SD-WAN

The promise of digital transformation is based on operational simplicity, better application performance, more business agility and increased responsiveness to external variables such as competition and technology innovation. While the virtualization of compute and storage resources coupled with innovations in DevOps, the WAN was largely ignored and has remained stagnant while everything else has evolved. Cloud (public, private and hybrid) is the passing lane in the digital transformation journey. To achieve these transformation benefits, enterprises migrate their workloads and applications to public cloud Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) targets. These migrations have increased demands on the WAN while putting additional stress on the performance and security control points that have traditionally resided in an enterprise data center. Network traffic supporting users wanting access to cloud applications have to “trombone” back to central data centre sites to be validated and authorized and then bounce back out of the data centre to reach the cloud destination. This is very inefficient especially in a global setting. TCP/IP conversation profiles, latency, packet loss and variable network performance means poor and irregular end user experiences, the result of poor overall application performance.

Some Legacy Telco history. Telco (Carriers) are historically, the main providers of WAN services to enterprises. Historically, they also provided legacy voice services. Voice services over PSTN (Public Switched Telephone Network) could migrate to VoIP (Voice Over Internet Protocol) but sound quality issues were visible in the early adoption. In a cloud enabled world, SD-WAN is an excellent cloud connectivity solution. This perceived easy, low disruption solution had Enterprises turn to their telco managed service provider for solutions for cloud connectivity by aggregating solution components and inter carrier relationships under a single, complicated offering.

Another SD-WAN decision point is the question of construction (aka DYI, CapEx, asset purchase) or consumption (aka Managed Service, OpEx, subscription). For companies that have contractual commitments to MPLS, utilize Dedicated Internet Access (DIA) in remote locations/branches and maintain the necessary IT Network resources to manage the environment, introducing the DYI SD-WAN model may be adequate to keep the lights on. Troubleshooting poor cloud application performance, security breaches, cloud and SaaS applications integration, the inability to “scale up or down” on demand and last but not least, the “snailnet” responsiveness and speed of legacy telcos that enterprise has been conditioned to expect, can be a showstoppers for successful digital transformation success stories. Precedent has been established with the subscription based cloud consumption model. The same principles can be applied to create a complimentary network consumption model.

SASE (Secure Access Secure Edge), pronounced “sassy”, is this emerging cybersecurity concept coined by Gartner in a report called “The Future of Network Security in the Cloud in August 2019. Digital organizations needed a new approach for network security in a world of cloud services, remote users, SaaS applications and essentially a data centre bypass from users wanting to access non-data centre applications like those provided by Cloud Service Providers (CSPs) such as Google, MS Azure, AWS and Oracle Cloud. It is based on entity identification. These identities can be associated with people, groups (branch offices), devices, applications, services, IOT (Internet Of Things) systems or edge computing locations. In summary, SASE results from the integration of the Security Service Layer and the Network Service Layer. The Security Service Layer includes: FWaaS – Firewall as a Service; CASB-Cloud Access Service Broker; ZTNA-Zero Trust Network Access; Cloud SWG-Secure Web Gateway. The Network Service Layer includes: SD-WAN-Software Defined Wide Area Networks.



Popular Use Cases

MPLS Migration

MPLS contract renewal avoidance

Cloud application acceleration

Branch Office technology simplification

Global optimized connectivity

Regional optimized connectivity

Remote worker access and security

Branch access to internet

Cloud application connectivity

UCaas Optimization

CCaaS Optimization

CapEx displacement

Global Reach

CAD/CAM Design Collaboration

Remote Video Monitoring for Manufacturing

Company Mergers & Acquisitions

Note: Company logos are live links to the partner website

CloudGenix was founded in 2013 in San Jose, CA by an executive team with over 50 combined years of experience building products used in the world’s largest and most resilient, performant, and highly available networks. In April 2020, Palo Alto Networks, the global cybersecurity leader, completed its acquisition of CloudGenix Inc. The acquisition will further strengthen Palo Alto Networks comprehensive secure access service edge (SASE) platform. Palo Alto Networks Prisma™ Access is the industry’s most comprehensive SASE platform, delivering a global cloud network with cloud-delivered security that’s ready for today’s highly distributed environments. With the integration of CloudGenix’s cloud-managed SD-WAN solutions, Palo Alto Networks will accelerate the intelligent onboarding of remote branches and retail stores into Prisma Access, in turn accelerating the shift from SD-WAN to SASE across its customer base. In addition to SD-WAN packet and flow awareness, Cloudgenix brings the additional capability of application awareness through AppFabric. This means Cloudgenix offers a top-down understanding of applications and a bottom-up understanding of packet and flow-centered architectures which is unique in the SD-WAN space. Greater application awareness allows AppFabric to make smarter policy enforcement decisions based on application performance characteristics which drives a WAN architecture built around SLAs that encompass end user experience across all applications.


