I have used Cisco Catalyst SD-WAN as a customer. I am a customer of Cisco, and I have been a customer rather than a partner of Cisco.

The features are useful, but it is more about how insightful these features are and how easily you are able to understand the flow and mitigate a threat. Although those features exist in Cisco Catalyst SD-WAN, the lack of visibility makes it very difficult to find out what precisely is being monitored through the advanced threat prevention features of Cisco Catalyst SD-WAN Viptela solution. The features are undoubtedly useful, but at the end of the day, it boils down to how easily you can see the insights provided by the solution. I feel Cisco slightly lacks in that aspect. It could be because the hardware itself is a router with added security functionality, while in Fortinet or Palo Alto, those systems are intrinsically firewalls with security capabilities built-in, and routing added on top. Hence, the visibility part in those solutions is better compared to Cisco Catalyst SD-WAN, since it is not a logging device.

I have found some other solutions more insightful and user-friendly as compared to Cisco Catalyst SD-WAN, but the basic SD-WAN functionality is good enough. I am using it only because it was done as a pilot project, specifically for my 60 to 70 sites. For the majority of the sites, I am using Fortinet's Secure SD-WAN solution and I found that more viable and more in alignment with my requirements.

For example, there is not any Internet Service Database available in Cisco Catalyst SD-WAN intrinsically. If I want to write a policy based on applications, I am not able to write it, at least in Cisco Catalyst SD-WAN Viptela deployment that we have done, and that is fairly easy to do in Fortinet. The second issue is the logging capability. I think the visibility that Fortinet Secure SD-WAN has is not even comparable. Cisco Catalyst SD-WAN does not provide that sort of insight or control as far as traffic steering is concerned.

With respect to the SLAs, I barely know which sort of SLAs are violated in Cisco Catalyst SD-WAN, so I do not have clear visibility on where the traffic is moving from at my spoke or hub locations. I believe Fortinet gives me a very clear picture of where the traffic is going. Overall visibility, whether it is data traffic or logs, is much better in Fortinet compared to Cisco Catalyst SD-WAN.

The complexity of Cisco Catalyst SD-WAN Viptela is noticeable and quite complicated to configure. If something breaks, you have to involve TAC and others to fix it. On the contrary, you can work with underlays. Even if your IPsec overlay tunnel is down, it does not impact your production. Thus, we find Fortinet's solution significantly better than Cisco Catalyst SD-WAN solution.

I have used Application-aware Routing in Cisco Catalyst SD-WAN. However, I found it to be very complicated, especially regarding policy writing. For my breakout of VC traffic, we had to write a bunch of IP addresses for Zoom, Webex, and others. Presently, it can only identify Webex as an application, and I highly doubt whether there is any application identification for Zoom and other platforms, as we were not able to find it during our implementation. It is done through static whitelisting of the IPs, which is not a scalable solution since IPs can change at any time. Overall, the application-aware routing policies are not as flexible and scalable as the Internet Service Database feature of Fortinet provides.

The struggles encompass policy writing, logging capabilities, traffic visibility, and complex configuration. There is also the issue of load balancing. We have faced considerable challenges with traffic load balancing between the links. Although the SLA targets are configurable, understanding how traffic flows is challenging, making troubleshooting exceedingly difficult. Overall, I find it a quite complicated solution with not that much operational usability.

I have been working with Cisco Catalyst SD-WAN for close to two and a half years now.

The basic functionality and the control connections created are complicated, and a simple issue in the control connections between the fabric causes numerous complexities that demand extensive troubleshooting time.

It is done through static whitelisting of the IPs, which is not a scalable solution since IPs can change at any time.

The complexity of Cisco Catalyst SD-WAN Viptela is noticeable and quite complicated to configure. If something breaks, you have to involve TAC and others to fix it.

We are using Cisco Catalyst SD-WAN infrastructure primarily because we have invested in it after using ISR 4K routers and the legacy IWAN solution, which is the predecessor of SD-WAN, Intelligent WAN. Since the devices still have an operational life left, we want to leverage that.

I have already settled with Cisco ISE after visiting the website a few months ago where I researched Cisco ISE and other Cisco products. I have already procured the Cisco ISE solution. There are some other products as well. We are using Cisco ACI as well. Cisco ACI stands for Application Centric Infrastructure. Cisco Catalyst SD-WAN Viptela is also being used and we are using Cisco ACI as well. I am not sure how Cisco Catalyst SD-WAN supports cloud environments because our deployment is on-premises. Therefore, I cannot comment on the vAnalytics and other solutions that could enhance security or visibility since I have not used them myself. My overall review rating for this product is four out of five.

