Why SD-WAN Shift to Managed Services a Significant Option

NETWORKING TREND ANALYSIS: Cato’s approach is to run its own cloud-native networking and security stack. In a sense, it’s the cross-section of AWS, networking and security. By owning the network, Cato can control traffic, which can have big implications for nationwide or global companies.

Download the authoritative guide: Artificial Intelligence Leaders: Top AI Vendors


Software-defined WANs have been available for the better part of five years with the on-premises vendors ruling the roost. This makes sense, because early adopters tend to have highly sophisticated IT organizations and embrace the do-it-yourself model. Now that the market is maturing, less-technical organization are finished dotting their I’s and crossing their T’s and are ready to start deploying. But instead of the DIY model, many prefer the managed-service model.

A good proof point that the tide is turning in the area of managed services for SD-WANs occurred at the end of January as Venture Beat reported that SD-WAN start-up Cato Networks raised another $55 million, bringing the total investment inn VC money to $125 million. The round was led by the highly respected VC firm of Lightspeed Venture Partners and included participation from all previous investors, including Aspect Ventures, Graylock Partners, Singtel Innov8, U.S. Venture Partners and Cato co-founders Shlomo Kramer and Gur Shatz.

Another indicator that the tide is turning toward managed services is that almost all of the SD-WAN appliance vendors have cut deals with service providers. They wouldn’t be doing this if their customers weren’t telling them they wanted to buy SD-WAN as a service. Also, I’m not the only analyst who believes this. In the 2018 Gartner Magic Quadrant for WAN Edge Infrastructure, the analysts recommend that buyers “evaluate WAN as a service for your next refresh, if you have traditionally pursued a DIY approach.”

Complexity a Major Factor

The reason for this is complexity. There’s no “easy button” for SD-WAN, and there are many things to consider including: a network redesign, the inclusion of broadband, how applications get optimized, security concerns and many other factors. I recently spoke to a CIO of a large bank who told me that he first thought of an SD-WAN as an incremental improvement to the network, and as his company got further into the deployment, he realized that it’s transformational and requires new skills.

With most areas of IT, businesses typically offload the ongoing operational tasks to an MSP. With SD-WANs, the provider plays a dual role: helping with the transition for the legacy to the new tech and then maintaining the environment for the customer. Most organizations won’t have the skills to do either and can benefit from an MSP.

The next question the funding of Cato raises is: Why Cato? If you’re not familiar with Cato, the startup that’s taken a different approach to delivering SD-WANs.

Today's digital businesses are increasingly distributed, both in terms of locations and mobile users. The network must be able to meet the requirements of both. SD-WAN appliances address some WAN transformation requirements but not all of them. SD-WANs provide greater agility in selecting the right underlay to connect locations. But SD-WANs do not natively do any of the following:

  • protect against Internet-borne threat;
  • connect mobile users;
  • deliver predictable global performance; or 
  • out-of-the-box extend to the cloud.

Requirements for the Appliance Approach

The appliance approach requires extensive design and architecture expertise and do not natively address mobile users or cloud connectivity. It’s for all these reasons there is a rise in the demand for managed services. However, there are different types of managed services. Traditional telcos typically advocate for the managed service to be built around the appliance, which will likely lead to the same old telco experience of long trouble resolution times and poor customer service.

Cato’s approach is to run its own cloud-native networking and security stack. In a sense, it’s the cross-section of AWS, networking and security. By owning the network, Cato can control traffic, which can have big implications for nationwide or global companies.

SD-WAN vendors often advocate for the public internet to be used in place of a private network. This is fine for short-distance connections, such as Chicago to Washington, D.C. Longer distances, such Los Angeles to New York, Dubai to Dallas or Singapore to London, can be markedly different. I did my own research in this area and found that the private networks see a 4X-5X improvement in response times compared to an over- the-top internet connection.

Cato also has a strong focus on security. It rolled out its own threat-hunting service last year that takes advantage of the end-to-end visibility it has. In fact, in the past, I’ve referred to Cato as a security vendor that’s dressed up as an SD-WAN vendor.

The SD-WAN market is changing, and buyers will have no shortage of choices when it comes to MSPs. It’s critical that decision-makers look at the capabilities holistically and consider security, the network and the cloud as part of the decision criteria.

Zeus Kerravala is founder of ZK Research and a regular contributor to eWEEK.