Aryaka has been delivering global, optimized connectivity as a service before the term “SD-WAN” became popular. Aryaka delivers unmatched global 7×24 support, unbeatable Net Provider Scores (NPS) and network expertise and “smart hands” in their Cloud-First WAN platform. With over 32 Points Of Presence (POP) around the world, Aryaka can offer latency of 30ms or less, to 90% of the world’s business users. For Canadian companies Aryaka provides POPs in Vancouver and Toronto. Aryaka offers both regional and global connectivity offering hundreds of enterprises of all sizes and several Fortune 100 companies unmatched connectivity and performance. The OpEx model offers companies an immediate solution to their cloud transition projects with implementation in days instead of months. Aryaka capabilities include: SmartOptimize (Application Acceleration as a Service: network optimization, application acceleration), SmartCloud (Multi-cloud Networking as a Service: ), SmartSecure (Security as a Service), SmartInsights (Actionable Insights as a Service) and Smart Connect (Connectivity as a Service).


Cato Networks provides Canadian enterprise with a converged SD-WAN and network security platform, delivered as a global cloud security service. This platform is aligned with Gartner’s Secure Access Service Edge (SASE) framework. Cato optimizes and secures application access for all users and locations. Using Cato, customers easily migrate from MPLS to SD-WAN, optimize connectivity to on-premises and cloud applications, enable secure branch Internet access everywhere, and seamlessly integrate cloud datacenters and mobile users into the network with a zero-trust architecture. Cato was founded in 2015 by one of the co-founders of Check Point Software who created the first commercial Firewall and Imperva, the innovator of the web Application Firewall. In Canada, Cato Networks has established POPs (Points Of Presence) in Vancouver, Calgary, Toronto and Montreal in addition to their 50+ POPs located in strategic locations around the world.

Oracle Communications provides integrated communications and cloud solutions for Service Providers and Enterprises to accelerate their digital transformation journey in a communications-driven world from network evolution to digital business to customer experience. SD-WAN from Oracle Communications was engineered by Talari through an acquisition in 2018. Talari delivered SD-WAN in 2008 and was granted 18 WAN patents. Oracle Communications is carrier agnostic and offers flexible CapEX/OpEX consumption models.


Versa Networks, the leader in Secure SD-WAN and SASE, combines full-featured SD-WAN, complete integrated security, advanced scalable routing, genuine multi-tenancy, and sophisticated analytics both on-premises and in the cloud to meet WAN Edge and SASE requirements for small to extremely large enterprises and Service Providers. Versa Secure SD-WAN and Versa SASE are available on-premises, hosted through Versa-powered Service Providers, cloud-delivered, and via the simplified Versa Titan cloud service designed for Lean IT. Thousands of customers globally with hundreds of thousands of sites trust Versa with their networks, security, and clouds. Versa Networks is privately held. Versa enables secure, scalable, and reliable enterprise-wide networking, increasing multi-cloud application performance and dramatically driving down costs (CapEx and OpEx). Versa Secure SD-WAN and SASE are available on-premises, hosted through Service Providers, cloud-delivered, and via the Versa Titan service for Lean IT.

Masergy is the software-defined network and cloud platform for the digital enterprise. Recognized as the pioneer in software-defined networking, Masergy enables unrivaled, secure application performance across the network and the cloud with Managed SD-WAN services. Masergy offerers industry leading SLAs coupled with an unparalleled customer experience enable global enterprises to achieve business outcomes with certainty plus 20 years pioneering software defined networking, operating in 102 countries. 1600 Enterprise clients. Masergy’s SD-WAN is unique because it’s built on Masergy’s network that delivers industry-leading performance with globally consistent SLAs, and provides a single portal for real-time analytics and control with unmatched network and application intelligence. Enterprise security is built in with 24/7 threat monitoring and management, and transport-agnostic access lets you mix and match any transport method or connectivity type. Plus, Masergy always gives you an unparalleled client experience. Masergy offers customers fully managed, co-managed and over-the-top choices in SD-WAN services. In addition to SD-WAN, Masergy offers UCaaS, CCaaS and Managed Security solutions.

Open Systems is the preeminent networking and cybersecurity provider for the enterprise cloud. Open Systems is a global company founded in 1990 in Basel Switzerland. company. Open Systems is a secure access service edge (SASE) pioneer enabling enterprises to scale with managed, cloud-native, secure connections anywhere. Open Systems operates in 180+ countries supporting over 3M users. Earning a net promoter score of 60, Open Systems has 7,300 deployments in a 7×24 support environment. Open Systems takes away enterprises’ operational headaches as they securely scale in the cloud. Open Systems is a secure access service edge (SASE) pioneer delivering a complete solution to network and security. Open Systems’ managed services offer cloud-native architecture, secure intelligent edge, hybrid cloud support, 24×7 operations by level-3 engineers, and predictive analytics. Their services combine 24×7 expertise with an intelligent platform to predict, prevent, detect and respond to cyberthreats so enterprises can thrive. Open Systems delivers integrated, multi-layered network security and protection that is seamlessly built-in to our Secure SD-WAN, and present in every edge device. Open Systems integrates comprehensive security features, so you can manage centrally and run worry-free. Open Systems enables customers to leverage a single partner for network and security operations. Consolidate your SD-WAN, network security, and extended detection and response (XDR) technology to reduce omplexity and the need to orchestrate multiple vendors and applications. Open Systems helps free up your skilled IT staff to work on other business-critical projects.