Cisco Catalyst SD-WAN Reviews

The primary use case for Cisco SD-WAN is secure segmented traffic. Cisco's micro-segmentation products are being used.

It is very simple to deploy. It's a point-and-click type of deployment, so it's fairly simple.

They have taken away our ability to do what we are good at, which is working on the CLI, the interface right on the router. 

They have limited the commands so much that troubleshooting is nearly impossible. 

They should work on their troubleshooting, in my opinion. 

They should do a better job of allowing more troubleshooting on local devices.

There are a few things on the roadmap. It is more about the specifics of how the product works than extra features. Some things don't work in the product that they are working on. It is quite good, in my opinion. It is very good.

We are currently in the process of fully deploying our Cisco SD-WAN, which was formerly known as Zetella but is now simply Cisco SD-WAN.

We started the deployment two years ago.

We are working with the latest version.

Cisco SD-WAN is a stable solution.

Cisco SD-WAN is very scalable.

We have approximately 15 users.

We used Cisco support to assist us with the deployment, and they made it very simple for us.

If I had to do it, or if we had to do it ourselves, it would have been extremely difficult.

We attempted to use Cisco IPAM a few years ago. It was extremely difficult to install and even more difficult to maintain, to the point where we just scrapped it and deleted all the VMs because it was so difficult to install and maintain.

We have F5 in the environment, and I used to be an administrator for F5.

We used GTM as well as LTM. I don't actually maintain them in this role, but in a previous one, I installed and maintained LTM and GTM.

I have also used Riverbed's Suite product.

SteelHead produces acceleration products. In addition, they have a software suite that manages end-to-end traffic. You can see the flow from beginning to end.

I worked with SteelHead for five years. We removed this solution because we disliked it.

We haven't had it in a few years, but I don't recall the last version we had.

The initial setup was fairly complex, but we used a third party. 

It is expensive.

I don't have exact figures, because we have an enterprise agreement, we basically pay one lump sum for a variety of products.

If one is the cheapest, and five is the most expensive, I would rate the pricing a four out of five.

There are additional expenses, such as hardware.

I would strongly advise hiring third-party solutions for this. Definitely outsource the initial installation and let them guide you in the right direction. Do not try to reinvent the wheel.

If you find the right company, they will have done it a hundred times before and will be able to retrofit it to your specific request and needs.

I would rate Cisco SD-WAN an eight out of ten.

The most valuable feature of Cisco SD-WAN is its compatibility and integration with the rest of the infrastructure.

Cisco SD-WAN could improve on the ease of integration, the configuration should be easier. At the moment the process is more command line based and it would be better if it was able to be done through an interface.

In a feature release, Cisco SD-WAN could add more features for wireless SaaS-based solutions.

I have been using Cisco SD-WAN for approximately two years.

Cisco SD-WAN is stable.

The scalability of Cisco SD-WAN is good.

The support sometimes is delayed. They could improve their response times. They are knowledgeable about the solution but you have to reach the correct person.

I rate the support from Cisco SD-WAN a three out of five.

Neutral

The initial setup of Cisco SD-WAN is not overly complex, but there should be a good understanding of the configuration and setup. There are many technical commands for the process that one should be aware of.

I rate the initial setup of Cisco SD-WAN a three out of four.

We used a third-party vendor help to implement the solution.

Overall, we are receiving a better financial cost advantage using Cisco SD-WAN than what we were using before.

I rate the ROI of Cisco SD-WAN a four out of five.

The price of Cisco SD-WAN could improve, it is expensive. The cost of the solution is approximately 30 percent higher than competitors.

I rate the price of Cisco SD-WAN a two out of five.

There are other competitors in the market that work well, such as Fortinet. The best solution is determined by its ability to handle a use case. There is not one overall best solution, there are suitable use cases for the different vendors.

If a customer is looking for a solution for a large enterprise, then I would recommend Cisco SD-WAN. However, if they have a small setup for a small business setup, Fortinet is better. It is integrated well with all the security features.

I rate Cisco SD-WAN an eight out of ten.

Cisco SD-WAN is predominantly used for the zero-touch deployment, centralized dashboards, and live monitoring of tunnels and the links. It's also used for software image management. 

This solution is deployed on the cloud. 

One of the most valuable features is that they have multiple SD-WAN options: you have Meraki for simple management solutions, you have Viptela, and you have the option of having any type of WAN interfaces. Presently, you can also have a single combined solution for both WAN as well as for voice, so you can have a voice bundle as well. These are major unique points of this solution. 

This solution could be improved with a simpler implementation process and licensing model. 

