Cisco Catalyst SD-WAN Reviews

Cisco SD-WAN is predominantly used for the zero-touch deployment, centralized dashboards, and live monitoring of tunnels and the links. It's also used for software image management. 

This solution is deployed on the cloud. 

One of the most valuable features is that they have multiple SD-WAN options: you have Meraki for simple management solutions, you have Viptela, and you have the option of having any type of WAN interfaces. Presently, you can also have a single combined solution for both WAN as well as for voice, so you can have a voice bundle as well. These are major unique points of this solution. 

This solution could be improved with a simpler implementation process and licensing model. 

As for additional features, maybe from a security perspective, it could have more features built into the SD-WAN itself. Rather than going and integrating Cisco with some other solutions, it could have one single SD-WAN solution with more advanced user security features. 

I have been working with this solution for 15-20 years. 

The stability and performance of Cisco SD-WAN are really good. It's a reliable solution. 

This solution is easy to scale. 

Cisco has multiple options: it has Meraki SD-WAN, which is a simplified version. It can be suitable for any retail or small- to medium-sized customers. For large customers, we have Viptela, which is for customers who need more control on their traffic. This solution is suitable for any type of customer. 

I have contacted technical support, but it wasn't specifically about SD-WAN. Cisco's tech support is wonderful—they have a good support team and they have a Customer Experience team as well, where they completely focus on the customer environment. There are dedicated resources available for large customers, and the Customer Experience team supports customers from the same cycle, as well as implementation, so in that way, it's really good. 

The implementation process is complex because there are multiple touchpoints and initial configurations that we need to do in order to get the setup up and running. For example, opening a lot of firewall ports. Overall, it has multiple components to manage—there are multiple controller components where we need to do the configurations to get it up and part of the architecture. 

Compared to a few other OEM solutions, it's a bit complicated because there are multiple controller elements. For example, vBond: I have to do some specific configuration to it and need to have a public IP for it to be part of the architecture. Then we have vManage and vSmart—three, four components are there which have to be managed, which is why we have to do specific configurations for those. All the control elements can talk to each other, which is why it's a bit time consuming. Even in the cloud, you have to make some changes to your existing setup so that it can be part of the SD-WAN architecture. 

We implement this solution for customers. We are a Global Gold partner of Cisco, so we consult, design, implement, and provide support to customers. 

We're an SSP as well, so we also offer maintenance services. We can provide standard maintenance services of supporting only the hardware, or if a customer asks for full managed services, we can deploy our engineers either on the customer side or remotely. We have a NOC facility, from which we can provide remote support. 

The pricing is fair, and it's on par with the market vendors. But based on the competition, Cisco could work on the pricing, go deep on discounts and provide more commercially viable solutions to customers. 

Some similar SD-WAN products from different vendors are Silver Peak, Steelhead Riverbed, Fortinet, VMware, and VeloCloud. Frankly, I've only been working with Cisco, but Silver Peak seems to be good too—I heard that they're doing well in the market. Otherwise, I know about these products and have seen how they work in webinars and trainings, but I haven't really worked on any products apart from Cisco. 

I rate Cisco SD-WAN a ten out of ten. 

To those considering implementation, my advice would be to understand your current infrastructure better. What exactly is being implemented, currently, and what use cases are you looking at? Having a thorough understanding of the existing infrastructure would really help to decide which option to go with: either the Meraki SD-WAN or Viptela. Have a thorough understanding of how your infrastructure currently is, connectivity, how the architecture is, which applications you use, and which use cases you're looking at. These things are helpful to know before choosing and implementing a Cisco solution. 

We use this solution for banks in the private sector. They use it to connect their headquarters to multiple branches with the SQL connection. They previously used different technologies, like MPLS, so we offered Cisco SD-WAN and did the project using this technology.

We are a system integrator and Cisco partner and usually sell products to customers. So we have different use cases, not only in Cisco SD-WAN but for other products. So the use case often differs from customer to customer.

