Magic Quadrant for WAN Edge Infrastructure 2021


Magic Quadrant for WAN Edge Infrastructure

Published 20 September 2021 - ID G00736367 - 53 min read

By Jonathan Forest, Naresh Singh, and 2 more

Digital transformation, remote work and cloud adoption drive WAN edge infrastructure choices for infrastructure and operations leaders in charge of networking. They should select SD-WAN solutions and SASE deployments to connect enterprise sites and applications.

Strategic Planning Assumptions

By 2024, more than 70% of software-defined wide-area network (SD-WAN) customers will have implemented a secure access service edge (SASE) architecture, compared with 40% in 2021.
By 2025, 40% of enterprises with SD-WAN deployments will use artificial intelligence (AI) functions to automate Day 2 operations, compared with fewer than 5% in 2021.
By 2025, to deliver flexible, cost-effective scalable bandwidth, 40% of enterprise locations will have only internet WAN connectivity, compared with 15% in 2021.

Market Definition/Description

Gartner defines the wide-area network (WAN) edge infrastructure market as products and associated functions that provide network connectivity across the WAN. This connects distributed enterprise locations (headquarters, hubs, branches and remote workers) to access resources in private data centers, as well as infrastructure as a service (IaaS) and software as a service (SaaS). Routers and SD-WAN appliances (both physical and virtual) are the most prominent products associated with this market.
This market continues to migrate from traditional branch routers (often called “customer edge routers” in a Multiprotocol Label Switching [MPLS] implementation) used to connect branch locations to the data center to SD-WAN with a more-decentralized architecture and cloud workloads. SD-WAN is widely replacing edge routers and adding application aware path selection across multiple links, centralized orchestration and native security, as well as other application performance optimization functions (such as WAN optimization). Consequently, it includes incumbent and emerging vendors from adjacent markets (e.g., routing, security, WAN optimization and SD-WAN), each bringing differentiators and limitations. It also includes zero trust network access (ZTNA) functionality for remote workers in lieu of traditional virtual private network (VPN) solutions as part of SASE, which combines SD-WAN and cloud security into an integrated, orchestrated architecture.
WAN edge infrastructure functionality can exist on or off the enterprise premises via physical or software appliances. It is typically sourced from network equipment providers (and their channels), network service providers (NSPs) or managed network service (MNS) providersIt is typically procured by senior networking leaders in the infrastructure and operations (I&O) organization, as well as senior security leaders.
Common attributes of SD-WAN solutions include:
Core Functionality
  • Licensed software:
    • Routing (e.g., Border Gateway Protocol [BGP])
    • Path Selection (e.g., Layer 7 traffic steering)
    • VPN
    • Basic firewall
  • Form factors:
    • Software and/or physical
    • Remote worker client, branch, headend and cloud
  • Orchestrator (on-premises or in the cloud):
    • Configuration (zero touch configuration)
    • Management
    • Visibility
    • Reporting
    • API support
Optional Functionality
  • Advanced security (e.g., network firewalls, secure web gateways [SWGs], cloud access security brokers [CASB] and data loss prevention [DLP])
  • Service chaining capabilities
  • Cloud gateways for service insertion and simplified cloud connectivity
  • Application performance capabilities (e.g., WAN optimization and SaaS optimization)
  • Integrated orchestrated for wireless LAN (WLAN)/LAN/security/SD-WAN to form SD-Branch.

Magic Quadrant

Figure 1: Magic Quadrant for WAN Edge Infrastructure

Source: Gartner (September 2021)

