To improve the product, the company, alone or with a good partner, should manufacture their own hardware brand with boxes to make the product more shippable.  

Implementing VMware is much more difficult, time-consuming, and expensive than implementing Fortinet or Check Point. With Fortinet, you pay a couple of hundred dollars for hosting and a low-cost firewall, there's only one box to ship to each site, and it's much easier to manage.

Moreover, it would be easy for the large telecom operators and system integrators to sell the solution. It would also be a good fit for customers with multiple small offices, who I currently advise to choose hardware-vendor SD-WAN solutions over VMware.

The product should have on-demand tunnels instead of fixed tunnels. When connectivity is established, the tunnel is fixed. It is permanent. Other products have tunnels that are established and terminated based on demand. When the traffic needs connectivity, the tunnel will be established, and it will be completed after the traffic is done. The solution could provide some advanced security features.

VMware SD-WAN doesn't have the best built-in firewall. You would still need a firewall, depending on your needs. If you don't have a huge amount of outbound traffic, that's fine. If you are hosting a website or something like that, you would need an additional, more advanced firewall. They don't have a built-in next-generation firewall.

In the future, a built-in next-generation firewall would be good for the solution.

If you don't have an Internet connection, you can’t control it. It is also not that cost effective because it is a subscription.

It has a lot of major restrictions and it's a little costly. For example, the requirement to have the separate nodes from VMware to monitor and control nodes is a big expense. We looked at it from a Dell perspective and the minimum they want just to monitor and have that capability is $10,000 a month. It's kind of expensive. There's always improvements to be had, but the problem is the price. That's always the driving decision point.

We don't want to have a SD-WAN for our business users and then have to go to someone like Zscaler for our private VPN. We would like to see one product do it all, so we're only dealing with one source when we talk about remote access, whether it be large installations or remote users. Having multiple products is a drain.

I would like to improve the tool’s cloud security features. I would like to see high-throughput hardware requests in the product’s next release. The solution should also support multiple gigs which could be around ten.

The solution is pricey. It could be cheaper.

Support could be more helpful or responsive.

The solution doesn't offer failover between their own devices. If I want to, I should be able to put the two devices together, so there can be a failover. 

They need to come out with a new device, such as a 510 LTE which would have LTE capabilities.

On the 610 devices, they're saying they're going to have LTE in it. They don't have it. They don't even have a POE feature inside the VeloCloud devices. Therefore, if I want to set up a POE, just the one device with everything in it, I actually don't have a POE support on it.

There might be potential enhancements in better integration with other platforms, increased stability, and heightened security.

There is room for improvement in the pricing. 

Another area of improvement is in terms of security. It could be better. 

VMware SD-WAN can improve on the security features.

In a future release, VMware SD-WAN could improve by adding a VPN without IPsec.

Better price model would be appreciated.

There are customers that have very large routing and segmentation operations who do a lot of segmentation within their network and have complex routing requirements. VMware does not provide the facilities in terms of doing a lot of operations with routing tables, such as complex routing policies. It is more about that out-of-pocket experience that customers get out of VMware. There are other technologies for this type of use case from solutions, such as Versa or other WANs. These are for customers who are wanting to maneuver or configure things themselves, similar to DIY solutions, for them going to technologies, for instance from Versa, makes much more sense because they can do a lot more with routing, complex segmentation, and complex configurations. For customers who have complex service provider requirements, VMware and other solutions cannot support a lot of those use cases.

In an upcoming release, they should allow customers the flexibility to use mobile applications where they can go and check on the information about their networks. A lot of vendors, such as Meraki, have a lot more integration with the use of portals to a mobile application. Having this feature as an alternative to logging into a laptop would be beneficial. If you are a SaaS-based company why not make a mobile application as well. You might not be able to do configurations but at least monitor while away or on vacation.

There is still room for improvement in support and security, especially in enhancing the SASE aspect of the platform. They could include more functionalities similar to Fortinet.

VMware SD-WAN could improve if the hardware could integrate the interface using ICP. Additionally, if VMware SD-WAN is used with SSE providers that use tunnels there are some issues prioritizing traffic because it cannot decrypt.

I would like to see an on-premise NGFW embedded into the solution. They have a SASE solution that is part of the deployment model now but is more cloud-focused. It would be nice to have an on-prem all-in-one SDWAN/NGFW box for some smaller deployments that don't need or have a virtual environment nor have a need for a full SASE deployment model.

I'd like them to improve their mobile parts. I want them to get faster in this field.

The cost is a little bit high. We'd like it if it was less expensive. 

We'd like to see more security added to the solution. It would be good if it had firewall functionality.

Sometimes the room for improvement is designing it for a different customer base that they're not currently in. We match the right solution to the right user's requirements. Some users need a multitenant offering, whereas most large enterprises don't need that. But if you are talking to a service provider, some don't offer a multitenant solution. And so when the customer needs that, we would say use one with a multitenant, like VMware.

VMware SD-WAN is harder than Cisco. It is complex, and we must take many steps to get the service. I think it would be beneficial if obtaining licenses could be simplified. Currently, numerous options and integrations are bundled together, which can make it quite complex.