The availability of services and combining different connections is most valuable.

Cisco should pay attention to the software as we recently found some bugs. There should also be better integration with other third-party software for the SD-WAN.

There are some features I'd like to see in the next release, and we have them for the Cisco account manager. First, we would like a single sign-on to be supported on the SD-WAN. Integration with third-party applications, like Active Directory, is not available and is also very important. They should also enhance traffic monitoring.

We have been using Cisco SD-WAN for about a year but are not using the latest version. It is deployed on-premises.

It is a stable solution, and I rate the stability a nine out of ten.

I rate the scalability a nine out of ten, and we have approximately 150 users from different departments. We may increase our usage depending on customer and business needs.

The technical support is very responsive and helpful, and I rate them a ten out of ten.

Positive

We've used different technologies from different vendors. Some customers preferred the SD-WAN from Cisco, and some preferred other vendors.

I rate the initial setup an eight out of ten, and it is straightforward. The deployment time depends on the use case and the number of branches and connections. It could take two or even three weeks because you may have the migration from a new to an old system. First, we had to prepare for the deployment, vulnerability design and migration plan. We then had to migrate branches one by one and check the services. The deployment was also completed in-house, and one person can complete it.

Regarding price, it should be better than S3 to be more competitive than other vendors. I rate the price a seven out of ten, with ten as very high and one as low. The licensing is annual.

I rate the solution a nine out of ten and recommend it to others.

With other routing protocols, we have had to send team members to perform installations and configurations. There is a lot of work involved. However with SD-WAN, once it is installed it is fully automated, and we can do all other tasks remotely. We don't have to send staff out to the client's location.

It's very independent, and we can establish SD-WAN connectivity easily. It is secure as well.

The cost is too high for certain countries, for example, those in Africa. The solution needs to be more cost-effective.

I would like to see AI functionalities added to future releases. I would also like to see endpoint protection features with encryption technology to prevent data from being copied from different locations.

We have been working with Cisco SD-WAN for one year.

Cisco SD-WAN is a stable solution. I have not seen any issues with stability. If you do the preventive management exercises, ensure that you have the right temperature, regularly perform inspections, and monitor the solution properly, then everything will work perfectly.

It is certainly a scalable solution. For example, you could start with the 10G module and upgrade to 40G, 100G, or DWDM. It is handled on a module basis.

We probably have 400 to 500 users.

The initial setup can be straightforward if you have experienced staff.

Cost-wise, Cisco SD-WAN is comparatively high. 

Cisco SD-WAN is a wonderful solution, and I would give it an eight out of ten. I recommend it because it is easy to establish connectivity and is an independent solution that does not require you send staff out to a client's location.

The integration to the LAN could be improved. It should be an end-to-end solution, not only on the WAN side but also on the LAN and wifi, so a full end-to-end solution.

The integration of Layer 3 and application routing is great.

The technical support is a bit slow. Regarding additional features, it would be good to have a fully integrated solution with the Meraki solution, leading to a seamless Cisco solution.

We have been using this solution for about six years. It is deployed on-premises, and we are using our own management.

The stability is good.

I think the scalability fits the customer requirements. The number of staff required for maintenance depends on the complexity of the network and the number of sites. A single part does not cover it, so we have about 20 staff running our network services.

I rate the technical support a seven out of ten. They are good but not very innovative, and the feature requests take too long to implement.

We use different solutions like Viptela, VeloCloud and Versa.

The initial setup was complex, and it was completed in-house.

I am unsure about licensing costs.

I rate this solution an eight out of ten.

The load sharing in the fabric and the cloud connectivity are both pretty flexible. The solution offers us the correct field mechanisms.

The solution is stable and reliable.

It can scale according to our needs. 

While the environment itself is not a bottleneck, the dependencies and the provisioning and the different parties involved altogether form, complexity and introduce limitations.

The initial setup is really complex.

