IT Central Station is now PeerSpot: Here's why

Cisco SD-WAN Room for Improvement

OM
Managing Partner at a consultancy with 11-50 employees

There is much room for improvement on the cybersecurity side. For most of the clients, it is unacceptable nowadays to have too many people involved in managing the corporate network, and many clients like to see providers that can deliver a unified solution that integrates together with the network functionalities and the cybersecurity functionalities as they go hand in hand, especially in a regulated industry such as in banking, insurance, or healthcare. All governmental infrastructure must be compliant with very specific guidelines and requirements. It's not always it is possible to meet them with out-of-the-box products. You need to integrate on the top. If Cisco can work more in creating a true SASE solution known simply as an SD-WAN solution, that will be magic. That will be perfect. Right now, they need to do more of the cybersecurity side. 

Cisco is working at the moment. Unfortunately, like all traditional companies, it is very big and quite spread out. That makes it a little bit slower to react than some of the other competitors in the space. Some competitors are much faster in providing out-of-the-box solutions, more innovative solutions. In terms of innovation, in many cases, they're lagging behind.

View full review »
ER
Executive Vice President Operations and IT at Sterling National Bank

I think that the SD-WAN had everything that my client was interested in in our first experience with it. I think that some of the solutions now are being integrated with other services. As an example, Fortinet has a product called FortiGuard. Included in the FortiGuard product is an SD-WAN. So some of these products are expanding capabilities so that they have more to offer in a single product.  

That would be a nice thing for Cisco. They could provide you your firewall and your SD-WAN solution together. Some people like that approach of nesting products or bundling because they have fewer vendors to deal with and immediate integration.  

I am sure as time goes on that the threat landscape will continue to change all the time. What was good encryption five years ago may not be such great encryption today. Because of that, I am sure that you have to constantly be looking at the threat landscape to see if you need to change anything. I do not know if I am close enough to that cutting edge of the problem to answer the question as to what Cisco's solution really needs. All I know is that my client is very happy with what they have got in the way of savings and functionality. That does not mean that there are not some other things that they would like to see. I just do not know what they are.  

There are a number of large companies that have bought out various SD-WAN vendors. If you looked at VMware, you will find that they also have an SD-WAN that they bought. There are several other companies that have bought SD-WAN services because the technology is so good and the cost benefit is so great that it is worthwhile for almost any company to implement it. They get the advantage of performance and the benefit that these systems never go down.  

As an example, one time locally there was an incident where two providers, CenturyLink and Level 3, went down at the same time. If you had CenturyLink and Level 3, your connection to the internet would have gone down for six or seven hours or whatever the overlap of those outages was. That would be an extreme case. There is another local ISP service called Cox, if you had CenturyLink and Cox, Cox did not go down. In that case, you would continue using your internet or your connections to your branches without ever experiencing an outage and it would just go through Cox. The reason is that Cox's infrastructure, their central office, their wiring, their co-ax cables, or fiber are completely separate from what CenturyLink uses. CenturyLink has got a completely separate central office and completely separate wire. So the chances of those two entities going down exactly at the same time is something that just never happens.  

View full review »
Ehsan Emad - PeerSpot reviewer
Senior Data Scientist & Analytics at a integrator with 11-50 employees

In the next release, Cisco should focus on simplifying the configuration of SD-WAN.  SD-WAN has a lot of room to grow. If you compare vEdge and something like Cisco CSR, you'll see the difference. Because vEdge is natively from Viptela, it is a little more complicated to set up an SD-WAN compared with an ISE device like CSR or ISR, or ISR 4000. You have now two different configuration spaces like iOS, and then some commands and styles are Viptela. So this is the thing that Cisco should work on. 

View full review »
Buyer's Guide
Cisco SD-WAN
August 2022
Learn what your peers think about Cisco SD-WAN. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
621,703 professionals have used our research since 2012.
Malith Chandrasekara - PeerSpot reviewer
Head of Enterprise Business at VSIS

One of the major areas that Cisco can improve on with their SD-WAN offering is their security features. When compared with Fortinet, who have what they call their 'security pillars' (e.g. firewall and security features built-in to their SD-WAN solutions), Cisco generally comes up short. With Cisco, if you need a security component, you have to pay more to get it done. So if they could add more security features that come part and parcel with their existing solutions, then I think Cisco could be very aggressive in the market.