The challenge right now is the customers understanding that it's a subscription-based service. The price is a sticker shock to clients because most clients are used to buying a product and not a subscription service. 

What VeloCloud requires is a combination of a subscription service, which is the cloud orchestration, and the devices, which can be purchased independently. Clients think that they can just buy the product for their endpoint usage and that's it. But, they don't realize they've got to pay for a monthly subscription because the technology that ties the two edge devices together is up in the cloud and you need to have that. That intelligence, you have to pay for monthly. 

It helps to understand this when people are using Microsoft 365, a subscription-based service. People except the fact that, oh if I need Word or Excel, I can buy it from Microsoft for a monthly subscription rate.

Services similar to that are now more and more being accepted. Whereas back a year ago, people were saying, "No, I just want to buy a hardware device." That's where the Cisco Meraki comes in. They don't really have much of a cloud orchestration solution. They have devices that provide SD-WAN solutions. You're dependent on each device to do their functionality, whereas VeloCloud puts it into the cloud.

It's not like you buy a router, install it, and you're good to go. It's the service, and what they call orchestration of maintaining data integrity, delivering point-to-point. 

If you're in China and you're trying to ascend data across the United States or whatever country you're in, you can imagine the path that it's going through from any world destination from the US. There's going to be thousands and thousands of hops, and by the time you get to your endpoint, any of those hops can introduce some sort of problem. High latency. 

With the SD-WAN solution, it determines the optimal path because they have gateways that help reduce the number of hops. If you didn't use VeloCloud and you wanted to set up a telephone call using VoIP from the United States, here in California, to China or wherever, your chances of having good, solid connectivity is going to be slim because you've got no protection. Whereas the SD-WAN VeloCloud solution provides number one, reducing the linkage between the two points and then it also provides some resiliency and ability to recover from data packet losses.

Depending on the clients and how critical the data is for them, it will determine how expensive the solution is. If you are a real estate office and you have ten offices, it may be too pricey for that type of industry, but if you're a manufacturer or a software developer, or a company that makes games, and you provide the gaming service, then the cost of the solution is not going to be a major concern.

If you are in the medical industry and you need to keep your hospitals connected and especially with COVID 19 and sharing of data, then the cost is not the biggest issue. It's really delivering resilient service.

They need to increase their gateways. When I staring with this solution, they only had 600 to 700. I say only, but that's a lot still, but they're now over 1000 gateways. It's like Elon Musk's new satellite service. Their Starlink. It's the same with Gateway. 

For Elon Musk to have to launch 2,400 satellites, and in order to provide satellite internet services and to provide just enough, when they're touting one to two-gigabit transfer rates, in order to do that, where it's ubiquitous, it doesn't matter whether you're out to sea or whether you're in the office, or you're by the shoreline in California, you have access to the internet.  

It performance is mediocre but as more and more satellites are added, the performance and the capabilities are that much more.

They need more gateways. It comes down to access; if for example, you have a gateway in LA, it probably covers San Diego and parts of Sacramento, but if you have two gateways it will cover more traffic that is in that area. The more gateways you have the more connectivity access for clients to use to get to the cloud.

Because of the buyout, it has to integrate with VMware's distribution channels, with their support channels. They have to basically GRAT the development of their solution, and fit right inside with VMware's. It's like Dell buying a small company, and then that small company needs to conform to Dell practices. Right now there, they're in flux.

Right now I have to manually manage the SD-WAN dashboard for the connectivity to the internet and routing from point-to-point.

The routing from point-to-point and all of that stuff are separate from the internal local area network. So, right now, software-defined WAN and software-defined LAN are two separate controlling systems. If they can integrate that, such that they are on one dashboard, I can see what's going on with my China manufacturing plant from the US and I can see from the China plant what devices are failing from the US then that would make it even better. So far, it's certainly a step in the right direction, but there's of course, like in time there's going to be continued improvements.

It provides a solution that all companies need and that's connectivity, resiliency.

I would rate this solution a nine out of ten.

We're trying to integrate it with our Prisma Access architecture in the future. We would just like to see it smoothly deployed. We are going now back and forth between our Palo Alto reps and VeloCloud or VMware SD-WAN reps to find a solution to integrate both into one solution. I'm not sure if this is on Palo Alto's or Prisma's or VMware's side.  Other than that, all the features and everything look great.

The only thing that I'm having issues with is on one of the sites, I can't see the location on the map. That's the only thing that can be fixed.

VeloCloud could improve its integration capabilities with other solutions. VeloCloud just provides connectivity, but what about advanced security services or administration service providers, and HPP for voice solutions? I think that VeloCloud could improve this kind of service integration. I know it's not their main use case, but it's part of their portfolio.

In the next release, I would like to see better support for IPv6.

I also think that a CPE that supports WiFi 6 is necessary.