As for additional features, maybe from a security perspective, it could have more features built into the SD-WAN itself. Rather than going and integrating Cisco with some other solutions, it could have one single SD-WAN solution with more advanced user security features. 

I have been working with this solution for 15-20 years. 

The stability and performance of Cisco SD-WAN are really good. It's a reliable solution. 

This solution is easy to scale. 

Cisco has multiple options: it has Meraki SD-WAN, which is a simplified version. It can be suitable for any retail or small- to medium-sized customers. For large customers, we have Viptela, which is for customers who need more control on their traffic. This solution is suitable for any type of customer. 

I have contacted technical support, but it wasn't specifically about SD-WAN. Cisco's tech support is wonderful—they have a good support team and they have a Customer Experience team as well, where they completely focus on the customer environment. There are dedicated resources available for large customers, and the Customer Experience team supports customers from the same cycle, as well as implementation, so in that way, it's really good. 

The implementation process is complex because there are multiple touchpoints and initial configurations that we need to do in order to get the setup up and running. For example, opening a lot of firewall ports. Overall, it has multiple components to manage—there are multiple controller components where we need to do the configurations to get it up and part of the architecture. 

Compared to a few other OEM solutions, it's a bit complicated because there are multiple controller elements. For example, vBond: I have to do some specific configuration to it and need to have a public IP for it to be part of the architecture. Then we have vManage and vSmart—three, four components are there which have to be managed, which is why we have to do specific configurations for those. All the control elements can talk to each other, which is why it's a bit time consuming. Even in the cloud, you have to make some changes to your existing setup so that it can be part of the SD-WAN architecture. 

We implement this solution for customers. We are a Global Gold partner of Cisco, so we consult, design, implement, and provide support to customers. 

We're an SSP as well, so we also offer maintenance services. We can provide standard maintenance services of supporting only the hardware, or if a customer asks for full managed services, we can deploy our engineers either on the customer side or remotely. We have a NOC facility, from which we can provide remote support. 

The pricing is fair, and it's on par with the market vendors. But based on the competition, Cisco could work on the pricing, go deep on discounts and provide more commercially viable solutions to customers. 

Some similar SD-WAN products from different vendors are Silver Peak, Steelhead Riverbed, Fortinet, VMware, and VeloCloud. Frankly, I've only been working with Cisco, but Silver Peak seems to be good too—I heard that they're doing well in the market. Otherwise, I know about these products and have seen how they work in webinars and trainings, but I haven't really worked on any products apart from Cisco. 

I rate Cisco SD-WAN a ten out of ten. 

To those considering implementation, my advice would be to understand your current infrastructure better. What exactly is being implemented, currently, and what use cases are you looking at? Having a thorough understanding of the existing infrastructure would really help to decide which option to go with: either the Meraki SD-WAN or Viptela. Have a thorough understanding of how your infrastructure currently is, connectivity, how the architecture is, which applications you use, and which use cases you're looking at. These things are helpful to know before choosing and implementing a Cisco solution. 

With other routing protocols, we have had to send team members to perform installations and configurations. There is a lot of work involved. However with SD-WAN, once it is installed it is fully automated, and we can do all other tasks remotely. We don't have to send staff out to the client's location.

It's very independent, and we can establish SD-WAN connectivity easily. It is secure as well.

The cost is too high for certain countries, for example, those in Africa. The solution needs to be more cost-effective.

I would like to see AI functionalities added to future releases. I would also like to see endpoint protection features with encryption technology to prevent data from being copied from different locations.

We have been working with Cisco SD-WAN for one year.

Cisco SD-WAN is a stable solution. I have not seen any issues with stability. If you do the preventive management exercises, ensure that you have the right temperature, regularly perform inspections, and monitor the solution properly, then everything will work perfectly.

It is certainly a scalable solution. For example, you could start with the 10G module and upgrade to 40G, 100G, or DWDM. It is handled on a module basis.

We probably have 400 to 500 users.

The initial setup can be straightforward if you have experienced staff.

Cost-wise, Cisco SD-WAN is comparatively high. 

Cisco SD-WAN is a wonderful solution, and I would give it an eight out of ten. I recommend it because it is easy to establish connectivity and is an independent solution that does not require you send staff out to a client's location.

The integration to the LAN could be improved. It should be an end-to-end solution, not only on the WAN side but also on the LAN and wifi, so a full end-to-end solution.

The integration of Layer 3 and application routing is great.

The technical support is a bit slow. Regarding additional features, it would be good to have a fully integrated solution with the Meraki solution, leading to a seamless Cisco solution.

