last three to four years. This does not happen for a stable product. Still, it is because Cisco has been migrating from one vendor and merging into their own operating system and making a lot of additional development beyond what is required. This has made it tough for enterprise-level integrators cannot find downtime to keep up with the upgrades. Cisco is working to stabilize the product, which will likely be much more stable in the coming years. So, I would like to see revision cycles to be more stable.

Another area of improvement is the licensing and pricing model. The Cisco SD-WAN licensing model needs to be simplified. There are currently three types of licenses: enterprise agreements, individual licenses, and DNA subscriptions. This can confuse customers, requiring a dedicated person to determine which type of license is right for their organization.

Although Cisco is working on many features, the general usability of the templating mechanism should be improved to make it easier to use and understand. The various GUI elements are different, as in Cisco Vault. If I migrate from a CLI to a GUI model for managing devices, the GUI is still more like Viptela. The GUI should be more aligned with the Cisco CLI regarding terms and concepts. The tools need to be more intuitive to use.

I have been using Cisco SD-WAN for five years or more. We initially started with V19.2 and are currently using V20.9.

I rate the stability an eight out of ten. So, it's very stable.

I rate the solution’s scalability an eight out of ten. It's fairly scalable unless you have the regional fabric aspect of a large network. So it's fairly scalable. 

Most of our clients use this solution. We are engaged with about nine out of ten clients; we are involved in that. They fall between medium and enterprise businesses.

It's an evolving technology with lots of changes happening and releases. So, it's the shared load of support requests that's causing the issues. But otherwise, Cisco Tech is very helpful. 

However, they might be offloading tech support a little too much, which sometimes results in situations where we do not receive the expected level of technical support and the right quality of technical support due to the outsourced model. They were already outsourcing, but now, with additional vendors outsourcing, it's causing some confusion.

Neutral

I would rate my experience with the initial setup a seven out of ten, with one being difficult and ten being easy to set up because there are two situations.

If it is deployed on-prem, the setup is a little complicated. It was not tough for me, but for a new company, it would be tough.

The setup is easy if cloud deployment is for small, medium, and a few large companies. Setup becomes a little complicated if you have an on-prem deployment and other use cases, especially for banking, financial, and government.

So, for all large specifics where you need a lot of security for banking and finance, we would go with on-prem deployment. But for others, we always suggest cloud deployment. So, with the controllers. So, that is the AWS, but that completely manages the Cisco. Therefore, we cannot state that it could be directed to Azure data because Cisco manages that. 

However, in other cases, when there's no specific cloud provider, we exclusively opt for clients. It entirely depends on what the client's workload is. Cisco is extending its reach to AWS, Azure, and Google, and perhaps in the future, there might be additional options. The major advantage is that Cisco can provide connectivity effectively. So, it doesn't really matter. We don't lean towards one over the other.

The deployment time for a proof of concept is typically 40-60 hours, but a full-scale deployment will vary depending on the size of the organization's network.

About 80% of the time is dedicated to data gathering and planning for any deployment. This step involves understanding the existing network vs. old transformation to understand the data-gathering process. 

Then, you create a high-level design for SD-WAN and discuss and explore different options, such as technology choices (fully managed, partially managed, peered approach), depending on the company's network profile, workload, and global or local footprint. These factors help to achieve a well-defined design. 

Once the design is approved, the next step is understanding the existing services and their hosting locations, whether on-premises, different sites, or cloud. A deployment plan is formulated to minimize downtime following a pilot phase to assess stability, a comprehensive deployment is executed.

The pricing is neutral. However, there is room for improvement in the licensing model. 

Take the opportunity to simplify your network while migrating. Since it is a new technology, and you do not simplify your network, you will end up in more complex situations than you were in the first place.

Overall, I rate the solution an eight out of ten.

Some clients resist switching to new technology and they're also afraid of problems with compatibility and the layout of the NOC. The NOC must change because nowadays new things are happening, but I believe that the beauty of SD-WAN is the vEdge. So for the customers that are afraid of new technologies, we can install the vEdge without spending a lot of money. It's just a virtual machine over there. You can do it on Cisco CSR or even ISR.

So we deploy a new branch or similar branch with this technology and show them. Then they're not afraid of it. It's very easy. Now, vManage is coming. So we have the analytics team, we have all the GUI interfaces so you can create a policy and now deploy it anywhere or you can define it. I believe everything is very easy for the people who want to work with it. 

