Magic Quadrant for the Wired and Wireless LAN Access Infrastructure
We evaluate a variety of networking vendors providing access layer connectivity. Vendors must have an end-to-end hardware solution, but increasingly, vendor differentiation centers on network services, including guest access, onboarding, security and management tools.
This document was revised on 5 September 2013. The document you are viewing is the corrected version. For more information, see the Corrections page on gartner.com.
The access layer market consists of vendors that supply wired and wireless networking hardware and software components that provide connectivity to the infrastructure access layer, from the edge of the enterprise network to the end user. The market supports three types of access layer vendors:
- Those that provide their own wired and wireless infrastructure connectivity, network service applications and services.
- Those that mainly focus on a specific connectivity option, often offering one or more vertical markets or deployment solutions that address a unique set of market requirements.
- Those that use a strategic partner to provide a portion of the access solution. It is important that these vendors provide differentiating functionality that shows why the vendors collectively provide a better offer to enterprises, rather than being considered separately.
An increasing number of enterprises continue to tell us through client inquiries that they do not want to have to make trade-offs between the security and management of their wired and wireless access networks. In addition to wired or wireless hardware, access layer solutions must include management, security, guest access and planning services in an integrated access network solution. With limited growth in IT resources, administrators require one network management application, one access security solution, one guest access application, or a policy enforcement solution with the flexibility to be deployed in a public cloud or on-premises. This integration reduces operational overhead and eliminates the potential for conflicting policies as users access the network with an increasing number of diverse devices. While the trend favoring integration is increasingly clear, vendors have been slow to react as consolidation of single vendor solutions continues to evolve.
As the wired and wireless access layer continues to converge, migration from existing deployed technology is an important consideration, especially with the increased life expectancy of switches and access points. This has spawned new and differentiated multivendor capabilities to simplify and optimize infrastructure administration, to provide a solid foundation and continuity in networking communications at the edge of the network.
Increasing the Role of Network Services
Network administrators are looking for network service applications that address wired and wireless clients including access layer services such as:
- Policy enforcement that provides access to applications and parts of the network based on credentials, as well as context-aware variables such as location. This is particularly useful in bring your own device (BYOD) scenarios.
- Integrated network management that is aware of wired components and is wireless LAN (WLAN)-vendor-independent.
- Onboarding services, including device authentication and user authorization services for BYOD programs that support many operating systems and device postures.
- Network forensics tools to determine what is happening across the entire access layer.
- Intrusion detection and protection for wired and wireless access.
- Support for voice and video applications by adding features such as reduced jitter, awareness and monitoring of voice and video quality, and fixed mobile convergence capabilities.
- Location-based services, context-oriented services and asset management.
As vendors continue to expand functionality, they will provide additional information about usage and traffic to administrators, enabling enterprises to maximize the productivity and ROI of all access-layer connectivity.
Source: Gartner (September 2013)
Adtran has a strong presence in the service provider market and sells its enterprise offering through distribution partners, with an extensive reseller channel that deploys access layer solutions to a distributed enterprise market. Adtran has aggressively integrated vWLAN into its NetVanta products and Internetworking portfolio, and continues to market a strong VMware relationship.
Adtran should be considered for education access layer opportunities, but also for solutions on distributed enterprises and hosted and managed service offerings.
- The vendor has extensive experience with enterprises looking for multitenant hosted or managed service offerings that leverage its n-Command suite of managed service productivity tools.
- Adtran NetVanta Ethernet switching addresses vertical-market-specific requirements with its ActivReach and ActivChassis solutions.
- Adtran's wireless solution places all user control and network management on VMware and, therefore, works closely with VMware on access layer networking decisions.
- Enterprises looking to deploy Adtran should review the available information on application functionality for requirements such as guest access and policy enforcement functionality to ensure that it meets their specific needs, as the product has been designed to address a broad horizontal marketplace.
- The vendor has an extensive North American direct and channel organization. Organizations should request references for implementation and service of applicable Adtran solutions outside of North America.