WAN edge infrastructure Magic Quadrant
Vendor Strengths and Cautions
Barracuda is a Niche Player in this Magic Quadrant. Its WAN edge flagship product is CloudGen Firewall, which includes hardware and software appliances, as well as associated orchestration and management. It also has the CloudGen WAN, which is a cloud-native service now deployed in Microsoft Azure. Barracuda is based in California, U.S., and Gartner estimates it has more than 12,000 WAN edge customers. The vendor mainly operates in North America and in Europe, the Middle East and Africa (EMEA), primarily to address midmarket customers. We expect the vendor to continue to invest in this market, particularly in the areas of cloud-based WAN edge solutions, unified content security and usage-based licensing models.
  • Barracuda has tight integration with Microsoft Azure, offering Azure global network as a communication backbone to many locations with bandwidth on-demand, as well as providing private SASE services directly in Azure.
  • Barracuda has a vision to deliver a fully integrated, intelligent WAN edge and security solution.
  • The vendor has a solid remote worker solution that was enhanced by the acquisition of Fyde.
  • Barracuda has low visibility in this market, based on client inquiries, searches on and analysis of online conversations; this will limit its ability to grow.
  • Barracuda has a weak partner ecosystem, with limited integration and orchestration with third-party cloud security vendors.
  • Barracuda has limited artificial intelligence (AI)/machine learning (ML) and automation capabilities, when compared with other vendors in this research, which we expect to become increasingly key features that enterprises will require.
Cisco is a Leader in this Magic Quadrant. It has two branded offerings: Cisco SD-WAN powered by Viptela and Cisco SD-WAN powered by Meraki. Both include hardware and software appliances, and associated orchestration and management. Cisco also provides optional additional security via the Cisco Umbrella Security Internet Gateway (SIG) platform. Cisco is based in California, U.S., and has more than 40,000 WAN edge customers. The vendor operates globally and addresses customers of all sizes, in all verticals. We expect the vendor to continue to invest in this market, particularly in the areas of improved self-healing capabilities, new consumption-based pricing models and integrated security to enable a single-vendor SASE offering.
  • Cisco has a broad product offering and deep global channels, which allows it to address nearly all customer use cases on a global basis.
  • Cisco offers strong visibility for traffic traversing the internet and to public cloud services, enabled by ThousandEyes.
  • Cisco has a strong vision to deliver a fully integrated SASE solution, as well as the financial resources to execute the vision.
  • Cisco’s multiple platforms (Meraki and Viptela) have limited integration, which can lead to a suboptimal product selection, create management challenges or limit investment protection as needs change. We anticipate that these platforms will remain largely separate going forward.
  • Cisco’s customer experience is below average, compared with other vendors in this research, based primarily on feedback from customers using IOS XE-based solutions.
  • Cisco’s pricing is high in this market, based on customer feedback and Gartner’s analysis.
Citrix is a Challenger in this Magic Quadrant. Its product is Citrix SD-WAN, which includes physical, virtual appliances and Cloud Direct service managed via the Citrix SD-WAN Orchestrator. Citrix is based in Florida, U.S., and Gartner estimates that it has more than 1,700 WAN edge customers. It also includes Secure Internet Access (SIA) and Secure Workspace Access (SWA) as part of its broader SASE offering. The vendor operates globally and addresses customers of all sizes and in all verticals. We expect the vendor to invest in a client-based SD-WAN solution for remote workers, self-healing functionality and new models for pooled bandwidth licensing models.
  • Citrix has one of the broadest set of capabilities, including SD-WAN, application performance optimization, security and cloud connectivity, of any vendor in this market.
  • The vendor has a large installed base of customers using other Citrix products, such as Citrix Workspace, which yields opportunities to expand its customer base in this market.
  • Citrix has expanded its capabilities beyond just SD-WAN to cover remote worker and cloud security.
  • Citrix’s overall market visibility is not as strong as some other vendors in this market, and it rarely comes up in client inquiries.
  • Citrix’s go-to-market (GTM) is limited globally (especially in North America) with service providers, which affects its ability to reach clients and grow.
  • Citrix is not seen as a networking vendor, and the company’s commitment to this market is not as core to its business as other vendors in this research.
Cradlepoint is a Niche Player in this Magic Quadrant. Its offering is the Cradlepoint NetCloud service with NetCloud Manager, which can be used with its E, R, W, AER and IBR Series of physical routers and adapters with NetCloud Perimeter and Cloud Virtual Router (CVR). Cradlepoint, acquired by Ericsson in November 2020, is based in Idaho, U.S., and Gartner estimates that it has approximately 9,000 WAN edge customers. In this market, its operations are primarily focused in North America, but are expanding globally, with a concentration on wireless WAN use cases in specific verticals, such as government, retail and public safety. We expect Cradlepoint to make future investments in 5G and to enhance its reporting/analytics capabilities.
  • The vendor is extremely focused on and has strong capabilities supporting 4G and 5G use cases.
  • Cradlepoint has strong adoption in retail, transportation, public safety and broad mobile use cases, where 4G/5G is a core part of the solution.
  • With Ericsson’s purchase of Cradlepoint, we expect the vendor to become more relevant in the enterprise networking market globally.
  • Cradlepoint doesn’t align well with customer use cases in which cellular wireless isn’t part of the solution.
  • Cradlepoint has limited market visibility, based on client inquiry and online conversations from enterprise users.
  • The vendor’s throughput limitation on its larger appliances may affect customers that have high bandwidth requirements at their data centers.
FatPipe Networks
FatPipe Networks is a Niche Player in this Magic Quadrant. Its SD-WAN offering is FatPipe MPVPN, which includes physical and virtual appliances managed through the FatPipe Symphony orchestrator. It can be hosted on-premises or in the cloud. FatPipe is based in Salt Lake City, Utah, U.S., and Gartner estimates that it has more than 2,000 WAN edge customers. The vendor operates mainly in the U.S., but has a growing customer base in the Asia/Pacific (APAC) region. It mainly addresses midsize enterprises that need a SD-WAN solution with a focus on application performance optimization. We expect the vendor to increase investments on SASE and GTM to better address its customers and partners in the U.S. and the APAC region.
  • FatPipe’s application performance optimized SD-WAN offering provides an enhanced user experience.
  • It has a long track record in the WAN market and was one of the first vendors to offer SD-WAN functionality.
  • FatPipe offers flexibility for customers that want to deploy in various hardware or software form factors, addressing a wide set of use cases.
  • FatPipe has limited market visibility, based on client inquiry, searches on and online conversations from enterprise users.
  • FatPipe has a limited global presence, because its customer base and sales focus primarily on the U.S. and certain countries in the APAC region (such as India).
  • FatPipe has limited cloud features, which makes it less aligned for cloud-first or cloud-preferred organizations.
Fortinet is a leader in this Magic Quadrant. Its offering is the FortiGate Secure SD-WAN product, which includes physical, virtual appliances and cloud-based services managed with FortiManager orchestrator. Fortinet is based in Sunnyvale, California, U.S., and Gartner estimates that it has more than 34,000 WAN edge customers with more than 10,000 SD-WAN customers. FortiOS v.7.0 combines ZTNA to its broad WAN and network security functionalities to deliver a capable SASE offering. It has a wide global presence, addressing customers across multiple verticals and sizes. We expect the vendor to continue investing in SASE, artificial intelligence for IT operations (AIOps) and 5G functionality.
  • Fortinet’s well-rounded WAN edge product offers a robust and versatile security solution, in addition to solid application performance optimization and SD-WAN capabilities.
  • Fortinet has extremely high visibility in this market, based on online conversations and inquiry data.
  • It has high customer experience scores based on customer inquiry and Peer Insights data.
  • Fortinet lacks a strong security partner ecosystem for building a multivendor SASE offering.
  • Fortinet’s FortiSASE solution is largely unproven in the market and was recently launched from its acquisition in 2020 of OPAQ Networks.
  • Fortinet is still seen by some customers as primarily a security vendor, with networking bolted on.
HPE (Aruba and Silver Peak)
HPE is a Leader in this Magic Quadrant. It has two offerings in this market under the product name Secure Edge Portfolio. Its flagship is the Aruba EdgeConnect SD-WAN Edge Platform, from the Silver Peak acquisition, combined with Aruba Orchestrator centralized management software and optional Aruba Boost WAN optimization. It also has the Aruba SD-Branch, which offers a unified architecture with AIOps, LAN, WLAN, WAN and security. HPE is based in San Jose, California, U.S., and Gartner estimates that it has more than 3,000 WAN edge customers. The vendor operates globally and addresses customers of all sizes and verticals. We expect the vendor to continue its investments in AIOps, work from anywhere (WFA) and 5G/4G functionality.
  • HPE solves a broad set of use cases across customers of all sizes across both product lines.
  • Due to its Silver Peak acquisition, HPE has high market visibility, based on client inquiries and online conversation analysis.
  • The vendor’s GTM strategy going forward is comprehensive and well-aligned to reach a broad set of customers.
  • Native, advanced security capabilities such as cloud security are competitive gaps, compared with some other vendors. This is because HPE Aruba leverages orchestrated integrations with third-party security providers to deliver SASE solutions.
  • HPE has two established offerings in the market, which could lead to customer confusion and limited investment protection.
  • HPE has fewer SD-WAN deployments greater than 1,000 sites, compared with some other vendors in this research.
Huawei is a Challenger in this Magic Quadrant. Its flagship offering includes NetEngine AR series routers, HiSecEngine USG series gateways and the iMaster NCE Orchestrator. Huawei is based in Shenzhen, China, and is estimated to have more than 20,000 WAN edge customers. The vendor addresses customers of all sizes and verticals and operates globally. However, it focuses on China and selective countries in the APAC, EMEA and Latin American regions. We expect the vendor to continue its investment in 5G/4G functionality, SRv6, AIOps and SASE.
  • Huawei solves a broad set of use cases across customers of any size and vertical in its targeted geographies, leveraging the combination of its WAN edge solutions and Huawei self-run/partner-run public cloud platforms.
  • Huawei has a strong channel ecosystem and a large installed base in the enterprise market, giving the company a strong GTM capability to reach a broad range of customers.