Technologies are not new. Just the name changes. VPN is the same as VRF, which is the same as Tenant, but the way they're playing with this technology is very different. The method of management is different. I believe that if I show clients what is happening with vManage— the interface, the analytics how you can integrate with them—they will be in love with that. Mostly what I have done is to define and elaborate for them the differences between two solutions, and point out the advantages like visibility and easy management. In the end, but they agree to move to SD-WAN

But I believe that most of the customers are still afraid of SD-WAN because they rely on old solutions. And the old solution was great and working for many years, so they are afraid of the new solution. With vEdge, we have a great way to attract them to make them feel comfortable upgrading everything into the Cisco SD-WAN.

The best feature is SD-WAN's automation capabilities. I believe many customers don't care whether we use VPN, or that use color or mGRE. When you're talking about management of, for example, a DMVPN solution or MDI solution, what is the option? So we have to go to a bug-by-bug report, like for example, NSRP to show these things. With vManage, we can see everything. We have a graph that we can click on and it helps us to remember better. 

Another good feature in the HCI is the integration of a health monitoring system. Other solutions like SDx are all the same. They have an integrated health monitoring system. So if you are deploying a data center, the options aren't really that great. But this integrated health system in HCI in vManage or even SD-WAN in the vManage is helping a lot. And also 

Customizing SD-WAN is very easy because you can define two colors. You can define two different operators. You can deploy a partial mesh, a full mesh, or hub-and-spoke totally differently. If you want to do this on a DMVPN solution, that's really hard. Also, things like Quality of Service in mGRE environment, in my opinion, are very hard because when you are dealing with mGRE, you have one tunnel at the hub and a different tunnel at the spoke. So what if I want to limit the traffic in my hub at the spoke? Because I have one tunnel, all the branches will be affected if I implement a limitation or restriction. So that's why we have advanced technology, like adaptive quality of service. With SD-WAN, the QoS is much easier because it is separate from the VPN.

The very beauty of SD-WAN is the separation of the plane. Right now, there are different planes. Compared to other solutions, the whole thing is totally changed. Rebound and vManage came into play as well as the new protocols like PnP. I started to convert most of the solutions from regular DMVPN into SD-WAN because we have the capability to define our VPN or define our color and customize by making a full or partial image. 

In the next release, Cisco should focus on simplifying the configuration of SD-WAN.  SD-WAN has a lot of room to grow. If you compare vEdge and something like Cisco CSR, you'll see the difference. Because vEdge is natively from Viptela, it is a little more complicated to set up an SD-WAN compared with an ISE device like CSR or ISR, or ISR 4000. You have now two different configuration spaces like iOS, and then some commands and styles are Viptela. So this is the thing that Cisco should work on. 

I've spent a lot of time on it. I started with version 17 when SD-WAN first came out. I continued using the product after Cisco acquired Viptela because I really love Cisco. I followed everything Cisco-related since I was 18 or 19. I got my CCNP in 2003 and my first CCA in 2011. So I spend all my time on Cisco systems. Right now, I have more than 32 certificates. I recently passed the CISSP. I also have more than 20 certificates that have expired, like Cisco Sales Expert, Cisco ASA, VPN, and several old things.

SD-WAN is 100 percent stable. If you use the suggested operating system, all the Cisco solutions are stable. According to the Gartner Magic Quadrant rating, I believe Cisco was No. 1 three years ago. Now it is No. 2 or 3, so I believe that they could improve more.
And many customers have used DMVPN or VPN solutions for many years, so those solutions are also extremely stable.

it is very easy to deploy the whole solution. I have a customer with VoIP and data. For most of the data, the hub and spoke are enough, but for IP telephony or collaboration like chatting or video conference, they need to have a connection between spokes —between branches together — but not for data. With SD-WAN it's very easy. 

I think vEdge is much easier to work with when you compare it to Cisco CSR. Most of the people I know prefer to use ZTP or Zero Touch Provisioning, but it depends on the type of customer. With some customers, ZTP maybe is not the best solution. They should know what's going on. And if you try to configure SD-WAN on a solution like ISR 4000 or CSR, and you compare the same thing on vEdge, you will see that the vEdge is very straightforward. I believe in CSR and ISR 4000. There are some glitches. It's possible that you will get a little bit confused, but you have followed the instruction. You have to do it very carefully. Then you make the connection vManage and everything is done.

I would rate Cisco SD-WAN seven out of 10. 

Viptela is one part of SD-WAN that can give you an internet connection with the help of stacking. You can create a stack in the environment called a TLOC. With the help of TLOC, you can configure your ISPs in one bundle, giving you the network's resiliency. The best part is that you will get a few connections immediately onto your network.

If one of your ISPs goes down or has latency in your environment, Cisco SD-WAN will detect the issue and explain why the ISP is down. This is the solution's best feature, as it allows you to monitor your ISP links very well from their side. The solution's configuration is easy and not that hard. The solution's central management allows you to raise cases and get support.

The solution should be more user-friendly.

Cisco SD-WAN is a stable solution.

I rate the solution’s stability a nine out of ten.

