The Intersection of Excellence, Innovation, and Solutions.

Blog

Cisco SD-WAN: Meraki or Viptela?

Gartner predicts that by 2023, 90% of all WAN edge infrastructure refresh initiatives will be based on virtual or SD-WAN technology. In the age of software-defined everything, manufacturers and service providers are working hard to establish themselves as leading SD-WAN providers. By integrating SD-WAN with its existing Meraki and ISR product lines, Cisco has continued to solidify their place as the industry leader.

Since being acquired by Cisco in 2012, Meraki has become one of the top performing product lines at Cisco. Meraki has emerged as a full-fledged solution with multiple cloud-focused product lines spanning from traditional networking and mobile device management (MDM) to security cameras. With Meraki’s success and vast customer base, adding SD-WAN software to the platform was a no-brainer.

In 2017, Cisco acquired Viptela, one of the first pure play SD-WAN companies. There’s a lot of speculation on why Cisco chose Viptela; however, I believe Cisco purchased Viptela for the same reason that they bought Meraki five years earlier: it was the leading product in its category. Since the acquisition, Cisco has quickly integrated the Viptela SD-WAN software with its ubiquitous ISR and ASR product lines to further expand the solution.

While Meraki and Cisco Viptela are both superior SD-WAN solutions, we find many clients asking the same question: “Which solution is right for us?” While this post is not an exhaustive list of decision-making considerations, we find two recurring conversations that tend to sway many clients: segmentation and ease of use.

Segmentation

Segmentation is one of the basic fundamentals of network security. This term has evolved over the years to mean anything from physical separation with separate networking devices, to virtual separation like VLANs and MPLS tags, to micro-segmentation by virtual machine in the data center. While a seemingly simple concept, it’s one of the major differentiators between the Meraki and Viptela platforms.

Meraki’s current feature set doesn’t allow for any kind of end-to-end segmentation across the SD-WAN cloud. You can create local segments at each site (such as a DMZ or Guest network); however, they are just that–local. There’s no easy way to honor that segmentation across sites.

In contrast, Viptela’s architecture was built from the ground up to enable strong segmentation. By using different VPNs (like VRFs for those used to Cisco lingo), segmentation is one of the building blocks. You can even get as granular as to have different WAN topologies per segment, not to mention different security/routing policies.

Segmentation isn’t always required; however, if segmentation is a necessity for your business Viptela is probably the way to go.

Simplicity

My background is that of a typical network engineer: I’m used to putty sessions and typing commands into a CLI. Both of these solutions blow CLI management out of the water with their cloud-first single pane of glass GUI management.

Meraki has made its name by being an end-to-end solution that can be managed by a small IT staff. The Meraki Dashboard allows access to every device in your network, see detailed reporting on clients and health, and use a GUI to make necessary changes. None of this has changed with Meraki’s SD-WAN solution. With a couple clicks of the mouse, users can turn Meraki’s current MX Security Appliance platform into a dynamic SD-WAN solution. For existing Meraki customers–especially those utilizing the Meraki MX appliances–the Meraki SD-WAN solution can make a lot of sense.

Viptela feels very much like traditional Cisco routing and switching. There are a million knobs that you can turn to tweak any aspect of your network. While this is great for some companies, others just want their solution to do what they need it to and to manage easily. This is where Meraki has been able to outshine almost any other solution in the industry. It stands up easily and gets 90% of the major features that everyone uses (and none of the corner case features that you would never use in the first place). For companies looking for a relatively easy SD-WAN solution to stand up and manage, Meraki is usually the more natural solution.

Which one is right for you?

While I have offered two key considerations s that sway businesses one way or another, it’s important to note that each platform has unique features that may also affect decision-making. A company’s carrier diversity strategy is one example. Another is its public cloud and Software as a Service (SaaS) application strategy, as each platform can integrate and handle aspects of each very differently.

If your business has a current or planned SD-WAN initiative, ANM’s expert engineers can help you navigate the different solutions in more detail and decide which one best serves your goals. Please e-mail dylan.marlow@anm.com to schedule a demo.

Dylan Marlow, CCIE 57873

Dylan is a Senior Systems Engineer based out of ANM’s Phoenix office. In this role, Dylan works in both pre-sales and delivery roles to help clients design and implement advanced solutions. In his free time, he enjoys skiing the Colorado Rockies, and hiking with his dog Raisin.

Leave a Reply