  • Huawei has above-average customer experience scores, compared with other vendors in this research.
  • Huawei doesn’t have meaningful exposure to the U.S., Canadian, U.K., Australian and Indian markets, due to geopolitical issues, which limits the vendor’s ability to grow.
  • Huawei’s focus on its own public cloud offering (Huawei Cloud) will limit the depth and breadth of security delivered on other public cloud providers, such as Amazon Web Services (AWS) and Azure.
  • Huawei’s orchestration with third-party, over-the-top (OTT) services, such as with Zscaler, and cloud on ramp partners, such as Equinix, are limited compared with some other vendors in this market. This will limit Huawei’s ability to address customer needs outside China.
Juniper Networks
Juniper Networks is a Visionary in this Magic Quadrant. Its offering is the Juniper AI-driven SD-WAN, which includes Session Smart Routers, Session Smart Conductor and Mist WAN Assurance, with Marvis Virtual Network Assistant. In December 2020, Juniper acquired 128 Technology, which is now its flagship product. For advanced security, Juniper offers SRX firewall appliances and Advanced Threat Protection cloud service. Based in California, U.S., Gartner estimates Juniper has more than 18,000 WAN edge customers. Operating mainly in the North American, EMEA and APAC regions, it targets customers in most verticals. We expect Juniper to continue investing in its predictive and self-healing AI-based abilities and filling out its SASE offering.
  • Juniper’s WAN assurance helps simplify network operations and increase network uptime, driven by an innovative approach that includes a conversational user interface (UI).
  • Juniper’s solution can be delivered in a tunnel-less architecture, which reduces the amount of overhead and optimizes the goodput percentage.
  • Juniper has strong financial metrics, indicating long-term viability and the ability to invest in this market.
  • Juniper’s customer experience is below average compared to other vendors in this research, based on multiple sources of information, including Gartner Peer Insights.
  • Juniper’s track record in SD-WAN has been inconsistent, because it was late to market, and recently acquired its flagship SD-WAN product, which has some potential integration risks (as with any product acquisition).
  • Juniper has limited SD-WAN market visibility and sales channels, compared with larger vendors in this market, which may affect its ability to grow.
Nuage Networks
Nuage Networks is a Niche Player in this Magic Quadrant. Its offering is Nuage’s Virtualized Network Services (VNS), which includes Network Services Gateways (NSG) managed by the Nuage Networks Virtualized Services Platform (VSP) controller. Nuage is based in California, U.S., and is a division of publicly traded Nokia, based in Espoo, Finland. Gartner estimates that it has more than 2,500 enterprise WAN edge customers. It operates globally and primarily through carrier channels addressing customers of all sizes and all verticals. We expect Nuage to make future investments in software-defined cloud interconnect capabilities and to expand its branch platform form factors.
  • Nuage was one of the early vendors in the SD-WAN market, so it has a track record of credibility and long-term viability.
  • The Nuage solution scales well, based on the conversations we’ve had with end clients and service providers.
  • Nuage’s strategy to enhance software-defined cloud interconnection (SDCI) capabilities should simplify customers’ ability to connect to it among clouds.
  • Nuage has a limited GTM channel, which is focused on carriers and service providers that does not address all of the ways that clients consume.
  • Nuage’s customer experience score was below average, compared with other vendors in this research.
  • Few customers ask about Nuage via inquiry or searches on, which shows its limited visibility in the market, compared with other vendors in this research.
Palo Alto Networks
Palo Alto Networks is a Leader in this Magic Quadrant. Its leading offering is Prisma SD-WAN, which includes Instant-On Network (ION) edge appliances and orchestration. It can be integrated with Prisma Access to deliver a single-vendor SASE solution. It also has a branch firewall, with limited SD-WAN capabilities that may be deployed for niche use cases. Palo Alto Networks is based in California, U.S., and Gartner estimates it has more than 2,000 WAN edge customers. It operates globally with a channel-focused selling model targeting enterprises of all verticals and sizes. We expect Palo Alto Networks to continue investing in integrated SASE, AIOps, autonomous digital experience monitoring (DEM) and multicloud.
  • Palo Alto Networks has a strong security focus and is a leading vendor driving toward a single-vendor SASE solution.
  • The vendor has strong customer experience scores, driven by high Peer Insights customer feedback.
  • Palo Alto Networks has strong analytics capabilities and leverages AI/ML capabilities in its product offering.
  • Palo Alto Networks lacks a full-featured, small-platform appliance, because it doesn’t have integrated Wi-Fi or 5G/4G functionality.
  • Palo Alto Networks has a branch firewall with limited SD-WAN capabilities, so the vendor has multiple products without an elegant integrated solution providing branch security, cloud security and SD-WAN in a single integrated solution.
  • Palo Alto Networks has limitations with application performance optimization, because it lacks core WAN optimization functions.
Peplink is a Niche Player in this Magic Quadrant. It has two product families in this market, with Balance for enterprise branch SD-WAN and MAX for Industry and mobility SD-WAN. Both have branch appliances with SpeedFusion technology and InControl 2 orchestration. Peplink is based in Hong Kong, and Gartner estimates that it has more than 14,000 WAN edge customers. It operates globally to cover more than 70 countries and focuses on wireless WAN use cases. We expect Peplink to continue investing in next-generation security, 5G/4G and user experience improvements.
  • Peplink has a high score, compared with other vendors in this research, on viability, showing strong financials and likely future commitment to this market.
  • Peplink has strong capabilities targeted at wireless WAN use cases and the corresponding verticals.
  • Peplink is one of the lower-cost solutions in this market.
  • Peplink lacks rich SD-WAN functionality, cloud features and security features, when compared with other vendors in this research.
  • The vendor has limited market visibility, based on customers rarely asking about the vendor on client inquiries, searches on and an analysis of online conversations.
  • The vendor’s product strategy is narrow and doesn’t align with most customer requirements in this market.
Riverbed did not respond to requests for supplemental information or to review the draft contents of this document. Therefore, Gartner’s analysis is based on other credible sources, including client inquiries, past information shared by the vendor, reviews of public statements, its website and other publicly available data sources.
Riverbed is a Niche Player in this Magic Quadrant. Riverbed’s primary offering is SteelConnect EX (with integrated Versa VOS, which is based on a partnership with Versa Networks). It includes the edge appliance hardware and orchestrator. Riverbed also has the SteelConnect CX offering focused on smaller customers. Riverbed is based in California, U.S., and Gartner estimates that it has more than 3,000 SD-WAN customers. It operates globally and addresses networks of all sizes and verticals. We expect Riverbed to continue to focus on its Versa partnership, in addition to making investments around visibility, analytics and AI/ML.
  • Riverbed is a well-known brand in the networking space, with a large base of customers that are targets to upgrade to SD-WAN.
  • The vendor has strong capabilities with WAN optimization and application visibility solutions, which can complement SD-WAN solutions.
  • The vendor has global reach to serve customers in any region of any size.
  • Riverbed OEMs the Versa VOS product, which limits Riverbed’s control of product development in terms of scope and timing; this can affect its ability to innovate and compete in this market long term.
  • Riverbed has lost market share in this market during the past two years, which has driven a focus on adjacent markets.
  • As the SD-WAN market continues to evolve, channels that once sold Riverbed WAN optimization have moved on to sell other vendors’ SD-WAN solutions.
Versa Networks
Versa Networks is a Leader in this Magic Quadrant. It has two offerings, and the primary one is the full-featured Versa Operating System (VOS). It can be delivered on the Versa branch Cloud Services Gateways (CSG) or third-party hardware, along with the Versa Director and Versa Analytics managed by the Concerto orchestration platform. The second offering is VOS with Titan, which is a simpler, cloud-based solution with more-limited native features. Versa is based in California, U.S., and Gartner estimates that it has more than 12,000 WAN edge customers. It operates globally and addresses clients of all sizes and verticals, primarily through service providers. We expect Versa to make future investments in SASE, 5G, SD-Branch and AI/ML.
  • Versa offers one of the broadest and most-capable solutions in this market.
  • Versa continues to grow above market rates, has high market visibility and Gartner clients often ask about the vendor in inquiries.
  • The vendor has one of the most-complete, single-vendor SASE solutions on the market.
  • Clients express that VOS is complicated to use, especially in some do-it-yourself (DIY) implementations.
  • Many of Versa’s competitors are larger and have more financial and channel resources, which could affect the vendor’s ability to grow geographically, across company size and market verticals.
  • The vendor relies heavily on the carrier and service provider channel as a route to market, which could limit its reach in aligning with how customers consume.
VMware is a Leader in this Magic Quadrant. Its offering is branded as VMware SD-WAN, and is part of VMware SASE. The offering includes edge appliances (hardware and software), gateways — VMware points of presence (POPs) offering various services — and an orchestrator and its Edge Network Intelligence. VMware provides additional optional security via VMware Cloud Web Security and VMware Secure Access. Based in California, U.S., it has more than 14,000 SD-WAN customers. The vendor operates globally and addresses customers of all sizes, and in all verticals. Gartner expects the vendor to continue investments in this market, including enhancing options for remote workers and building out its SASE offering.
  • VMware has strong products, more than 14,000 SD-WAN customers, ample financial resources and a large global channel, all of which indicate long-term market viability.
  • VMware’s architecture is well-aligned with cloud-first and cloud-only customers based on its POPs, and the services available in those POPs.
  • VMware has the vision to deliver a fully integrated, single-vendor SASE solution that aligns with emerging customer needs.
  • VMware’s customer experience is below average in this market, based primarily on Gartner client feedback from those who’ve evaluated, piloted or deployed its product and experienced issues.
  • VMware relies on Menlo technologies (as an OEM) for key security functionality, which may limit its ability to rapidly address emerging customer security needs.
  • VMware has less experience with DIY customers, particularly in the midmarket; Gartner estimates about 75% of its customers are supported by MNS providers.