I rate the solution’s scalability a nine out of ten.

The solution's technical support team supports you on your tickets region-wise.

The solution's initial setup is neither very simple nor too complex. Someone with good network knowledge can easily configure the solution to their environment.

Cisco provides the best support, and that's why most people are using it. Cisco is a brand right now that provides a fast solution for networks. Cisco SD-WAN is a cloud-based solution. Users who want the best support can choose Cisco SD-WAN.

Overall, I rate the solution a nine out of ten.

My client wants to use SD-WAN to reduce their line costs. By using SD-WAN, they aim to lower transport costs and better use internet traffic and bandwidth.

Clients use SD-WAN, which encapsulates the packet into a VPN tunnel. This allows them to be ready. In SD-WAN, the internet line is generally much cheaper than other lines. For example, they can use DIA to access internet traffic. With strong encryption, such as TLS or IPsec, they can securely send business traffic over the internet at a lower cost.

It depends on the customer’s requirements. In our area, Taiwan, we help users build SD-WAN. They are only using SD-WAN for transport. They want multitasking and QR code functions enabled.

Customers collaborate with ISPs and currently work with three ISPs, using options like LSM VPN and MPLS VPN to reduce line costs. They are considering moving from their current setup to an MPLS VPN and might also consider using a DIA line for internet access. However, due to government regulations and audits of internet access, they are cautious about using an internet line. They are still deciding which bank should be the first to implement this change.

If I want to improve the SD-WAN in the future, they might consider integrating it with technologies like SignalR and SRv6 into the SD-WAN control plane. This would enhance functionality, such as SRv6 video capabilities. They can simply use an SD-WAN solution based on SRv6.

I have been using Cisco SD-WAN for one year.

I rate the solution's stability as eight out of ten.

It is scalable. 8200 users are using this solution.

I rate the solution's scalability an eight out of ten.

Our banking customers trust Cisco. I work for a company that serves these banking clients, and we provide Cisco's CX service to help them build their SD-WAN solution. They purchase the product and the associated service, and the Cisco team assists with the deployment, making the process straightforward. It takes a couple of hours to deploy completely.

The product is expensive.

I recommend the solution.

Overall, I rate the solution as five out of ten.

We use the solution to interconnect the branch network.

Cisco's performance is very good. The branches that we installed went on smoothly. We operate with no complaints. When it comes to management, it's simple. One PIN will allow us visibility into everything. Another thing is troubleshooting; we can see the issues quickly, dig down, and know exactly what the issue is.

Since the new one comes with the included IPSec tool, we don't have any security issues. It's already covered because all the data is fully encrypted between the branch and the office.

Cisco provides visibility. We can see the performance of the branch. Troubleshooting is swift, allowing for fast turnaround times whenever we encounter an issue.

The user interface needs improvement. Users should be able to find various features faster without much tweaking.

I have been using Cisco SD-WAN since 2019.

The product is stable. We don't have any downside so far.

Cisco is very stable, whether a branch network or the branches. We don't have any issues with them.

Seven members of the team interact with the solution.

We haven't encountered any issues with scalability when adding more branches or refining the solution.

We interact with them whenever we need access to the services.

Positive

I have used SilverPeek. It is made for the end user, not for technical engineers. It is easy to deploy and has better visibility of how the network is performing than Cisco.

I have used both solutions. I have evaluated some other solutions. Technically, all the SD-WAN solutions work the same, so it depends on the organization. Cost is a factor. Cisco is on the higher side but is stable. There have been a few upgrades.

The initial setup is straightforward. Initially, it may seem a bit complex, but overall it is straightforward.

Deployment typically takes from four to six months to complete. Additional time may be needed, especially if issues with procuring hub routers were not included in the original plan. Developing the actual network implementation plan may take around six months. However, the actual migration process after that is quick. It usually takes less than three months to migrate the network fully.

We work with three guys from the internal team and four from vendors.

From a technical perspective, we used to experience failures, especially when using two service providers where data wouldn't come up if one link went down. We no longer encounter that issue. We're able to utilize both links simultaneously. Thus, we haven't faced the necessity of quick upgrades as we did when relying on a single link. Having one link operational at any given time was less elastic.

Cisco is expensive.

We need to renew the licensing after three years whenever updates are required. These licenses are valid for three years. There's no longer a need for routine physical maintenance of the devices, which is typical for network devices.

We initially faced some challenges with sizing and acquiring the necessary devices. We encountered some issues with missing hub routers. However, once we overcame those obstacles, we involved Cisco professional services. They assisted us in creating the low-level design and supported the initial site deployments. After that, we were able to proceed independently. Our corporate professional services team guided us through the process and helped us develop the design.

Overall, I rate the solution an eight out of ten.