Essentially, they have to incorporate different security features on top of their SD-WAN box. At the end of the day, I should be able to give one single box to the customer which includes SD-WAN and all the necessary features such as security.

When it comes to IoT edges, they could possibly incorporate their SD-WAN features into the LAN side together with Cisco's DNA networking, just as Aruba is doing with their ESP solution. If Cisco could come up with a similar solution to that, then I think they will have the upper hand in the market compared to their competitors' brands. They have to come to a point where they can better integrate WAN and LAN into one single platform.

Regarding the data center sites, when we're talking about software-defined networking, Cisco has the SD-WAN segment, software-defined access for the LAN segment, and application-centric infrastructure for their data center segment, and they have to combine all three segments into one platform. Just like how the other guys are doing it. Again, if they can accomplish this, then technically they have a fair share in the market.

Otherwise, Cisco could also integrate more features on the cloud side of things, like with SD-WAN in the cloud, or SD-WAN in AWS, some of which I believe they have implemented already.

Beyond that, I can't say too much about what I'd like to see when it comes to new features because almost every day I've seen Cisco add more features to their SD-WAN and SD-LAN portfolios. At the rate they're going, it could be only a few months before they add the security features I've mentioned. So from my perspective, I think they're doing okay.

Finally, in terms of stability, there could be some improvement. In my experience with our current project, there have been some instances where stability has been an issue. But I can't speak for everyone here; other partners who have completed more projects may disagree and this is only my own observations so far.

View full review »
DM
Network Operations Manager at a tech services company with 1,001-5,000 employees

The bandwidth limitations would be good to remove, but it is a policy and license situation for Cisco because the cost is very high. 

It would be good to have OTP implemented with VRF. It can have support for EIGRP Over the Top (OTP) VRF. I saw some limitations in regards to the VRF protocol and the advertisement between VRF configuration. EIGRP Over the Top basically was quite limited with the VRF configuration. If you wanted to do rollback in VRF by using the EIGRP OTP protocol, the formation was not populated across. Cisco got back and confirmed that it is a configuration that I need to wait for until the next release, which is going to happen in one year. 

Cisco documentation is not the way it used to be before. It just gives an easy way to configure, but it doesn't go into the details of the configuration. The information that you need is there, but sometimes you want to go further and get more information, but the information is quite limited. It would be good to cover a few business cases or configuration cases. They used to be there in the past.

View full review »
AS
Lead BD,Global ICT & transformation at a computer software company with 1,001-5,000 employees

We have found that their SD-WAN has a lot of scope for improvement.

For example, they can probably look at their security stack. They can look at including some features like WAN optimizing, which is currently not there as a part of their in-built SD-WAN features. That could make their device a full-fledged SD-WAN with a single stack or a single device, solving many problems. It would mean once a customer goes for a Cisco SD-WAN, he doesn't have to look at a second device in his ecosystem.

Cisco has got integration challenges.

The solution lacks advanced security features.

Besides a WAN optimizer, I would like to see if they can do something about the security, and maybe they could have in-built security features such as a firewall.

The cost could be better. Cisco is not great for the SMB market. These are price-sensitive customers and they typically will not go ahead with Cisco, unless and until they are a global organization and they have their entire ecosystem deployed on Cisco. Otherwise, Cisco is struggling to connect with these players as their pricing is high. They need to have better technology at a more competitive price.

View full review »
LD
Head of Network Service, Information's Communications Technologies and Development at a transportation company with 1,001-5,000 employees

The solution basically does exactly what we need it to do. I can't recall finding a feature that was lacking for our purposes. We aren't actually using many of the features in general.

The solution could be a bit cheaper.

View full review »
UR
Consulting & Solution Integration at a comms service provider with 10,001+ employees

This solution could be improved with a simpler implementation process and licensing model. 