Vendors Added and Dropped

We review and adjust our inclusion criteria for Magic Quadrants as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant may change over time. A vendor's appearance in a Magic Quadrant one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. It may be a reflection of a change in the market and, therefore, changed evaluation criteria, or of a change of focus by that vendor.


Teldat was dropped because it failed to meet the inclusion criteria, based on our assessment and data provided by the vendor.
Silver Peak was dropped because it was acquired by HPE.

Inclusion and Exclusion Criteria

To qualify for inclusion, vendors need to show relevance to Gartner clients by:
  • Providing hardware and/or software that addresses the enterprise WAN edge requirements outlined in the Market Definition/Description sections. Alternatively, they may address this need by using in-house-developed hardware/software to deliver as a managed service.
  • Producing and releasing enterprise WAN edge networking products for general availability as of 11 June 2021. All components must be publicly available, be shipping and be included on the vendors’ published price list as of this date. Products shipping after this date, and any publicly available marketing information, may only have an influence on the Completeness of Vision axis.
  • Providing commercial support and maintenance for their enterprise WAN edge products (24/7) to support deployments on multiple continents. This includes hardware/software support, access to software upgrades, security patches, and troubleshooting and technical assistance.
Product Capabilities
Vendors must have generally available products that support all of the following capabilities:
  • The ability to operate as the branch office router (including BGP, OSPF, support hub and spoke, mesh, and partial mesh topologies with automation for a minimum of a 250-site network) with traffic shaping and/or quality of service (QoS)
  • Centralized management for devices with graphical user interface (GUI), including reporting and configuration changes, and software upgrades
  • Zero-touch configuration
  • VPN (Advanced Encryption Standard [AES] 256-bit encryption) with basic firewall
  • Ability to deliver network firewalls natively or through a partner
  • Native cloud security functionality or the ability to redirect and orchestrate with at least two cloud security vendors
  • Dynamic traffic steering based on business or application policy (not limited to only DiffServ Code Point [DSCP]/ports, IPs/circuits or 5tuple) that responds to network conditions (changes in packet loss, latency, jitter, etc.) in an active/active configuration
  • At least 200 well-known application profiles included (auto discovered)
  • Visibility of application performance data of traffic delivered across the WAN
  • Software — ability to operate as a virtual network function (VNF) at the branch or in the network and can be deployed in at least two cloud providers, such as AWS and Azure
  • Remote worker solution
Business/Financial Performance
Vendors must show relevance to Gartner’s enterprise clients by meeting the following with their WAN edge infrastructure solutions that meet the product capabilities inclusion criteria (from above):
  • Demonstrate baseline scalability and customer adoption by servicing at least 10 customers with active support contracts that have at least 100 sites each.
  • Show relevance to Gartner’s enterprise clients on a global basis with at least one of the two below criteria with product or products that fulfill the product inclusion criteria:
    • At least 100 WAN edge infrastructure customers with 10 or more production sites each, headquartered in two or more geographic regions (North America, South America, EMEA or the APAC region) under active support contracts. This means 100 customers with headquarters in one region and another 100 customers with headquarters in a different region, for a total of at least 200 customers between the two regions.
    • At least 50 WAN edge infrastructure customers with 10 or more production sites each, headquartered in three or more geographic regions (North America, South America, EMEA or APAC) under active support contracts. This means 50 customers each, with headquarters in three different regions, for a total of at least 150 customers among the three regions.
  • Meet at least two of the three criteria below with WAN edge infrastructure products that fulfill the product inclusion criteria:
    • Top 10 SD-WAN market share vendor published by Gartner (see Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 4Q20 and 2020) in Table 16-2 (SD-WAN Equipment, Vendor Revenue, Worldwide, 2019-2020 [Millions of U.S. Dollars])
    • At least 40,000 WAN edge sites deployed and under active support contracts.
    • At least 1,000 WAN edge customers under active support contracts or at least 500 WAN edge customers under active support contracts with 250 or more sites deployed each.