Aerohive is an access layer vendor that differentiates itself with the HiveManager network service applications that provide an easy-to-use interface with per-user quality of service (QoS), flexible contextual policy enforcement, and client profiling on a controllerless, cooperative control architecture. The vendor sells 100% indirect primarily in North America and EMEA. Aerohive's focus has been on the wireless LAN, but it also ships wired switching platforms to midmarket and distributed enterprises and small branch router/VPN devices for a complete access layer solution.
Network service applications for security, guest access, network management and policy enforcement can be defined on an appliance or in the cloud before being pushed to the edge of the network. Aerohive should be considered for any overlay wireless LAN enterprise opportunities in North America, Western Europe or Korea/Australia/New Zealand, especially in the education, healthcare and retail markets. Its controllerless, mesh-based architecture makes it a standard bearer for market pricing of equivalent functionality. Aerohive's innovation and focused market messaging are driving annual growth much higher than the WLAN market.
- The breadth of Aerohive's internally developed network service applications for security, network management and policy enforcement, which address wired and wireless connectivity as well as a stateful firewall, means that Aerohive continues to exceed the needs of enterprises.
- Aerohive offers options for the deployment of network-based services — either on an on-premises server, in the cloud or through managed services. This gives its customers a wide range of choices when deploying their wired or wireless architectures.
- Aerohive customers gave high marks for its experience, including sales, support and performance of the solution.
- HiveManager has the ability to manage third-party wired and wireless clients but, depending on the vendor, can require an additional management application to be used in conjunction with the Aerohive portion of the access layer solution.
- Aerohive continues to grow faster than the market, but is still a smaller, private company. It needs to increase its marketing communications to gain additional visibility. Without a direct sales organization, the vendor needs to invest heavily in its channels; otherwise, enterprises will be reluctant to work through Aerohive's channel for both sales and support.
- Aerohive has supplied its BR small branch products to the midmarket and distributed enterprise, but larger, campus-based enterprises need to test the larger and more functional SR switch family as the new part of the product line fills in this part of the end-to-end access layer solution that enterprises need to deploy.
Alcatel-Lucent Enterprise is a strong campus and enterprise vendor. While it is a global player with a direct sales organization, its distribution channel accounts for 88% of all sales. Gartner typically sees Alcatel-Lucent most often in EMEA with a growing North America presence.
Alcatel-Lucent Enterprise creates solution bundles for small, midsize and large enterprises. Its predominant target market is midsize and large enterprises leveraging the vendor's converged campus network solution, but it may be part of larger Alcatel-Lucent offerings that combine telephony and/or carrier solutions. Alcatel-Lucent Enterprise's marketing focus has been global for enterprise verticals, with a particular focus on education, healthcare, hospitality and government, as well as on strategic industries with large, distributed networks (such as energy, utilities and transportation). Alcatel-Lucent Enterprise should be on any European or North American wired or wireless infrastructure shortlist, with consideration for other geographical areas.
- The vendor has a strong networking strategy that provides an end-to-end access layer strategy utilizing its OmniSwitch technology and leveraging Aruba WLAN components, which allows its Instant controllerless architecture to be seamlessly married to the Alcatel-Lucent Enterprise switches.
- Alcatel-Lucent Enterprise's User Network Profile (uNP) and OmniVista network service applications provide guest access, client onboarding, security and policy enforcement which can be delivered across the wired or wireless infrastructure with the flexibility of either on-premises or a cloud delivery model.
- The vendor's Application Fluent Network strategy with enhanced application fingerprinting provides differentiation that detects specific traffic, assigns treatment and monitors the visibility to assure the quality of the application flow across the access layer. Alcatel-Lucent Enterprise has specific capabilities for voice, video and hosted virtual desktops.
- While the vendor has made significant progress toward increasing its visibility in the North American market, it continues to be better-known in Europe.
- Alcatel-Lucent Enterprise's access layer solution is dependent on Aruba Network's WLAN technology. The lack of internal control for this important access layer capability limits Alcatel-Lucent Enterprise's ability to respond to changing market needs, or when their requirements differ from the target markets that Aruba is looking to penetrate.
- Limited channels, account coverage and market visibility in certain regions continue to limit Alcatel-Lucent Enterprise's opportunities to sell and service where its solution meets the market needs.
