WatchGuard Technologies has shipped an updated edition of its Fireware operating system with automated network path selection capabilities designed to support SD-WAN deployments.
Available now, version 12.3 of the OS that powers Seattle-based WatchGuard’s Firebox UTM devices is equipped to failover from one WAN connection to another if any of several quality of service measures drops below pre-defined thresholds. The new feature turns similar functionality in earlier versions of Fireware aimed chiefly at preserving uptime into a technology capable of delivering the consistently high connection speeds SD-WAN deployments require.
"It was always based on just whether the link was up or down,” says Brendan Patterson, vice president of product management at WatchGuard. “With the new SD-WAN capabilities, we’re doing dynamic measurements of things like jitter, packet loss, and latency.”
For end users, he continues, the upshot is reliable SD-WAN performance over ordinary internet links instead of costly specialized connections. “[It] guarantees high quality connections without spending on expensive MPLS lines and things like that,” Patterson says.
Bundling SD-WAN functionality into the same device that provides security simplifies deployment and administration too. “With SD-WAN, especially in a distributed company with many locations, it’s an advantage if you can get what you need just from one box, especially if it’s a box you already have,” says Patterson. Solutions from vendors that specialize in SD-WAN typically don’t offer that advantage, he continues.
“If you look at any of the SD-WAN vendors, most of them don’t even provide any security capabilities,” Patterson says. “Some do, but what they provide tends to be very basic.”
That includes offerings from the large providers of communication and networking services getting into the SD-WAN market at present, according to Patterson, who says that adding dynamic path selection to Fireware arms channel pros to keep pace with those firms. “It gives our partners assurance and capabilities that they can compete with those type of bigger solutions that typically don’t provide a very good user experience or customer support,” he says.
Kevin Willette, President and CEO of Minneapolis-based solution provider Verus Corp., calls WatchGuard’s new feature a “game-changer” for his company’s service offerings. “This will allow us to offer a better platform at a fraction of the price compared to the competition,” he says in emailed remarks. “Having an SD-WAN offering with security in mind and visibility into the full network connections has been a long-time goal of ours. With the WatchGuard secure SD-WAN offering, we are happy to say that we finally have it in an affordable package for our clients.”
Adding incremental capabilities for functions like SD-WAN to Fireware and the Firebox line is a longstanding component of WatchGuard’s product strategy. “Historically that’s where we’ve been going with the UTM platform,” Patterson says. “We’ve always brought services onto the product that used to maybe run in another separate box.”
WatchGuard is the latest in a string of networking and security vendors to build SD-WAN support into its hardware. Zyxel Communications added similar functionality priced specifically for SMBs to its VPN firewalls in October. SonicWall made a similar announcement last month.