Evaluation Criteria

Ability to Execute

Product or Service
Core goods and services that compete in and/or serve the defined market. This includes current product and service capabilities, quality, feature sets, skills, etc. This can be offered natively or through OEM agreements/partnerships, as defined in the Market Definition and detailed in the subcriteria.
Evaluates vendors by looking at their overall WAN edge networking portfolios, including all hardware and software aspects of WAN edge networking. We consider the breadth and depth of WAN edge functions that the vendor offers to address the enterprise customers’ common use cases. We consider product and architectural migration strategies, and the ability to address customers’ multicloud deployment requirements, application performance, security, traffic steering, ease of use and scalability. We focus on the vendor’s flagship enterprise offering and/or the products they lead with for enterprise accounts.
Overall Viability
Viability includes an assessment of the organization’s overall financial health and solvency, as well as the financial and practical success of the business unit. Views the organization’s likelihood of continuing to offer, invest and expand in the product, as well as the product position in the current portfolio.
Sales Execution/Pricing
The organization’s capabilities in all sales activities and the structure that supports them. This includes sales/channel depth/breadth, pricing and pricing models, estimated market share and estimated growth.
Evaluates sales effectiveness and GTM activities across geographies and verticals of the vendor and its channels and includes analysis of how the vendor interacts with its customers and prospects. The second aspect of this criterion includes our evaluation of the cost-effectiveness of the solutions for purchase and support over their useful life, and the ability to recognize and position the most appropriate solution in specific sales situations.
Market Responsiveness and Track Record
Ability to respond quickly, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, and customer needs evolve, and market dynamics change. This criterion also considers the vendor’s history of responsiveness to changing market demands. This includes how well the vendor’s offering matches buyer’s requirements at the time of purchase.
We assess the vendor’s track record in delivering new capabilities when the market needs them in terms of on-time with the right scope. This criterion also considers the vendor’s history of responsiveness in terms of changing market demands and addressing limitations. This evaluation is not limited to products as it involves pricing, licensing, operating models and overall competition dynamics.
Marketing Execution
The clarity, quality, creativity and efficacy of programs designed to deliver the organization’s message in order to influence the market, promote the brand, increase awareness of products and establish a positive identification in the minds of customers. This “mind share” can be driven by a combination of publicity, promotional, thought leadership, social media, referrals and sales activities.
Focuses on how the vendor is perceived in the market, and how well its marketing programs are recognized. For WAN edge infrastructure, the evaluation focuses on how well the vendor is able to influence and shape perception in the market through marketing activities and thought leadership that drives awareness. An additional indicator for this criterion is how often Gartner clients inquire about a specific vendor in terms of capabilities/reputation or in a shortlist evaluation process.
Customer Experience
Products and services and/or programs that enable customers to achieve anticipated results with the products evaluated. Specifically, this includes quality supplier/buyer interactions, technical support or account support with the vendor. This may also include ancillary tools, customer support programs, availability of user groups and service-level agreements (SLAs).
Looks at all aspects of the customer experience (inclusive of pricing, set up, day-to-day production, product features as well as support), with a heavier weighting on post-sales service and support activities. This includes customer’s experience with the vendor’s WAN edge products and services used in their production environments. It also includes the ability to upgrade software and working with technical support to solve problems. Hardware and software quality and how customers describe their experience with the vendor’s products are evaluated. Additionally, we assess customer satisfaction, customer loyalty/retention, brand reputation and advocacy, operational quality, and employee engagement.

Table 1: Ability to Execute Evaluation Criteria

Evaluation CriteriaWeighting
Product or Service
Overall Viability
Sales Execution/Pricing
Market Responsiveness/Record
Marketing Execution
Customer Experience
Source: Gartner (September 2021)

Completeness of Vision

Market Understanding
Ability to understand customer needs and translate them into products and services. Vendors that show a clear vision of their market — listen, understand customer demands, and can shape or enhance market changes with their added vision.
Assesses the vendor’s ability to look into the future needs and drive new ideas into product roadmaps and offerings taking into account market needs, competitor strengths/weaknesses and vendor core competencies. In this market, we look at the vendor’s ability to address the challenges associated with distributed branch office locations. This may include, but isn’t limited to simplifying operations, enhancing application performance, providing robust security, enhancing connectivity to the cloud, GTM strategy, vertical strategy, geographical strategy, and pricing strategy.
Marketing Strategy
Clear, differentiated messaging consistently communicated internally, externalized through social media, advertising, customer programs and positioning statements.
Evaluates the ability of the vendor to influence the market through its messaging and marketing campaigns. This includes the extent to which the vendor articulates a forward-looking marketing message that is clear, consistent, relevant and differentiated as well as aligned with future end user needs. We look for new and effective ways that vendors reach customers, and how they plan to communicate their message to drive market demand.
Sales Strategy
A sound strategy for selling that uses the appropriate networks including direct and indirect sales marketing, service, and communication. Partners that extend the scope and depth of market reach, expertise, technologies, services and their customer base.
Evaluates the vendor’s current and proposed use of direct and indirect sales to extend the scope and depth of its market reach. Further, this includes the extent to which the vendor articulates a clear, consistent and differentiated sales strategy that engages with defined customer profiles. This includes development of effective GTM strategies, alliances and partnerships leveraging value-added resellers (VARs), system integrators (SIs), internet service provider (ISP) aggregators, master agents, NSPs, MNS providers and OEM resellers, as appropriate. In addition, this includes how the vendor exploits new pricing and business models that are emerging due to market and technology transitions.
Offering (Product) Strategy
An approach to product development and delivery that emphasizes market differentiation, functionality, methodology and features, as they map to current and future requirements.
Evaluates the vendor’s product roadmap regarding existing and future WAN edge functions. This also includes not just the raw functions, but also the vendor’s overall architecture across the portfolio, the uniqueness of the capabilities and the value to the end customer. We evaluate product strategy in terms of various capabilities, including simplicity, automation, cloud connectivity, visibility, predictive analytics, self-driving/self-healing, application performance and security. This also includes the overall portfolio across different products.
Vertical/Industry Strategy
The strategy to direct resources (e.g., sales, product, development and marketing); skills; and products to meet the specific needs of individual market segments, including verticals.
Measures the vendor’s ability to address the unique requirements of particular verticals/industries and to employ the associated sales channels, messaging and product features to build a sustainable business advantage.
Direct, related, complementary, and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or preemptive purposes. The plans to bring future differentiated capabilities to market that will enhance the vendor’s ability to interact with customers and drive business.
Measures the vendor’s ability to address emerging WAN edge requirements, and/or increasing value to enterprise customers. We look at how the vendor invests in new capabilities to move its business and the market forward. There is a focus on technologies that are differentiated, unique and offer high value to the enterprise buyer, as well as new business/operating models. Specific examples include (but aren’t limited to) application centricity, security (including SASE), cloud access, improved management and automation, as well as non-product innovations, such as a service-based pricing and hybrid offering that bundles product and managed services. A key attribute in the WAN edge market is for the vendor to innovate in areas that best meet emerging enterprise market requirements around simplified management of hybrid WAN architectures and increasingly all internet architectures. Innovation is not limited to products; it can cover multiple aspects of the vendor’s strategy that delivers new capabilities to uniquely differentiate it in the marketplace.
Geographic Strategy
The vendor’s strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the “home” or native geography. This is done directly or through partners, channels and subsidiaries, as appropriate for that geography. This also includes the ability to grow or maintain the market.
It measures the vendor’s ability to address any unique product requirements of particular geographies and to use the associated messaging, partnerships and product features, as well as sales channels, to build a sustainable business advantage.