We've been using the solution for two years. 

The stability is really great. It's definitely reduced downtime. There are no bugs or glitches. It doesn't crash or freeze. 

For us, the solution scales well. We are far away from its limits. That said, we are not, let's say, a very big company.

Technical support has been good. They are helpful and responsive. 

We did not previously use a different solution. We had a fairly traditional wide area network without any sophisticated connection options.

The initial setup is not straightforward or simple. It's very complex. 

I'm not sure how many staff members are needed for deployment and maintenance. 

We did outsource the initial setup.

I'm on the technical side. I have no idea what the price is and don't deal directly with licensing. I do know that this is an all-in deal, meaning there aren't extra fees associated with the cost. 

We're basically an end-user interacting with Cisco on this, however, the final responsibility is with our ISP.

SD is an enterprise tool and you should not use an ISP for implementation. Better to use an NSP or do it yourself. 

I'd rate the solution nine out of ten.

This technology, in my experience, has a better adoption in companies where the concern for security in platform issues and data privacy is high. The reason for this is the data is protected with encryption systems, and that functionality is audited to meet certain standards.

This is in the context of SaaS because that is where I want to take customers. My option is the cloud with pay-per-use and better cost conditions. Also, companies with large IT departments and a high number of engineers have many reasons to use it.

This solution has allowed us to implement much more flexible payment models than the current ones. As such, we can better plan the budget that is needed for technology.

In addition to this, it has prompted us to see the cloud differently. We now look with more confidence since the orchestration is SaaS, which is why we do not see a compelling reason to avoid introducing more services in this format. We plan to stop investing in physical or virtual infrastructure, reducing our dependencies on data centers where we host services.

When we talk about SDN technologies, we are referring to user experience or customer experience. The complete solution is designed based on the services and the experience that we need our users to have with them.

This product offers the ability to utilize all of the access available in the market. Importantly, it does not affect the quality of the application. The best feature of this technology that is available to us is the ability to do better load-balancing. This is thanks to the deep inspection of the packets and of course, the forwarding of packets based on the application.

I would like to see features related to security compliance, including a view of compliance with standards. With this, I should be able to do an audit of my SD-WAN network.

In addition to having a network with an application-oriented intention, I would like to have a network that is oriented to security standards. I am only referring to the WAN network because with this, we can begin thinking about issues of virtualization. For example, access to SD-LAN where we can bring security policies with the user.

I have been working with Cisco Viptele for three years and more with the first version, Cisco IWAN.

Releases and updates/upgrades for the software in each component are not simple to configure.

The scalability is great when you have a mature template for configurations.

The Cisco Technical Assistance Center (TAC) service should be quicker to provide answers.

Positive

Prior to this, we used Cisco IWAN.

The initial setup is a little complex, especially for those with little experience in SaaS.

We used the Solution Support Partner Program (SSPP) from Cisco.

The ROI for this product in my organization is 18%.

This is not a cheap option but if you move from Capex to Opex, I expect you should have lower costs. I am talking specifically about Managed Services License Agreement (MSLA) model.

Fortinet is a solution that is a good option that is low-cost and much simpler. Meraki is another good choice for some customers.

In summary, this product is very strong when you need complex topologies to match the complexity of your services.

Some clients resist switching to new technology and they're also afraid of problems with compatibility and the layout of the NOC. The NOC must change because nowadays new things are happening, but I believe that the beauty of SD-WAN is the vEdge. So for the customers that are afraid of new technologies, we can install the vEdge without spending a lot of money. It's just a virtual machine over there. You can do it on Cisco CSR or even ISR.

So we deploy a new branch or similar branch with this technology and show them. Then they're not afraid of it. It's very easy. Now, vManage is coming. So we have the analytics team, we have all the GUI interfaces so you can create a policy and now deploy it anywhere or you can define it. I believe everything is very easy for the people who want to work with it. 