In my view, Cisco Catalyst SD-WAN would be less effective when it comes to SD-WAN functions compared to Versa.

The overall operability of Versa is better than Cisco Catalyst SD-WAN. As a seller, I still find Cisco Catalyst SD-WAN to be a little complicated.

The ease of use, interface, and implementation are better with Versa.

Functionality-wise, both Versa and Cisco Catalyst SD-WAN possibly would be at par. I would not comment on that for sure, but from the deployment perspective, I still feel Versa has got an easy interface to get things managed.

The integrated threat protection and end-to-end encryption features in Cisco Catalyst SD-WAN are good.

More or less, it's the same with Cisco in terms of complexity and pricing, so there's not much of a difference. They might want to consider incorporating features seen in Versa or other competitors to improve their points.

I would rate the technical support by Cisco as nine out of ten.

That's even a little bit better than what Versa has, because Cisco engineers can be found everywhere compared to Versa. This is an advantage that they carry.

Cisco Catalyst SD-WAN is positioned ideally where customers already have Cisco routers and other equipment, making migration to Cisco Catalyst SD-WAN easier. In these use cases, Cisco Catalyst SD-WAN is very competitive.

When discussing application-aware routing features, this is a standard feature all the OEMs are offering.

Cisco Catalyst SD-WAN would be more expensive compared to Versa. I have been a partner and reseller of both Versa and Cisco.

I rate Cisco Catalyst SD-WAN eight out of ten.

The main use cases for Juniper vSRX would be primarily for a data center scenario device, and there's a significant focus on the other core elements.

Cisco Catalyst SD-WAN's main use cases for us will be data center deployment for enterprise level.

The most useful feature for Cisco Catalyst SD-WAN is the single pane of glass management because we also use Meraki onsite. It's a standard Cisco solution, and because Cisco is who they are and what they can provide, we use Cisco for compute and network, and we use NetApp for storage, so that's what we generally do.

I have absolutely seen scenarios where the decentralized management capability improved operations and workflows.

There's nothing I could put my finger on right away for improvements in Cisco Catalyst SD-WAN. There is definitely nothing that Juniper does that Cisco doesn't do. Cisco will do everything Juniper does and then some. The negative, or the downside of Cisco is the knowledge base; you need to be a little bit more tech-savvy and network-savvy to work with Cisco, while Juniper is a lot more user-friendly from what I can see, especially in terms of configuration and any kind of roll back. But in terms of market leaders, Cisco is capable of doing anything you want it to do, as far as I can see.

I have just recently been working with Juniper.

I have contacted Cisco support for one-on-one support for a very unique or bespoke configuration where there are a lot of rules and policies going on in the background, maybe some interconnecting or conflicting with one another, but in terms of the actual product or problems with the product, nothing I'm aware of.

I would consider Cisco support a 10 out of 10.

In my experience, customers are realizing the return on investment with Cisco in 12 months. Within the year, I've done work with customers in the last couple of years that we've upgraded from Avaya six to Cisco Catalyst SD-WAN in a Cisco network environment, and they are now back to do that with the remainder of their company, so they've realized the value in 12 months and are willing to invest in the remainder of their organization.

I am working on the Juniper vSRX solution.

I work with switches, routers, firewalls, and any IT consultant tasks, and I work at the core. I have a CCNA, and I'm actually doing a Juniper certification exam in 3 hours, so I continually work on upskilling, as part of what I do.

If it's enterprise level, you'll deploy your Cisco Catalyst SD-WAN in a couple of hours. You can draw it down there if you've already got a Catalyst or an existing environment. If you are starting up from scratch, it's hard to put a timeframe on it because it depends on criteria, but if you're replacing something with a Cisco Catalyst SD-WAN and you know what you're doing along with using the CLI and your backups, a couple of hours would be plenty of time, a half a day or maybe a little bit more wouldn't hurt.

There are AI features, and I'm not 100% privy to them because I just haven't been involved in that element, but they do exist.

I would rate Cisco Catalyst SD-WAN an eight.

My title is Information Technology Consultant at a company named Island Networks.

The primary use case for Cisco SD-WAN is the standard configuration across all sites, facilitated by templates. This solution helps in the ease of management and compliance configuration, which is deployed everywhere.

It also simplifies troubleshooting and provides full mesh topology for branch connectivity to data centers. All branch locations, along with central locations, are on SD-WAN and gathered in the data center. Many customers combine it with local Internet breakout for SaaS applications.

The valuable features of Cisco SD-WAN include its security policies and zone-based firewall that are applied to every site, as well as application-aware routing. Security is standard compliant, eliminating config drift that was prevalent before manual configurations. Application-aware routing offers flexibility in using different lines for traffic, depending on the policy implemented.