Table 2: Completeness of Vision Evaluation Criteria

Evaluation CriteriaWeighting
Market Understanding
Marketing Strategy
Sales Strategy
Offering (Product) Strategy
Business Model
Vertical/Industry Strategy
Geographic Strategy
Source: Gartner (September 2021)

Quadrant Descriptions


A Leader has demonstrated a sustained ability to address changing requirements for enterprise WAN edge. A Leader can drive, shape and transform the market, as well as maintain strong relationships with its channels and customers.


A Challenger has demonstrated sustained execution in the marketplace, and has clear, long-term viability in the market. However, a Challenger has not shown the ability to drive, shape and transform the market.


A Visionary has innovated in some key areas of WAN edge, SD-Branch, AI/ML, SASE, cloud connectivity, operational efficiency and cost reductions. Visionaries often help transform the market, from driving new ideas, including new business models, to solving enterprise challenges. Although Visionaries often transform the market, they typically lack market share, global coverage and/or complete product capabilities.

Niche Players

A Niche Player has a complete or near-complete product offering, but has limitations, such as geographic reach or vertical market focus. A Niche Player has a viable product offering, but has not shown the ability to transform the market or maintain sustained execution.


Market Forecast

The WAN edge market (which comprises SD-WAN, plus traditional branch routers) is forecast to generate a compound annual growth rate (CAGR) of 2.6% in end-user spending from 2019 through 2025. This is the result of the robust growth of SD-WAN (18.0% CAGR) and the decline of traditional branch office routers (-16.5% CAGR).Hence, the major focus in this research is on SD-WAN solutions.
Gartner expects some aspects of the SD-WAN market to evolve into the SASE market, where security is delivered from the cloud.

Popular and Emerging Topics

Current Trends

Merging of Security and Networking/SASE
At one time, security and network procurements were handled separately. We see network and security decisions being made at the same time and more often with the same solution. This is largely driven by the move to distribute internet access to support cloud applications and change the security perimeter. This goes with the deployment of SD-WAN at the branch locations to manage the internet transport. As part of a desire to minimize branch sprawl, we expect to see more customers looking for vendors with a combined security and thin branch SD-WAN solution or as part of a broader orchestrated solution (see 2021 Strategic Roadmap for SASE Convergence).
To the Cloud
There are various ways to connect to cloud workloads (IaaS or SaaS). How distributed cloud workloads are will influence cloud connectivity options. Options include:
  • Connecting via a cloud onramp network facility at carrier neutral data center providers, such as Equinix
  • Directly connecting to cloud service providers (CSPs), such as Azure or AWS, leveraging a software-defined cloud internet (SDCI) provider
  • Procuring a circuit off an existing MPLS network to a cloud gateway peering with CSPs’ direct connect facilities
  • Internet access from the branch connected to virtual instances of SD-WAN gateways to integrate and peer within cloud providers
For cloud-first enterprises, how this is supported is becoming increasingly relevant for buying decisions.
Internet Substitution for MPLS Connections
Many Gartner clients hope to fund their WAN expansion/updates by replacing or reducing the bandwidth of expensive MPLS connections with internet-based WANs. However, the suitability of internet connections varies by geography, access type and oversubscription levels, and service providers mixing connections from multiple vendors increases complexity.
Enhanced Internet
This capability provides premium internet performance and is positioned in between MPLS and the internet. It provides similar performance and reliability of MPLS, but with the scalability and flexibility of internet at a price point in the middle. This is usually accomplished by a combination of providers’ network backbones (such as public cloud provider) and telemetry-based routing.
SaaS Optimization
Although traditional, on-premises WAN optimization is in decline, SaaS optimization relevance is growing. As more apps move to the cloud, optimizing the performance in terms of packet loss, latency and jitter over the internet is becoming increasingly important. One obstacle to adopting internet access for enterprise applications is performance and SaaS optimization looks to address this market need (see WAN Practices to Optimize Application Performance). This includes internet overlays and optimization to specific SaaS workloads, such as O365 to improve path performance.
Remote Worker Access
The impacts of COVID-19 have made remote worker access critical for ongoing business operation. In this market, WAN edge vendors now offer support for remote workers as part of their WAN edge solution. This capability has moved from an occasional request to a frequent differentiator when evaluating suppliers. We are seeing this move away from remote VPN and extending the SD-WAN fabrics directly to remote workers or with zero trust network access (ZTNA). Few vendors have native ZTNA offerings, and even fewer have them integrated with SD-WAN orchestration. We expect this to change. We also expect vendors to add lightweight client based SD-WAN solutions with functionality to improve application performance which will integrate with existing remote worker access solutions.
As we move into a postpandemic world, we expect to shift from the work from home (WFH) to the work from anywhere (WFA) model. The main differences between WFH and WFA is that, with WFH, the worker is working at home and only at home. With WFA, the user can literally work at home, a branch or anywhere else. Additionally, the worker will not be stationary and can move between locations and expect consistent security, policy enforcement and performance.
Gartner increasingly sees vendors building a common orchestration among the LAN, WLAN, WAN and, sometimes, security, which is increasingly known as SD-branch. It offers increased simplicity in managing WLAN, LAN, WAN, and security policies and profiles with a single orchestrated solution. Integrating these domains will increasingly be a differentiating factor for some vendors. Although Gartner still sees customers procuring LAN/WLAN separate from WAN, there is increasing evidence that this may change for certain customer environments.
Application Analytics
Application visibility and analytics are becoming more important to get better feedback as to the applications running on the network and informing network decisions. Whether this is for on-premises applications or applications in the cloud, enterprises are looking for more details to help troubleshoot, plan and confirm that specific application performance/quality of experience (QoE) is being delivered for end users. Increasingly, we see demand for end-user experience metrics from the end user to the actual application, which may be hosted in a CSP.