We have been using this solution for about six years. It is deployed on-premises, and we are using our own management.

The stability is good.

I think the scalability fits the customer requirements. The number of staff required for maintenance depends on the complexity of the network and the number of sites. A single part does not cover it, so we have about 20 staff running our network services.

I rate the technical support a seven out of ten. They are good but not very innovative, and the feature requests take too long to implement.

We use different solutions like Viptela, VeloCloud and Versa.

The initial setup was complex, and it was completed in-house.

I am unsure about licensing costs.

I rate this solution an eight out of ten.

The load sharing in the fabric and the cloud connectivity are both pretty flexible. The solution offers us the correct field mechanisms.

The solution is stable and reliable.

It can scale according to our needs. 

While the environment itself is not a bottleneck, the dependencies and the provisioning and the different parties involved altogether form, complexity and introduce limitations.

The initial setup is really complex.

We've been using the solution for two years. 

The stability is really great. It's definitely reduced downtime. There are no bugs or glitches. It doesn't crash or freeze. 

For us, the solution scales well. We are far away from its limits. That said, we are not, let's say, a very big company.

Technical support has been good. They are helpful and responsive. 

We did not previously use a different solution. We had a fairly traditional wide area network without any sophisticated connection options.

The initial setup is not straightforward or simple. It's very complex. 

I'm not sure how many staff members are needed for deployment and maintenance. 

We did outsource the initial setup.

I'm on the technical side. I have no idea what the price is and don't deal directly with licensing. I do know that this is an all-in deal, meaning there aren't extra fees associated with the cost. 

We're basically an end-user interacting with Cisco on this, however, the final responsibility is with our ISP.

SD is an enterprise tool and you should not use an ISP for implementation. Better to use an NSP or do it yourself. 

I'd rate the solution nine out of ten.

This technology, in my experience, has a better adoption in companies where the concern for security in platform issues and data privacy is high. The reason for this is the data is protected with encryption systems, and that functionality is audited to meet certain standards.

This is in the context of SaaS because that is where I want to take customers. My option is the cloud with pay-per-use and better cost conditions. Also, companies with large IT departments and a high number of engineers have many reasons to use it.

This solution has allowed us to implement much more flexible payment models than the current ones. As such, we can better plan the budget that is needed for technology.

In addition to this, it has prompted us to see the cloud differently. We now look with more confidence since the orchestration is SaaS, which is why we do not see a compelling reason to avoid introducing more services in this format. We plan to stop investing in physical or virtual infrastructure, reducing our dependencies on data centers where we host services.

When we talk about SDN technologies, we are referring to user experience or customer experience. The complete solution is designed based on the services and the experience that we need our users to have with them.

This product offers the ability to utilize all of the access available in the market. Importantly, it does not affect the quality of the application. The best feature of this technology that is available to us is the ability to do better load-balancing. This is thanks to the deep inspection of the packets and of course, the forwarding of packets based on the application.

I would like to see features related to security compliance, including a view of compliance with standards. With this, I should be able to do an audit of my SD-WAN network.

In addition to having a network with an application-oriented intention, I would like to have a network that is oriented to security standards. I am only referring to the WAN network because with this, we can begin thinking about issues of virtualization. For example, access to SD-LAN where we can bring security policies with the user.

I have been working with Cisco Viptele for three years and more with the first version, Cisco IWAN.

Releases and updates/upgrades for the software in each component are not simple to configure.

The scalability is great when you have a mature template for configurations.

The Cisco Technical Assistance Center (TAC) service should be quicker to provide answers.

Positive

Prior to this, we used Cisco IWAN.

The initial setup is a little complex, especially for those with little experience in SaaS.

We used the Solution Support Partner Program (SSPP) from Cisco.

The ROI for this product in my organization is 18%.

This is not a cheap option but if you move from Capex to Opex, I expect you should have lower costs. I am talking specifically about Managed Services License Agreement (MSLA) model.

Fortinet is a solution that is a good option that is low-cost and much simpler. Meraki is another good choice for some customers.

In summary, this product is very strong when you need complex topologies to match the complexity of your services.

Some clients resist switching to new technology and they're also afraid of problems with compatibility and the layout of the NOC. The NOC must change because nowadays new things are happening, but I believe that the beauty of SD-WAN is the vEdge. So for the customers that are afraid of new technologies, we can install the vEdge without spending a lot of money. It's just a virtual machine over there. You can do it on Cisco CSR or even ISR.