As for additional features, maybe from a security perspective, it could have more features built into the SD-WAN itself. Rather than going and integrating Cisco with some other solutions, it could have one single SD-WAN solution with more advanced user security features. 

View full review »
RJ
Senior Network Engineer at a tech services company with 51-200 employees

They need to improve the licensing, definitely. It needs to be easier to license. It should also be much more affordable for a larger number of customers. This is one of the main issues when working with customers. When you want to offer them the solution, they really do not like the price.

I would love to have better templating. It needs a more user-friendly interface. 

They need to add the features that help to configure and navigate the daily features. 

View full review »
fdiazm - PeerSpot reviewer
Product Manager at Entel Chile

I would like to see features related to security compliance, including a view of compliance with standards. With this, I should be able to do an audit of my SD-WAN network.

In addition to having a network with an application-oriented intention, I would like to have a network that is oriented to security standards. I am only referring to the WAN network because with this, we can begin thinking about issues of virtualization. For example, access to SD-LAN where we can bring security policies with the user.

View full review »
fdiazm - PeerSpot reviewer
Product Manager at Entel Chile

It is transversal to all industries. What is important is to work on the costs of the solution.

On the technical side, manufacturer-independent solutions should be able to handle different topologies, simple or complex, and without having to invest more money in infrastructure or licensing.

What I also find should be improved is the possibility of really separating the software layer from the hardware layer since today the current offer is not well adopted by the service providers, which is why it does not reach the end customers. I understand this is an issue that directly affects the business goal of each manufacturer.

View full review »
SP
Telecom and Collaboration Manager at a construction company with 501-1,000 employees

When you buy the equipment, they should already put it into your cloud account. It should already be set up so that we can manage with vBond. We came across an issue where it wasn't resolved in the DNS.

We are using Umbrella, so we need to create a VPN IPSec tunnel to Umbrella to enable the users to browse. I would really like to see an internal built-in firewall so that we don't have to go to Umbrella. This functionality might already be there. We are quite new to this solution, and we are still learning about it. 

View full review »
KS
Products & Solutions Manager at a comms service provider with 10,001+ employees

Its license model needs to be improved. They always make the license model too complex. There are too many license models and too many options. They should have a flexible license model.

They can improve a lot of things in terms of scalability, templates, and automation, mainly automation for onboarding a number of sites.

If you want some new features, it can take quite a long time. If you want a feature and it is not yet developed, you need to have the support of the business units to have the feature developed. If the feature is not on their roadmap, it can take quite some time before you get the feature.

View full review »
SS
Director at a tech services company with 11-50 employees

As there are several improvements we wish to see in the next release, I would rate the solution as an eight out of ten. 

Compresson deduplication should be added. This would make the solution excellent. The solution already affords availability, scalability, link monitoring and performance monitoring on the link. This means that if deduplication and compression could be added then, obviously, it would result in a compression of the data and a faster transmission between the side. 

If deduplication can be added at the source, then this will, certainly, greatly speed up the packet moment. 

View full review »
Arturo Sierra - PeerSpot reviewer
Senior Engineer at Totalplay

For the most part, we don't really see any features that are lacking.

The actual configuration could use some work. The solution could add in some more automation elements to help with the process.

The solution needs to be more flexible around legacy devices.

The security should be improved on the solution. They need to make everything more secure.

Scalability could be easier to achieve if a company needs to expand.

The product could improve its pricing. They are very expensive.

View full review »
YB
Founder at a comms service provider with 51-200 employees

The software for Cisco SD-WAN is overkill because the box is more powerful than required. Cisco needs to replace it with a normal router because the current one is very advanced. They expect a stable internet connection but then try to get sophisticated devices to connect to any infrastructure. However, the infrastructure requires only SIM cards, so it's not that difficult. Implementing a router and a dual-SIM router would be sufficient, but Cisco makes it complicated.

I cannot speak to additional features, but we've heard that Cisco may add analytics to the SD-WAN.