There is one feature that would set VMware SD-WAN apart from others solutions, and that is what I call inter-cloud connectivity. All the solutions regarding VMware are good because for example, If I go from my workplace to a retail office and I want to use my applications in the Cloud, that is possible. Perhaps we have customers who have their IT partial environments hosted in different cloud locations, such as Amazon and Azure, and the interconnection between the clouds, this is not possible. If it was possible it would be a market game-changer. Having the SD-WAN solution that is good at optimizing and facilitating traffic between different cloud providers would be great.

The firewall can be more advanced.

The 4G connection doesn't come by default, and it would be good to have that in the next release.

The flexibility of use for customers could be improved as well. It would be good to also improve the reseller transfer of the box from one customer to another customer.

The cost could be lower too.

There are a number of customers we have that require a fully mashed SD-WAN on VeloCloud that is not available currently. If you compare the reporting tool to all other tools that you use for customers for MPLS, they are not as granular. Additionally, the security could be better and increasing the capabilities for fully meshed architectural typology would be beneficial.

Cloud-based, it's okay because they roll up the device and provide you with a link for access. In regards to in-house, when you want to deploy the orchestrator, it becomes very difficult. Currently, I don't see any such good documentation compared to their competitors, like Cisco, etc.

Also, If you look at Cisco, just Google it and you'll get every detail: what to do, what specific system, what server, how much RAM, how much storage, all the details — it's just much easier.

If a customer has an optimization solution within their network, then you have to be very careful when designing — optimization and all. This can make your design very complex. If the customer has an existing optimization solution, then you have to be very careful when designing any part of the SD-WAN solution — Cisco or Velo.

They should provide us with the flexibility to scale up.

The solution needs improvement for the security features and should include two firewalls. Cloud VPN can’t support any link. The solution needs to also improve the availability of centralized internal management. 

It needs to have debug detection and Deep Packet Detection features as well. 

The documentation for VMware is also hard to find.

The dashboards could be improved.

There is no security included, which is something that should be improved. For example, they should at least include basic firewall capabilities.

Security is a challenge. I would like to see VMware add things like IPS, IDS, and web filtering. These features are the future of security, and most competing firewalls have them. We already have layer 7, but that is not enough for a headquarters. Maybe it's okay for a branch office.

In the future, we would like to have more capacity using this solution as there are limitations on the VCE. For example, only 50 tunnels can be supported currently but we would like to have 200 tunnels using the VeloCloud VCE device.

The security function on the VCE could be improved as we need to purchase another device to protect our setup. 

They should help our customers reduce the cost of the implementation from a local user cloud to the user using a standard cloud. They should improve the time and the cost of the implementation.

I would like for them to upgrade to 5G integration. Our customers have 4G now and the connectivity isn't good. It should be much faster. 

VMware SD-WAN is complicated to configure.

VMware SD-WAN could improve by having more partnerships with other vendors.

The solution doesn't have CLI (command line interface), but it's not needed because the graphic user interface is very nice. You can do everything, but when we are troubleshooting, we can't execute commands as fast as we'd like because the graphic user interface is very slow. So although the solution has a CLI, VeloCloud doesn't. I'd like for VMware to introduce CLI. The solution also needs stronger routing Broadcom support because we cannot deploy VeloCloud in bigger enterprises that have that kind of complex browsing protocol.

VMware does not work well if the enterprise has a very complex routing environment.

Some of the service providers that use VeloCloud as their SD-WAN should be enabled to have better global visibility.

The cost of VeloCloud could be lowered.

This solution needs a local gateway for the cloud in every country. The gateway is used to set up cloud access and one of my clients had a bad experience with the local partner that was trying to set one up.

Technical support is in need of improvement.

Security needs improvement.

Also, it needs better scalability. There are certain products that if you need to create extra, the company expands and they will bring on extra branch-to-branch connectivity. There is a point where you will have to move to new hardware. We would need a larger scope for scalability.

I don't want to deploy a number of VeloClouds, and then in one year after business acquisitions, they need scalability. The only way to do that would be to remove the hardware and replace it with the new hardware.

The security of the firewall should be improved. It would be a good idea to have a standalone product with better security.

In an upcoming release, they should have firewall rules.

Its integration with the security systems would be a nice implementation. They can also consider using a management platform for both network and security operations. This would be a great improvement.

VMware SD-WAN could be improved with more automation and more integration, but each vendor could use these improvements. 

In an upcoming release, the solution can be more functional and have additional features.

The product could be improved if the reports were modified making them easier to use and easier to understand from the customer's point of view. Also, from a cost perspectives, although ValorCloud is the number one product in its field in Gartner's Magic Quadrant, it's very expensive for the Indian market. 

VeloCloud needs improvement in terms of its security features. It needs to work with third-party vendors such as Fortinet, Check Point, or Palo Alto because at an increasing rate, and because of new rules for compliance, organizations require security features that are not offered by VeloCloud.

I would like to see more features added to increase visibility.

Reporting is an area that can be improved, as there are some features that are lacking with the reporting aspect.

I would like to see a reporting site and for the monitoring, they can implement it, or interface it with an existing monitoring system, which is not easy.

There is room for improvement with respect to security.

The price of this solution should be lower.

The initial setup could be simplified for beginners.