Technologies are not new. Just the name changes. VPN is the same as VRF, which is the same as Tenant, but the way they're playing with this technology is very different. The method of management is different. I believe that if I show clients what is happening with vManage— the interface, the analytics how you can integrate with them—they will be in love with that. Mostly what I have done is to define and elaborate for them the differences between two solutions, and point out the advantages like visibility and easy management. In the end, but they agree to move to SD-WAN

But I believe that most of the customers are still afraid of SD-WAN because they rely on old solutions. And the old solution was great and working for many years, so they are afraid of the new solution. With vEdge, we have a great way to attract them to make them feel comfortable upgrading everything into the Cisco SD-WAN.

The best feature is SD-WAN's automation capabilities. I believe many customers don't care whether we use VPN, or that use color or mGRE. When you're talking about management of, for example, a DMVPN solution or MDI solution, what is the option? So we have to go to a bug-by-bug report, like for example, NSRP to show these things. With vManage, we can see everything. We have a graph that we can click on and it helps us to remember better. 

Another good feature in the HCI is the integration of a health monitoring system. Other solutions like SDx are all the same. They have an integrated health monitoring system. So if you are deploying a data center, the options aren't really that great. But this integrated health system in HCI in vManage or even SD-WAN in the vManage is helping a lot. And also 

Customizing SD-WAN is very easy because you can define two colors. You can define two different operators. You can deploy a partial mesh, a full mesh, or hub-and-spoke totally differently. If you want to do this on a DMVPN solution, that's really hard. Also, things like Quality of Service in mGRE environment, in my opinion, are very hard because when you are dealing with mGRE, you have one tunnel at the hub and a different tunnel at the spoke. So what if I want to limit the traffic in my hub at the spoke? Because I have one tunnel, all the branches will be affected if I implement a limitation or restriction. So that's why we have advanced technology, like adaptive quality of service. With SD-WAN, the QoS is much easier because it is separate from the VPN.

The very beauty of SD-WAN is the separation of the plane. Right now, there are different planes. Compared to other solutions, the whole thing is totally changed. Rebound and vManage came into play as well as the new protocols like PnP. I started to convert most of the solutions from regular DMVPN into SD-WAN because we have the capability to define our VPN or define our color and customize by making a full or partial image. 

In the next release, Cisco should focus on simplifying the configuration of SD-WAN.  SD-WAN has a lot of room to grow. If you compare vEdge and something like Cisco CSR, you'll see the difference. Because vEdge is natively from Viptela, it is a little more complicated to set up an SD-WAN compared with an ISE device like CSR or ISR, or ISR 4000. You have now two different configuration spaces like iOS, and then some commands and styles are Viptela. So this is the thing that Cisco should work on. 

I've spent a lot of time on it. I started with version 17 when SD-WAN first came out. I continued using the product after Cisco acquired Viptela because I really love Cisco. I followed everything Cisco-related since I was 18 or 19. I got my CCNP in 2003 and my first CCA in 2011. So I spend all my time on Cisco systems. Right now, I have more than 32 certificates. I recently passed the CISSP. I also have more than 20 certificates that have expired, like Cisco Sales Expert, Cisco ASA, VPN, and several old things.

SD-WAN is 100 percent stable. If you use the suggested operating system, all the Cisco solutions are stable. According to the Gartner Magic Quadrant rating, I believe Cisco was No. 1 three years ago. Now it is No. 2 or 3, so I believe that they could improve more.
And many customers have used DMVPN or VPN solutions for many years, so those solutions are also extremely stable.

it is very easy to deploy the whole solution. I have a customer with VoIP and data. For most of the data, the hub and spoke are enough, but for IP telephony or collaboration like chatting or video conference, they need to have a connection between spokes —between branches together — but not for data. With SD-WAN it's very easy. 