Future Trends

There is a trend to more autonomous and self-driving networks in which AI/ML technologies can be leveraged to make networking decisions without or with limited human intervention. The objective is to make networking even easier for Day 2 operations for end users, reduce operating expenditures (opex), increase speed/agility and improve uptime/performance. The other emerging objective is to use ML and algorithms to make a dynamic SD-WAN decision without any or very limited human interventions. Although it is still early in many vendors’ product development, we are seeing this functionality being incorporated into an increasing number of vendor solutions offering differentiation. The longer term challenge will be customer trust in using such solutions.
5G is hyped technology that some expect to replace wired access WANs. In Gartner’s view, with limited coverage, various 5G technology options with different performance and RF propagation, and few truly unlimited data plans, 5G is still not ready to transform WAN architectures and may never be (see Don’t Expect 5G to Replace Wired Access WANs Anytime Soon). We see 5G primarily being used as a secondary or tertiary link in SD-WAN implementations. However, SD-WAN vendors will integrate 5G modems into their appliances and implement network slicing capabilities. We see new mobile and Internet of Things (IoT) use cases taking advantage of 5G.
Client to Workload
Formerly, applications were hosted in the data center and demarcation points were the branch to the data center and the organization had control over the data center. The scope of SD-WAN solutions were the traditional WAN connecting enterprise locations. As more applications have moved to the cloud and workers have become more mobile, this will change to connecting remote workers to the workload in the cloud. The scope is moving from branch to WAN/cloud edge/data center to remote worker to application in the cloud. This means managing/enforcing policies, security and performance truly end to end to support a client to workload environment.
In the Cloud and Between Clouds
One of the most important topics today is connecting to the cloud. However, as SD-WAN collides with cloud networking, we expect networking in the cloud and across clouds to be part of the SD-WAN and, ultimately, a future SD-WAN feature. This means that SD-WAN solutions will increasingly be an option for orchestrating overlay networks in the cloud. This will open up to other vendors that will compete from the cloud out versus the branch/remote worker in.
Single-Vendor SASE
The current SASE market is dominated by multivendor solutions with some type of orchestration tying it together. We expect to see more single-vendor, integrated SASE solutions incorporating the cloud security and SD-WAN branch components. We also expect to see new pricing models from relevant vendors. This will simplify sourcing and offer a tighter technical integration ultimately offering a better user experience.
The Cloud Becomes the New WAN
More workloads are moving to the cloud and enterprises are becoming more cloud-first. As a result, we see CSP network backbones becoming part of an enterprise’s WAN solution, not only for connecting to cloud workloads and potentially between workloads, but also to connect branch locations, headquarters and remote workers. For some enterprises, the CSP’s backbone will be their WAN solution of choice.

Market Overview

This dynamic market, with emerging client needs, has created a crowded, fragmented vendor landscape, with large, established vendors and smaller providers from multiple segments competing for market share. Differentiation can be:
  • Feature-based — e.g., ease of Day 2 operation, ease of cloud connectivity, integrated security (on-premises or in the cloud), scale or application performance optimization
  • Business-model-based — e.g., pure subscription or WAN as a service, using proprietary technologies
  • Go-to-market — e.g., direct, master agents, ISP aggregators, VARs, SIs or MNS providers
  • Form factors — e.g., hardware or software delivery options
Some vendors focus on feature depth on a specific use case or two. Others choose to address a broad set of use cases across the market. Scale of deployment and the ability to support complex environments remain differentiators at the high end of the market, where some customers require deployments of several thousand branches across multiple geographies. Likewise, ease of use and automation are required for some users with limited IT staff.

Market Drivers

The WAN edge market is primarily driven by the following factors:
  • Refresh of existing branch office router equipment that is at end of support or lacks the desired capabilities
  • Renewal of NSP or managed service contracts, where a new service provider also means new equipment
  • Changing traffic patterns resulting from increased use of cloud and multicloud resources that render the traditional hub-and-spoke from remote branch to on-premises data center WAN architecture obsolete
  • Distribution of internet access to the branch, with security perimeter changes that typically drive new solutions
  • The desire to increase agility and automation to address the needs of digital business transformation and reduce opex
  • The desire to consolidate more than one branch function, such as routing, security and WAN optimization (e.g., SASE)
  • The move to push more functions to the cloud for flexibility and agility
  • The need to support remote workers in a WFA scenario
  • Move off of MPLS to add flexibility, scalability and control costs

Vendor Landscape Changes

Just a few years ago, the WAN edge market was dominated by a few suppliers with long histories of providing routing. Security and WAN optimization was often provided by separate dedicated appliances, and, even when device consolidation was available, the cost savings were small. With the acceptance of SD-WAN becoming mainstream and the demonstration that routing has become commoditized, companies that offered adjacent solutions are now aggressively competing.
This Magic Quadrant covers well-known incumbent vendors, as well as a number of smaller suppliers. We estimate that the WAN edge market has about 80 suppliers, and we still see more vendors entering the market. We expect this market to remain crowded during the next few years, with continued merger and acquisition (M&A) activity.
Acquisitions may come in the form of small vendors combining to achieve scale, vendors looking to enter the space and consolidation among networking and security vendors. As we look out three years, more than 10 mainstream suppliers are likely to remain, but we do see increasing separation by the top six or eight vendors from the rest of the market.
Recent M&A activity in this space includes Ericsson buying Cradlepoint, Juniper buying 128 Technologies and Aryaka buying Secucloud.

Market Recommendations

I&O leaders responsible for building and WANs should:
  • Build a hybrid WAN architecture with MPLS and the internet using SD-WAN products, if you have a mix of public and private applications.
  • Shortlist at least two vendors (for example, a small vendor and a large vendor) in addition to their incumbent WAN edge vendors for significant WAN expansion or router refresh.
  • Quantify the total cost of ownership (TCO) of an SD-WAN deployment. Savings may fund an early refresh; however, a detailed, end-to-end, life cycle analysis is required. WAN edge solutions more commonly have opex-friendly business models, with a strong shift from upfront capital expenditures (capex) to annual license subscriptions. This may dramatically increase TCO. To perform a proper evaluation comparison, quotes should include all platform, license and support costs for a three-year baseline (see SD-WAN Economics: Shift From Tactical to Strategic Thinking).
  • Choose WAN “as a service” — a form of network as a service (NaaS) — for their next refresh, if they are looking for an MNS, prefer opex to capex, or prefer to rent, rather than own, their equipment. (See How to Choose the Correct Network Operations Model for Your Enterprise and Toolkit: RFP Template for Managed and DIY SD-WAN Products and Services).
  • Evaluate NSP and non-NSP — such as MNS providers, ISP aggregators and SIs — options (see Magic Quadrant for Managed Network Services).
  • Favor WAN edge vendors that can facilitate automation. As a key part of vendor evaluation, include an evaluation of the operational model of any new WAN edge solution to determine potential savings and differentiation among competing vendors.
  • Evaluate SD-Branch solutions to simplify the management of their LAN, WLAN, WAN and security for small branch offices.
  • Prioritize vendors with strong orchestration with cloud providers to simplify distributed cloud access for cloud-first companies, and evaluate SaaS optimization capabilities to ensure a consistent, high-performing, end-user experience.
  • Implement a SASE architecture for branch office and remote worker secure connectivity.
  • Run a pilot to test the SD-WAN solution in a production capacity to validate performance in a real-world environment. Ensure that at least one critical site is tested with the solution deployed, before any final decision is made.