The main area for improvement in Cisco SD-WAN is the lack of documentation, which often lags behind the software releases. This is especially notable since Cisco acquired the solution and is still integrating it into its overall environment.

I have been using Cisco SD-WAN for the last three years.

I would rate Cisco SD-WAN an eight out of ten for stability. While some software-related issues and bugs were encountered, they did not cause the whole environment to crash. Sites were able to continue functioning, although there were limitations in making changes at those times.

The ease of configuration and features like zero-touch provisioning enhance the scalability of Cisco SD-WAN, especially in disaster recovery situations. I would rate scalability a nine out of ten. The initial implementation faced some issues, but it has improved with newer software versions.

The customer service and support for Cisco SD-WAN are satisfactory, rated as eight out of ten.

However, Cisco's ongoing reorganizations have affected the quality of technical support, which varies depending on the engineer handling cases.

Before Cisco SD-WAN, I used traditional MPLS or eVPN, IPVPN networks. The switch was made for easier management and standard compliance, which is enforced by the SD-WAN product itself.

The initial setup involves getting the underlay and controllers in place to migrate from the old to the new network. I deployed in parallel, allowing both networks to coexist, and then migrated sites to the new central control plane.

For a complete project, we had two central administrators and designers, along with three or four teams managing the remote locations. The process took approximately one year to migrate about 280 sites.

The pricing for Cisco SD-WAN is rated eight out of ten, with some variability depending on the reseller discounts and the size of the enterprise. It is also relatively cost-effective for smaller businesses when using the Meraki version.

We evaluated other solutions but chose Cisco SD-WAN due to its flexibility, support for our requirements, and the preference of many of our customers who were already using Cisco-based solutions.

I would recommend working out detailed use cases and requirements before implementation. Cisco SD-WAN is quite flexible, however, without a solid foundational design, users might struggle with too many options, leading to a poor rollout design.

Overall, I rate Cisco SD-WAN as nine out of ten.

The primary use case for Cisco SD-WAN is to connect multiple offices or branch offices across the globe or within a country securely. It facilitates branch-to-branch or office-to-office transactions and provides easy access to primary data centers.

Cisco SD-WAN is valued for its operational efficiency and ease of operation. It allows prioritization of packages based on production requirements, and integration capabilities provide comprehensive security. Integration with Cisco ISE, Cisco Firewalls, and other Cisco solutions is beneficial. Furthermore, it is appreciated for its insights, visibility, and ease of use.

Integration with other OEMs and the API part needs improvement to be more user-friendly, especially in terms of GUI. Including more features like integrating with Splunk for monitoring vulnerabilities would help eliminate the need for other SOC solutions.

I have been working with the Cisco SD-WAN solutions since 2018.

I have not faced any stability issues with Cisco SD-WAN.

Cisco SD-WAN is highly scalable and can be expanded to more than 10,000 sites, so there are no issues with scalability.

The initial setup is not straightforward, as it requires experienced personnel to size and optimize the solution. Otherwise, it could be costly.

For Cisco SD-WAN deployment, following Cisco's published best practices is advisable, starting with vManage and then adding all devices for better remote control.

Operational ROI is observed by cutting down internet and branch connectivity costs, while securely accessing hosted applications using various types of connectivity like 3G, 5G, or MPLS.

Cisco SD-WAN is a premium product priced on the higher side, however, its pricing is justifiable due to the comprehensive solution it offers.

I have evaluated Aruba and Fortinet SD-WAN solutions.

For enterprise customers with significant security concerns, Cisco Catalyst SD-WAN is a recommended choice. It offers comprehensive integration under a single umbrella, which is advantageous compared to other OEMs.

I would rate the overall solution as a ten out of ten.

We are working with telecom companies and many government companies. The main request is to tie the branches, separate the bandwidth depending on the application, and have a unified orchestrator to see all these connections from one centralized management center.

SD-WAN provides a range of common benefits, including cost reduction, increased visibility, and scalability. It can be seen as a replacement for MPLS. This applies to all vendors, not just Cisco. When someone requests SD-WAN from Cisco, they already recognize its value within their environment.

It is expensive.

I have been using Cisco Catalyst SD-WAN for three or four years. We are Cisco's golden partner.

I rate the solution’s stability an eight out of ten.

The solution’s scalability is high.

I rate the solution’s scalability a nine out of ten.

I rate the initial setup an eight out of ten, where one is difficult and ten is easy.

The product pricing is high. Fortinet is cheaper than Cisco.

I rate the product’s pricing a seven out of ten, where one is cheap and ten is expensive.

Overall, I rate the solution a seven out of ten.