I think vEdge is much easier to work with when you compare it to Cisco CSR. Most of the people I know prefer to use ZTP or Zero Touch Provisioning, but it depends on the type of customer. With some customers, ZTP maybe is not the best solution. They should know what's going on. And if you try to configure SD-WAN on a solution like ISR 4000 or CSR, and you compare the same thing on vEdge, you will see that the vEdge is very straightforward. I believe in CSR and ISR 4000. There are some glitches. It's possible that you will get a little bit confused, but you have followed the instruction. You have to do it very carefully. Then you make the connection vManage and everything is done.

I would rate Cisco SD-WAN seven out of 10. 

We primarily use the solution for MPLS. We use it to have a connection to the telecom and we also have some radio networks that we use it for. We have two WAN ports - one is the MPLS one is the radio backbone.

The solution is excellent mainly for supporting our two WAN ports. We can dedicate which WAN is taking over and which one is available or not. It's great that we can also connect them to the internet. We can have a third line to connect to the internet providers for our internet solution. Everything is redundant and everything is working so far.

Overall, it's been working well for us.

The solution is great at aggregating the traffic and then sending it in one direction.

We have a good knowledge base in-house and good support in general and therefore we have continued to use it over the years.

The product can scale well.

The solution is very stable.

The solution basically does exactly what we need it to do. I can't recall finding a feature that was lacking for our purposes. We aren't actually using many of the features in general.

The solution could be a bit cheaper.

We've been using the solution for about three or four years at this point.

We've had absolutely no issues with the stability of the solution. It doesn't crash or freeze. There are no bugs or glitches. It's been quite good overall.

This is deployed in our headquarters. We have them around the country, and we have some large offices and have the solution at all of them. There are likely 1,000 or more users on the solution all over the country.

The same generation and the same product is the easiest to scale and we have them mostly on some of our sites. We have the needed redundancy. That said, I would question the scalability if you are dealing with multiple types or other versions or other products. It needs to be of the same generation to take advantage of the path of least resistance.

We never test it with other solutions, however, with Cisco and other vendors is there is not recommended.

We mainly use the solution directly and as-is. There is a lot of redundancy, so if something goes wrong, there's something to catch it. We don't really use too many features for SD-WAN. So far, we don't need anything added on, and we really don't need too much support from customer service.

We buy support, however, in the latest versions, we really haven't needed assistance. IN the past, we did have some issues and support was there to help us get replacements, for example. They make getting replacements easy.

They usually reply to us within 15 minutes or so, if we do reach out. I'd describe them as pretty responsive. 

The level of difficulty depends on the experience of the engineer. If they don't have as much experience, it may be difficult. However, those that know the product well don't find the setup process complex.

Mainly they're using a command-line interface for years and they don't ask for anything like a GUI, which would be on Windows or Linux civil server. Everybody enjoys command-line. We exchanged some other Cisco products and some other routers recently, which were working for 15 years and are still working. We just asked for new ones with new features, like more traffic, more throughput, et cetera. 

I don't recall any maintenance really being needed. It works 24/7 without much need for assistance.

We did have some outside help, although nothing was from Cisco directly. We have our contact support company, and also we have in-house knowledge. It's done together, using both teams.

It would always be nice if the solution was a bit cheaper, however, the value is good. The cost of ownership is worth it as the solution itself is quite good and lasts years.

As a bigger company, we'd prefer to have a brand and a solution that's reliable as opposed to trying to find the cheapest option and have sleepless nights, afraid it might fail.

To calculate what we buy and how much it costs us for all the services, it's still quite a lot of money.

You have to pay between 3000 and 10,000 euros, or something in that range. The core switches Nexus cost me between 10,000 and 20,000 euros. However, they work, and that's why we use them.

We are just a customer and end-user.

We have 1921 and 4331 router versions. 

Not only does Cisco have a reputation, but we also have a good experience for a number of years, - five, 10, 15, 20 even years of use. Some of them still working even after all of this time.

In general, I would rate the solution at a seven out of ten. If it were more affordable, I might rate it higher.