Cisco Meraki SD-WAN is a cloud-managed solution that simplifies and secures wide area networking across branch, campus, and remote locations. Built on Meraki’s dashboard, it delivers centralized visibility, automation, and traffic optimization without the complexity of traditional WAN deployments. The solution improves application performance by dynamically routing traffic based on real-time conditions, integrating advanced security, and providing seamless multicloud connectivity. With support…
N/A
HPE Aruba Networking EdgeConnect SD-WAN
Score 6.4 out of 10
N/A
The HPE Aruba Networking EdgeConnect SD-WAN platform addresses the challenges associated with backhauling cloud-destined traffic to the data center, thereby reducing the cost of bandwidth connectivity from the data center to cloud providers.
At our level, we had to optimize our 3 internet links (MPLS and LTE) with applications like O365, SAP, Microsoft CRM Dynamics and our collaborative work tools like Teams. We also had to ensure that both client workstations and servers could communicate with minimal latency with our Microsoft Intune infrastructure.
The HPE Aruba Networking EdgeConnect SD-WAN excel in environments where you do a lot of your East - West segmentation is done by another device. While these devices can do basic firewall functions, it's their not true intent. If you can group what you want your traffic to do into a few basic groups, this product will work great (think all Guest Traffic gets low priority and sent directly to the internet, VoIP gets sent directly out but high priority, and most internal traffic gets medium throughput). There are ways to really tinker reach the desired goals but this can be a double-edged sword of those configurations being forgotten about. There is also the use of templating which if you have a larger environment, this product will make some normal configs (think SNMP) more streamlined. The units are also highly reliable, built with HA in mind - our company has only experienced a single version that had a memory leak that we just needed to remember to reboot every 90 days while we waited for the next update (which came in like 4 months).
Meraki has been beautifully done for people who are actually very lean on the IT infrastructure as in resources wise. So Meraki is a very good solution to give them the simplicity on a single glass plan where they can actually have visibility over all their networks on a single glass plane by a click of button, they could actually see what's happening. They could actually do troubleshooting on the fly, including packet capture, which is such a smooth feature. Usually myself including I've been have an engineering background, all my ears packet capture, I've never seen that smooth and easy to operate that you can actually have a high level understanding or deep level depending on how much you want to go in with the click of a button. That's so beautiful. I mean everything for me Meraki is point of kind of a go ahead for everyone.
The platform itself is very feature-rich. One of the difficulties we find is that to do things, for example, in terms of monitoring and obtaining data, it's not consistent. There are multiple interfaces to get them, but you can't get the same data through all interfaces. So you end up having to try to find either the least common denominator or we have to build our own code that then mines through all the interfaces and that becomes very problematic.
The other problem we've found is that there are issues where the same amount of expected software quality isn't really there in all releases. Cisco breaks things out by like shorter or long-lived release trains. And the long-lived release trains tend to have good quality by the time you get to the second or third release within it. But then those are skips. There are like 12, 18 months skips in between those. So if you start releasing features on versions in between there practically to be safe, you have to wait until you know much later. So to be able to see new future capabilities as they come out and deploy those readily needs to improve, it needs to be much faster.
Because so far the solution showed great stability during the time, easy to use and deploy. There is still room for improvements like adding a smarter way to manage the policies to apply to the tunneled traffic, today the way to configure and manage them is quite old style, It would be better an "object" oriented way to create them.
The product and its management as a whole are worth investigating for any kind of people interested in looking at new SD-WAN appliances. The devices possess a lot of capability for granularity which makes them much more advanced than other products I've worked with in the past. Ironically, for all the granularity though, this product is held back that you can ultimately only have 7 different policies for routing decisions. We've ran into instances where we wanted two sites to only share certain routes between each other (through the use of tags which are basically an arbitrary way to say this traffic is special) but then we had to collapse some of our routing decisions in order to make a specific route table for these two to be able which felt like a step back in the advanced routing decisions we had previously made
Fast and efficient. The only issue currently is that the support is only overseas support and not in South Africa, which causes delays in resolution for some cases. Escalating issues is quite simple and the opening of new cases from the dashboard is easy. I have never had a support issue that could not be resolved.
Cisco Meraki SD-WAN is way more easy to configure as they do not use a command line interface, but a graphical user interface. Cisco Meraki SD-WAN also has configuration templates, which allows for multiple devices configuration with much less effort than conventional command line interface devices. Monitoring is also a benefit over regular devices.
Prisma SD-WAN is a very simple solution to configure and maintain (so much to the point that in that environment, I questioned if my skills as a Network Engineer were needed). However it worked almost primarily on its own with very little input, by default and at the time of review had no way to do fully mesh (which was desired), and constantly suffered from memory leak. Its integrations were through the use of obscure tags and suffered from a "when it works - it works but when it doesn't - it doesn't and you don't know why" mentality. In contrast, HPE Aruba Networking EdgeConnect SD-WAN gives you a lot of insight into what is going on with the site, the integrations are done easily within Orchestrator (the control plane), and ultimately the product is typically a very stable product with many ways to configure and tweak the solution to fit your business needs.
Being a cloud-first solution, Meraki Dashboard will scale as needed without any effort for the client. The Meraki cloud will provision (upscale and downscale) the resources as you grow or shrink in size. You only have to physically install the MX on your site, all the management is one through the Internet via Meraki Dashboard. Worth noting that you can fully-configure the MX prior to the physical installation on site.
Cisco Meraki SD-WAN gave us a new perspective on SDN, ZTP and other automation tools we didn't have before
The sizing of Meraki MX series cannot compete very large and robust networks, only if we use virtual appliances. In this case, I would recommend on other vendors like Fortinet