Aruba Networks continues to focus on the access layer and includes wired switching. Clients tell Gartner through client inquiries that ClearPass is providing significant leadership with its wired and wireless, multivendor client onboarding, security and guest access suite of applications to address corporate-owned as well as BYOD client devices. Combined with its Instant wireless LAN, and the breadth of its additional wireless components and wired switches, the vendor is a one-stop shop that has the ability to compete in any enterprise access layer opportunity. The vendor also continues to invest in technology to improve the access layer experience, including ClientMatch, AppRF and its upcoming Aruba Central.
Aruba Network's target verticals include education (higher education and K-12), healthcare, financial services, federal government, service providers, retail and hospitality. The rightsizing message implemented with its Move architecture makes Aruba an appropriate choice for any enterprise opportunity, especially where security, multivendor management or teleworking are high-priority criteria.
- Aruba Networks maintains one of the largest portfolios of access layer components, in terms of access points and switches, appealing to nearly all network design types and price points.
- Enterprises looking to extend unified communications and collaboration to mobile devices should consider the vendor because it provides the only wireless LAN qualified for Microsoft Lync.
- Aruba Network's ClearPass policy enforcement and AirWave network management provide a suite of single policy applications for wired and wireless multivendor enterprises. ClearPass continues to be a strong differentiator for the access layer as competitive products continue to challenge its leadership position.
- The vendor's Instant access point family allows enterprises to make a choice between legacy controller-based architectures and newer controllerless ones, which have been well received in the small or midsize business (SMB) market, but also able to scale to over 8,000 access points.
- More than 40 global service providers now use Aruba Networks as part of their managed service offering, giving enterprises the ability to outsource the edge of the network either with on-premises network service applications or in the cloud.
- Enterprises must use Aruba Network's AirWave version 7.7 or newer to get new management capabilities to resolve issues such as the ability to configure Instant access points without having to upload the image for distribution, as well as new SLA metrics for device health and application usage.
- Enterprises must verify that resellers/distributors have the ability to support the entire Aruba access layer solution through verified references.
- With the number of new Aruba products and applications being released, enterprises must verify that the functionality meets their requirements. They should pay special attention to ensure that required requested capabilities are not in additional applications that are included in the bill of materials.
Avaya continues to provide solid wired and wireless technology for the access layer and a strong value proposition. Building on its strong unified communications presence, the vendor continues to re-energize its sales organization to attach networking to its installed base and beyond. Avaya's multivendor wired and wireless Identity Engines application portfolio is the anchor of its network service applications, BYOD and guest access. The portfolio includes the Ignition Server, Ignition Guest Manager, Ignition Access Portal, Posture, CASE Wizard and Analytics applications. Network management has a separate set of components, including the Configuration and Orchestration Manager and Visualization Performance and Fault Manager.
Avaya is a global vendor, although North America and EMEA are its strongest geographies and align with a strong global Avaya Connect channel program that moves 80% of the solutions. The vendor focuses on healthcare, financial services, education, hospitality and state/local government markets to deliver networking solutions — not only at the access layer, but also into the data center. Consider Avaya for any access layer opportunities in their target markets, as well as complementary to other Avaya solutions or any Nortel network refresh projects.
- Avaya offers a scalable wired and wireless access layer strategy with integrated, enhanced network services for enterprises that are looking for an access layer solution. The SLAMon tool provides differentiation by proactively monitoring the health of the network and detects problems before applications are degraded.
- Avaya's heritage with voice and unified communications means fast, easy provisioning; simplified authentication and automatic quality of service (QoS) for Avaya Internet Protocol (IP) phones and devices.
- Avaya supports real-time tracking of the location of clients with its E911 emergency location services, a capability that seamlessly integrates with existing E911 infrastructure offerings.
- Avaya supports a strong Ethernet stackable portfolio, with recent introductions such as stacking on ERS 3500 and the extension of its innovative Fabric Connect solution (based on the standards-based Shortest Path Bridging foundation) on the ERS 4800.
- Avaya's breadth in its network service applications caters to a broad range of customer requirements from midsize to large enterprises. Enterprises need to evaluate the specific applications they require to ensure they are not paying for additional functionality that may not be needed.