Extended Market Definition: Characteristics of the Market

Typical Business Outcomes

The fundamental business outcome is connectivity between enterprise locations, remote workers, applications and services that reside in distributed locations (both on-premises and off-premises). Locations include headquarters, branches, corporate data centers, colocation/hosting facilities, SaaS providers and cloud service providers. Buyers require improved agility, automation, orchestration, flexibility, security and application performance.

Typical Buyers

In the enterprise, CIOs, CTOs, the vice president of I&O, the director of networking, and network and telecom managers are typically the buyers of WAN edge infrastructure. Branch managers, enterprise architects, cloud architects and security personnel are strong influencers in larger enterprises as well. Increasingly, we see security and cloud personnel playing prominent roles in the selection process.

How Buyers Shape Their Buying Decisions

When selecting WAN edge infrastructure, buyers typically focus on several factors. These include vendor incumbency and familiarity, feature/functionality, pricing competitiveness and models, form factor, deployment options, ease of management, visibility/analytics, customer support/experience, overall product architecture, vertical focus, and geographical strength.


The primary deliverables include network functions that enable connectivity for workers at branches. Typical network functions include edge routing, security and VPN, WAN optimization, and SD-WAN. These functions are primarily delivered to the enterprise as an integrated solution and to a lesser extent as a software instance of these functions (e.g., a VNF) and rarely as separate dedicated hardware appliances.

How Providers Package, Market and Deliver

Buyers typically source their WAN edge infrastructure products directly from network equipment suppliers, or via a network or MNS provider (that is, as a managed service). WAN edge infrastructure can be procured via purchase, leasing, rental, or terms based subscription licensing. Furthermore, there is a diverse set of deployment options for these networking functions, including via hardware appliances, software (e.g., VNF) or cloud-based services.

Extended Market Definition: Characteristics of WAN Edge Solutions

WAN edge solutions are characterized by several elements.

Physical Interfaces

This refers to physical interfaces to plug into the service providers’ circuits. Ethernet is the default connection, and link speeds are increasing to multigigabit speeds. Flexible options beyond just Ethernet (e.g., wireless or xDSL) offer more value to customers.


Traditional hub-and-spoke WAN architectures are no longer suitable for most enterprises. Easy-to-implement mesh and partial-mesh topologies are becoming more commonplace, especially for real-time applications. Enterprises are altering their WAN architectures in support of new digital business initiatives and the adoption of public cloud services (e.g., SaaS and IaaS). The rationale is that migration of applications to the public cloud can lead to distinct challenges, including:
  • Network performance problems, as traffic is backhauled; this typically increases latency and congestion.
  • WAN expenses increase due to backhauled internet traffic with cost of paying for bandwidth twice (MPLS to the data center and from the data center to the internet).

Deployment Options

We see several deployment methods available for the enterprise to consume network functions:
  • Dedicated hardware appliance — This is the legacy style of deployment, in which a single network function is delivered as a turnkey, integrated hardware appliance. The trend is to move away from this option, as on-site technology becomes obsolete or inefficient.
  • Multifunctional integrated platform — This platform combines proprietary hardware and software to deliver multiple functions, such as WAN optimization, routing, SD-WAN and security. This can be deployed in two ways: (1) native functionality by the vendor, and (2) partnership by the vendor with another best-of-breed solution that is tightly integrated.
  • Virtualized network function/uCPE — This is a software-based instance of a network function that can be delivered on an x86-based computing platform. Nearly all routing, WAN optimization and SD-WAN vendors deliver a VNF and/or virtual machine (VM) version of their software. This is primarily delivered by carriers. We see SASE limiting the adoption of this deployment option.
  • Cloud-based OTT — Network function is delivered via a cloud platform, and the enterprise subscribes to the functionality. Security is more commonly delivered in this model, which will drive adoption of the thin CPE model with a move to SASE.
  • SASE — This involves integrated networking and security with networking delivered from a lightweight branch appliance and security delivered in the cloud from a cloud security company. Most companies deliver this as an orchestrated service chain with third-party security companies, but some vendors are adding native capabilities for a single-vendor solution. Gartner expects this architecture to increasingly be delivered from a single vendor, and to achieve that, may spur more M&A between networking and security vendors.

Consumption Models for WAN Edge Infrastructure

Enterprises consume WAN edge infrastructure functionality in multiple ways, including:
On a global basis, most WAN edge infrastructure is provided as a MNS, either via an NSP, SI, OTT MNS provider or ISP aggregator. In North America, the WAN edge infrastructure management for enterprise clients is split roughly 50/50 between MNS and DIY, whereas rest of world is more heavily MNS. Overall, Gartner sees the trend for more MNS, and the growth is expected to come from non-NSP providers. We also see an increasing trend of co-management, in which the client retains control over business policies and the MNS provider controls how those policies are enforced.


Gartner analysts conducted more than 3,500 Gartner client inquiries on the topic of WAN between 11 June 2020 and 11 June 2021.
Gartner analysts conducted more than 2,000 Gartner client inquiries on the topic of SD-WAN between 11 June 2020 and 11 June 2021.
All vendors in this research, except Riverbed, responded to an extensive questionnaire regarding their current/future data center networking solutions.
Analysts reviewed Gartner Peer Insights data for this market.
Gartner analysts reviewed publicly available information online.
Social Media Conversation Analysis: Gartner conducts social listening analysis leveraging third-party data tools to complement or supplement the other fact bases presented in this document. Due to its qualitative and organic nature, the results should not be used separately from the rest of this research. No conclusions should be drawn from this data alone. Social media data in reference is from 1 August 2018 to 31 May 2021 in all geographies (except China) and recognized languages.
Sources Covered: By default, social media sources considered for analysis include Twitter, Facebook (publicly available information only), aggregator websites, blogs, news, mainstream media, forums and videos (comments only); unless and until specified.
Riverbed did not respond to requests for supplemental information or to review the draft contents of this document. Gartner’s analysis is therefore based on other credible sources, including client inquiry, past information shared by the vendor, reviewing public statements, the website and other publicly available data sources.

Evaluation Criteria Definitions

Ability to Execute

Product/Service: Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria.
Overall Viability: Viability includes an assessment of the overall organization's financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization's portfolio of products.
Sales Execution/Pricing: The vendor's capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel.
Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor's history of responsiveness.
Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization's message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This "mind share" can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities.
Customer Experience: Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on.
Operations: The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.

Completeness of Vision

Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs, and can shape or enhance those with their added vision.
Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements.
Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base.
Offering (Product) Strategy: The vendor's approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements.
Business Model: The soundness and logic of the vendor's underlying business proposition.
Vertical/Industry Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.
Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.
Geographic Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the "home" or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market.