SD-WAN supplier VeloCloud announced last week the expansion of its SD-WAN Security Technology Partner Program to include new members Palo Alto Networks Inc. , Symantec Corp. (Nasdaq: SYMC), VMware Inc. (NYSE: VMW) and Forcepoint. But as an industry analyst points out, this is a work in progress and there are several notable networking security companies that aren't on the list. (See VeloCloud Expands SD-WAN Security Ecosystem.)

Zeus Kerravala, founder and principle analyst for ZK Research, says the biggest missing security vendor is Cisco. That's a bit of an odd omission, given that Cisco Systems Inc. (Nasdaq: CSCO) has invested in VeloCloud, he notes. In January 2016, VeloCloud Networks Inc. announced a $27 million Series C round of funding from investors, including Cisco. Of course, since then, Cisco has developed and acquired its own SD-WAN offerings of Cisco IWAN and Viptela. (See Cisco Joins $27M Round for SD-WAN Startup VeloCloud and Is the End Near for Cisco's IWAN?)

VeloCloud's Vice President of Marketing Michael Wood says the company's security ecosystem partners were selected primarily based on feedback from enterprises and its service provider, system integrator and VARS partners that the SD-WAN solution had to integrate with the "security vendors and profiles that they had already standardized on."

In addition to Cisco, Kerravala says security suppliers like FireEye, F5 Networks Inc. (Nasdaq: FFIV), Radware Ltd. (Nasdaq: RDWR) and Barracuda Networks Inc. could be beneficial additions to VeloCloud's security ecosystem. F5 could be useful due to their focus on cloud security as a "non-traditional security partner." Kerravala also says VeloCloud could benefit from partnering with an artificial intelligence-based security supplier like Cylance.

"VeloCloud isn't trying to build a security tool themselves, they just allow you to connect to whomever your favorite security vendor is," says Kerravala. "I think that's an important approach because it's hard to find a company today that doesn't have any security... Because there's no greenfield opportunity, customers would want to be able to retain whatever security investment they've already made. If they can connect into the existing security technology, that would be in the best interest of the customer."

From a service provider standpoint, the ability to go to market with a branded offering in the SD-WAN space "probably has more weight behind it than a generic security service available by the service provider. That makes a big difference -- it takes a long time to build up the faith of the masses when it comes to security," he added.

In this week's announcement, IBM QRadar SIEM service has also been added in an effort to improve network monitoring, visibility and analytics, and according to VeloCloud, the SD-WAN Security Technology Partner Program as a whole addresses all three parts of its SD-WAN security framework including network, cloud and management. VeloCloud launched the SD-WAN Security Technology Partner Program in April this year with inaugural members IBM Corp. (NYSE: IBM) Security, Check Point Software Technologies Ltd. (Nasdaq: CHKP), Fortinet Inc. and Zscaler Inc. . VeloCloud currently has over 50,000 customer sites in varying stages of deployment. (See SD-WAN Security a Headache?)

Get real-world answers to virtualization challenges from industry leaders. Join us for the NFV & Carrier SDN event in Denver. Register now for this exclusive opportunity to learn from and network with industry experts -- communications service providers get in free!

Jared Martin, vice president of ITx Managed Services for TPx Communications , a VeloCloud service provider partner, says VeloCloud's SD-WAN platform reduces operational complexity since TPx can service chain the WAN, networking and security elements in a "single box solution."

TPx has partnered with VeloCloud for about three years, and issued a full launch last year of its SD-WAN service -- ITx for WAN. Martin says while TPx for WAN is powered by VeloCloud, TPx Communications provides it as a managed service to its customers by leveraging VeloCloud's ecosystem.

"For us, we feel there's a lot of value in what VeloCloud is doing because they've chosen to partner with best-of-breed security solutions and enable that technology in their platform, and make it easier for a service provider like us to manage that and to be able to service chain those services together," says Martin.

Martin says there aren't any major networking security vendors missing from VeloCloud's security ecosystem, and TPx partners with many of the suppliers in the ecosystem already -- such as Palo Alto and Fortinet. He adds that it's important for SD-WAN suppliers to focus on improving their core technology of SD-WAN, rather than building their own security as the firewall market is already saturated.

"Palo Alto is seen as a premium enterprise brand and with the consumption model we have with Palo Alto and now this enablement with VeloCloud, we can offer Palo Alto as a managed security option with VeloCloud way more cost-effectively than you could buy Palo Alto directly," says Martin. "I think it makes it more approachable to businesses that previously thought they couldn't afford the Palo Alto solution."

Martin adds that some TPx customers that beta-tested the SD-WAN solution provided feedback that they could now afford Palo Alto's security solution "because of the way it's been packaged."

TPx currently has 1,600 SD-WAN active customer endpoints and an additional 1,500 customers in varying stages of deployment, and its SD-WAN customers are predominantly mid-market size and range from SMB to enterprise customers in verticals such as banking, retail and construction. Most of its customers are headquartered in the U.S. and TPx plans to deploy their VeloCloud gateways in Asia, Latin America and Europe in 2018.

The SD-WAN market has experienced tremendous growth in 2017 alone -- with such an influx of SD-WAN suppliers, Kerravala says it's time for vendors to start differentiating themselves as the market is maturing and moving beyond the early adopter phase. In addition to security, Kerravala says key SD-WAN vendor differentiators include ease of deployment and the establishment of a robust ecosystem of the right cloud and security partners.

— Kelsey Kusterer Ziser, Senior Editor, Light Reading