View full review »
PA
Pre-sales Engineer at a tech services company with 501-1,000 employees

Cisco products are a little bit complicated, so making them a little bit easier would be an improvement. The installation is easy but having many components, and the integration with other components, is a little bit complex compared to other products and other vendors.

View full review »
An Quang Vu Phan Phan - PeerSpot reviewer
Senior Networking Pre-sales Engineer at a tech services company with 51-200 employees

We've worked with BetterCloud, and found the security to be better than what is offered by Cisco. The user interface is nicer as well. Cisco should look at what they are doing and try to replicate it a bit.

When it comes to adding more security features, you need to add more RAM.

The pricing could be a bit better. When a customer transfers from a traditional WAN to SD-WAN, the subscription price is one big problem for them.

The solution is a bit buggy, which makes it slightly unstable.

The provisioning could be easier during deployment. Some vendors say they can handle provisioning, however, it differs from vendor to vendor.

View full review »
DR
Vice President Of Services at a tech services company with 51-200 employees

The quality could always continuously improve. For example, we've had stability concerns in the past.

Native connectivity into the major cloud providers would be ideal.

Often, the solution does require a specialized team to come in and assist with the initial setup.

Technical support could be more helpful and responsive. 

View full review »
Jonathan Arteaga - PeerSpot reviewer
Pre-Sale System Engineer SOLA & NOLA at Logicalis Latam

Customers require features that are secure for endpoints, on-premises, and for the cloud.

We could provision Cisco Umbrella to respond to the security requirements.

They need to make provisions in the platform cloud with tools. In the cloud environment, it is very easy to enable the solution with Umbrella.

They should configure to provision other devices and many endpoints to deploy the SD-WAN with security.

I would like a feature included for the prevention and inspection of data to implement. 

View full review »
AR
Network Engineer at a tech services company with 51-200 employees

The cost of the solution is very high, when taking into account the customer location and the existence of a single router for routing purposes and security, with a single firewall and license. The license should be cheaper. 

Better pricing and greater security would be nice to see. 

We could replace the solution with Viptela web access and make use of the broadband connectivity.

The security features should also be addressed, such as that which Palo Alto or Check Point provide for the firewall, in which the SD-WAN boxes would contain the same kind of firewall features. This would be great.

View full review »
ED
Director de Arquitecturas at a tech services company with 1-10 employees

The security features could be improved.

The solution needs to offer better stability.

The product could have improved flexibility.

View full review »
SK
Executive Director at a manufacturing company with 51-200 employees

They should enhance the reporting because, as it is today, they need more executive-level reports.

If in the future they can support Cisco SASE then it would be good.

View full review »
Shah Jamal - PeerSpot reviewer
Network Security Associate at VPS

I would like them to add some more SD-WAN ports. We have seen one implementation where there were four ISPs. Currently, we have a maximum of two ports for ISP in this device. Therefore, we cannot connect directly, and we need other switches. There should be some option to have more than two ports for SD-WAN. 

View full review »
AN
Technical Architect at a comms service provider with 10,001+ employees

Cisco should focus more on making products that are convenient for users. Sadly, I think they are more interested in making money rather than making reliable products. 

The Cisco way of thinking is to create umbrella-like solutions. I would prefer it if this solution was separate from the entire monstrous Cisco portfolio, without additional marketing and other unnecessary features. Still, so far it has been working well. Plus, the support is great. The only drawback is that it's an expensive solution. 

View full review »
AV
Network and Security Engineer at FrieslandCampina

While the environment itself is not a bottleneck, the dependencies and the provisioning and the different parties involved altogether form, complexity and introduce limitations.

The initial setup is really complex.

View full review »
SZ
Team Lead Network Infrastructure at a tech services company with 1-10 employees

The process of onboarding the vSmart, vBond, and vManage should be improved to make it easier to manage in general. 

View full review »
Magdy Raafat - PeerSpot reviewer
Presales Consultant at Orange Business Services

The platform needs to be updated to be more stable and simple.