So we deploy a new branch or similar branch with this technology and show them. Then they're not afraid of it. It's very easy. Now, vManage is coming. So we have the analytics team, we have all the GUI interfaces so you can create a policy and now deploy it anywhere or you can define it. I believe everything is very easy for the people who want to work with it. 

Technologies are not new. Just the name changes. VPN is the same as VRF, which is the same as Tenant, but the way they're playing with this technology is very different. The method of management is different. I believe that if I show clients what is happening with vManage— the interface, the analytics how you can integrate with them—they will be in love with that. Mostly what I have done is to define and elaborate for them the differences between two solutions, and point out the advantages like visibility and easy management. In the end, but they agree to move to SD-WAN

But I believe that most of the customers are still afraid of SD-WAN because they rely on old solutions. And the old solution was great and working for many years, so they are afraid of the new solution. With vEdge, we have a great way to attract them to make them feel comfortable upgrading everything into the Cisco SD-WAN.

The best feature is SD-WAN's automation capabilities. I believe many customers don't care whether we use VPN, or that use color or mGRE. When you're talking about management of, for example, a DMVPN solution or MDI solution, what is the option? So we have to go to a bug-by-bug report, like for example, NSRP to show these things. With vManage, we can see everything. We have a graph that we can click on and it helps us to remember better. 

Another good feature in the HCI is the integration of a health monitoring system. Other solutions like SDx are all the same. They have an integrated health monitoring system. So if you are deploying a data center, the options aren't really that great. But this integrated health system in HCI in vManage or even SD-WAN in the vManage is helping a lot. And also 

Customizing SD-WAN is very easy because you can define two colors. You can define two different operators. You can deploy a partial mesh, a full mesh, or hub-and-spoke totally differently. If you want to do this on a DMVPN solution, that's really hard. Also, things like Quality of Service in mGRE environment, in my opinion, are very hard because when you are dealing with mGRE, you have one tunnel at the hub and a different tunnel at the spoke. So what if I want to limit the traffic in my hub at the spoke? Because I have one tunnel, all the branches will be affected if I implement a limitation or restriction. So that's why we have advanced technology, like adaptive quality of service. With SD-WAN, the QoS is much easier because it is separate from the VPN.

The very beauty of SD-WAN is the separation of the plane. Right now, there are different planes. Compared to other solutions, the whole thing is totally changed. Rebound and vManage came into play as well as the new protocols like PnP. I started to convert most of the solutions from regular DMVPN into SD-WAN because we have the capability to define our VPN or define our color and customize by making a full or partial image. 

In the next release, Cisco should focus on simplifying the configuration of SD-WAN.  SD-WAN has a lot of room to grow. If you compare vEdge and something like Cisco CSR, you'll see the difference. Because vEdge is natively from Viptela, it is a little more complicated to set up an SD-WAN compared with an ISE device like CSR or ISR, or ISR 4000. You have now two different configuration spaces like iOS, and then some commands and styles are Viptela. So this is the thing that Cisco should work on. 

I've spent a lot of time on it. I started with version 17 when SD-WAN first came out. I continued using the product after Cisco acquired Viptela because I really love Cisco. I followed everything Cisco-related since I was 18 or 19. I got my CCNP in 2003 and my first CCA in 2011. So I spend all my time on Cisco systems. Right now, I have more than 32 certificates. I recently passed the CISSP. I also have more than 20 certificates that have expired, like Cisco Sales Expert, Cisco ASA, VPN, and several old things.

SD-WAN is 100 percent stable. If you use the suggested operating system, all the Cisco solutions are stable. According to the Gartner Magic Quadrant rating, I believe Cisco was No. 1 three years ago. Now it is No. 2 or 3, so I believe that they could improve more.
And many customers have used DMVPN or VPN solutions for many years, so those solutions are also extremely stable.

it is very easy to deploy the whole solution. I have a customer with VoIP and data. For most of the data, the hub and spoke are enough, but for IP telephony or collaboration like chatting or video conference, they need to have a connection between spokes —between branches together — but not for data. With SD-WAN it's very easy. 

I think vEdge is much easier to work with when you compare it to Cisco CSR. Most of the people I know prefer to use ZTP or Zero Touch Provisioning, but it depends on the type of customer. With some customers, ZTP maybe is not the best solution. They should know what's going on. And if you try to configure SD-WAN on a solution like ISR 4000 or CSR, and you compare the same thing on vEdge, you will see that the vEdge is very straightforward. I believe in CSR and ISR 4000. There are some glitches. It's possible that you will get a little bit confused, but you have followed the instruction. You have to do it very carefully. Then you make the connection vManage and everything is done.

I would rate Cisco SD-WAN seven out of 10.