About five years ago, VMware spent $1.26 billion on Nicira, a network virtualization startup, to move into the data center software-defined networking (SDN) market. In a similar move, the company yesterday announced its intent to acquire VeloCloud, a jump that will land it squarely in the SD-WAN market.
While VMware struggled a bit with the Nicira acquisition, I don't expect the same kind of resistance with this latest move. With Nicira, many industry watchers, myself included, were critical of VMware as it tried to gain a foothold for the Nicira product, NSX, by working around network professionals. This created some backlash. In hindsight, even if VMware had gone all in with networking, I'm not sure the market was ready for something like NSX. But as network modernization has become more important, NSX has made the network more programmable and agile without having to touch the physical underlay -- and adoption has been strong over the past two years.
A Good Fit
There are a few reasons why VMware shouldn't have as much an issue incorporating VeloCloud offerings into its portfolio as it did with Nicira's NSX. First, the value proposition of SDN in the data center is largely tied up in operational savings. A company could deploy NSX but not see a fast payback if the operations team hasn't changed the way it runs the network. Also, the data center is where a business houses its crown jewels -- and making a mistake could have big consequences.
Conversely, enterprise WANs are a mess, badly in need of modernization. The current WAN design architecture has been in place for more than 20 years. Also, there's a huge cost savings to be had by shifting from MPLS to broadband, so the time to payback is fast. Given VMware's recent traction with NSX, extending its footprint into the WAN seems like a no-brainer -- and VeloCloud is the logical choice.
VMware took a small stake in VeloCloud a couple of years ago, so it's been a believer in the technology for some time. Since its inception, VeloCloud has run in the Amazon Web Services (AWS) cloud. VMware, too, has a strong relationship with AWS, so there are some operational synergies. In addition, VeloCloud's gateways and virtual cloud orchestrator run on VMware hypervisors so, in a way, the product integration is already well underway.
Each company has a strong presence with service providers, as well. VMware has more than 100 service provider customers and VeloCloud around 60. I estimate an overlap of about two dozen, making the cross-sell potential between NSX and VeloCloud in this space enormous. Since both are software, VeloCloud can spin up its SD-WAN on NSX and activate it in the overlay without having to touch any hardware.
Extended Micro-segmentation
In terms of low-hanging fruit, the biggest opportunity is the extension of NSX-based micro-segmentation into the WAN. NSX may have taken some lumps with network managers, but was embraced with open arms by security professionals for its ability to micro-segment a network quickly without having to do a significant amount of command-line interface programming at the router level. Because NSX operates as a pure software overlay, designing a segmented network is greatly simplified. For example, a healthcare organization could create logical, secure overlay networks for medical devices, guests, and patient information. Doing that with virtual LANs and access control lists can be time-consuming and complicated.
VeloCloud can extend those segments out to the WAN. A retailer, for example, would be able to create separate zones for point of sale, digital signage, and guest devices. Without the SD-WAN integration, the retailer would need to configure a separate segmented network in each branch. In theory, a hacker could breach a network, go out to the WAN, and backdoor into one of the other segments. A joint VeloCloud-NSX solution would let security administrators create one set of policies enforceable everywhere -- and say "bye-bye" to back doors.
I don't know VMware at the same depth as I do VeloCloud, but from what I do know, it shares a similar culture, innovation, and vision. Enterprises should expect to see big things once the integration is done.
Shaking It Up
From an industry perspective, the acquisition provides some badly needed consolidation in the SD-WAN space, where there are too many vendors and not enough demand. Earlier this year Cisco acquired Viptela, so now, with VMware grabbing up VeloCloud, two of the startups are off the market. The other of the third "Vs," Versa Networks, would be ideal for a company like Juniper that has a large service provider presence.
I believe we'll see some subset of HPE, Dell Technologies, Fortinet, Alcatel-Lucent Enterprise, and Extreme Networks eventually find a dance partner among the many other SD-WAN companies. Among the options are vendors such as Aryaka, CloudGenix, Riverbed, and Silver Peak. The industry needs a good shakeup; Cisco and VMware have made their moves, and now the others should follow suit.
Learn more about Systems Management & Network Design at Enterprise Connect 2018, March 12 to 15, in Orlando, Fla. Register now using the code NOJITTER to save an additional $200 off the Advance Rate or get a free Expo Plus pass.
Follow Zeus Kerravala on Twitter and Google+!
@zkerravala
Zeus Kerravala on Google+