View full review »
DK
Senior Global Product Manager at a comms service provider with 10,001+ employees

An area of improvement for this solution is reducing the complexity. Currently, the solution requires people who have a very good understanding of Cisco SD-WAN. 

For example, VeloCloud can be used and is easier to understand, but it has limited functionality. It is designed like a block box where the internal architecture is hidden. With Cisco, I can see the inner workings of the architecture. Therefore, it is necessary to have a good understanding of how the solution works in order make full use of it.

An additional feature that should be included in the next release of this solution is the ability to use a local area network (LAN) behind the domain name system (DNS) box. This feature would allow for better communication protocols to be put in place.

View full review »
Suresh Vijayen - PeerSpot reviewer
Product Manager at IX Telecom

The solution is a bit complicated. They could work on simplifying the product. For example, doing configurations could be easier. 

The initial setup is tedious.

It was a bit expensive. They can improve their licensing model.

We'd like to see more monitoring features. 

They can improve in terms of their GUI. 

They can improve in terms of hardware.

View full review »
AG
Cisco Systems at a comms service provider with 501-1,000 employees

The price could be better. From a technical side, and everything's working smoothly. Cisco SD-WAN could be cheaper. 

View full review »
Roland Hambleton - PeerSpot reviewer
Technical Director at Optko

I would recommend better-integrated management. Some of the other vendors have moved to integrated management platforms. Better analytics and operational consoles with a deployment configuration that can work easily across the network. 

View full review »
SN
Senior Manager at a financial services firm with 5,001-10,000 employees

There should be more flexibility in the licensing. In the next release, I would like Cisco to add all the troubleshooting tools from Viptela to SD-WAN.

View full review »
GulfrazAhmad - PeerSpot reviewer
Division Head Enterprise Infrastructure (SVP) at a financial services firm with 10,001+ employees

Cisco SD-WAN's clustering mechanism needs to be improved. If there are more than five milliseconds of latency time between installations of the VM manager, the cluster automatically breaks down.

View full review »
ZT
Network Solutions Architect at a computer software company with 201-500 employees

We have had some problems with the licensing model, and it is something that should be improved. Specifically, Cisco has some bugs regarding licensing that they need to resolve.

View full review »
Tharanga SKP - PeerSpot reviewer
Engineer, Enterprise Products at a comms service provider with 5,001-10,000 employees

The licensing model needs to be improved.

Sometimes we feel that the choice of models is very limited, so we would like to see additional devices made available.

View full review »
EricBiederbeck - PeerSpot reviewer
IT-Berater at Telekom Deutschland GmbH

The technical support is a bit slow. Regarding additional features, it would be good to have a fully integrated solution with the Meraki solution, leading to a seamless Cisco solution.

View full review »
YY
Junior Solution Architect at a comms service provider with 51-200 employees

The solution could be more secure. Security is always a priority for us.

View full review »
HA
Design Engineer at a comms service provider with 10,001+ employees

We don't have any issues with this solution other than the price.

View full review »
Kishlay Choudhary - PeerSpot reviewer
Technical Support Engineer at Team Computers

Cisco SD-WAN could improve the integration with the cloud.

View full review »
AS
Project Manager at Tachyon Broadband

Some configurations or procedures could be more user-friendly. Adding a bandwidth management feature would make Cisco SD-WAN more scalable and less resource-intensive. 

View full review »
TEDDY LLANO - PeerSpot reviewer
Technical Lead at Yssy

There should be more security features in the hybrid and on-premise deployments of Cisco SD-WAN. The cloud has most of the security features.

The AI is good, however, they can improve on it. The endpoint flow from the router to the data center needs to have consistency. Cisco doesn't have a solution for all the devices for the customer. We need more support for all kinds of devices.

View full review »
Taimoor Khan - PeerSpot reviewer
Network Operations Engineer at Inara Technologies

We had some issues with Cisco SD-WAN but somehow we troubleshot it and things are going well. The issues have not been a large problem.

View full review »
Buyer's Guide
Cisco SD-WAN
August 2022
Learn what your peers think about Cisco SD-WAN. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
621,703 professionals have used our research since 2012.