- Enterprises in the Asia/Pacific region and Latin America associate Avaya as a telephony solution provider and may be less aware of its networking and access layer offerings. Enterprises should select resellers with the ability to provide a complete level of service in their geography.
- Enterprises must consider the total cost of ownership (TCO) of any access layer purchase. Avaya provides a limited lifetime warranty on its switching platforms, but only provides 12-month hardware and three-month software warranties on its wireless components. The industry has moved to providing a limited lifetime warranty.
Cisco continues to be the largest vendor and market share leader in the enterprise wired and wireless infrastructure market. The acquisition of Meraki, the release of the Catalyst 3850 and the modularity of the AP3600 series continue to put a wind into the sails of Cisco's One Policy, One Management and One Network messaging. A strong channel combined with a global presence means that Cisco continues to be on the shortlist for all access layer opportunities.
Cisco's Prime Infrastructure and Identity Services Engine (ISE) applications provide management, security and policy network service application functionality for both wired and wireless. Additionally, the vendor has enabled location-based services as part of its Connected Mobile Experiences (CMX), which enables new applications based on network analytics to create business relevance in targeted vertical markets. Cisco focuses on the public sector, healthcare, education, and retail markets, including hospitality. Cisco should be considered for any large enterprise or midmarket opportunity.
- The modularity of the AP3600 series provides Cisco with the ability to deliver 802.11n now, and provides an 802.11ac module for upgraded performance.
- The new Catalyst 3850 is Cisco's first IOS-based wireless controller, providing a switching architecture that integrates wireless functionality. The 3850 comes at no incremental cost, compared with the equivalent 3750-X, with an increase in stacking speed and wireless resiliency.
- To address the midmarket Cisco has expanded its solution portfolio and acquired Meraki. Cisco Meraki's cloud-based architecture provides industry-leading device profiling as well as subscription-based cloud applications that include traffic shaping, WAN optimization and content filtering. This solution should be considered for any location that is appropriate for cloud-based management.
- Cisco's CMX allows venues to detect, connect, engage and offer contextual location-based services to their mobile users. CMX provides better location accuracy through the Qualcomm/Cisco relationship, and a dashboard that delivers flow analytics (from the ThinkSmart Technologies acquisition), as well as URL, device and user analytics.
- Cisco Prime offers wired and wireless management with integrated user application experience, but execution and delivery on the road map for additional upgrades for a single access layer experience are needed for Prime to remain competitive.
- Updates for ISE have been announced in version 1.2, but are not yet shipping. Clients should ensure that necessary functionality is available in the released feature bundles. The lack of packaging flexibility and the initial price tag provide a barrier to reaching SMBs.
- Clients should look to Cisco to make progress simplifying and streamlining its combined offerings of Meraki software and hardware solution with Cisco's existing unified access layer portfolio. Meraki's device profiling and user interface are often mentioned by Gartner clients as points of differentiation.
D-Link s provides flexible and secure wired and wireless connectivity. The DWS family of switches provides flexibility for connected wired clients and an integrated control plane for wireless access points with 1 GigE and optional 10 GigE upstream connectivity. Single radio or dual band 802.11n access points show that D-Link made significant progress with its access layer solution in 2012. The network service applications provide wireless intrusion detection (WIDS), basic guest access, client remediation and client forensics. D-Link must be considered for the shortlist in its target markets of Russia, Brazil and India for SMB or branch office solutions, as well as education, government, hospitality and retail market sectors.
- D-Link provides a one-stop access layer solution by offering competitively priced wired switches and wireless access points in a controllerless configuration that also combines network service applications, such as guest access.
- The vendor's Wireless Plus solution provides the ability for enterprises to pay for what they need and retain the option to upgrade as the business expands.
- In its target markets, D-Link also integrates a complete video surveillance solution.
- Enterprises in North America and Europe don't recognize the D-Link brand as a business solution. Enterprises need to verify that resellers have the ability to provide the necessary level of support and hardware service.
- Organizations looking to implement complex network service applications (such as location information integrated with device and user for guest access, or self-service onboarding for BYOD) or to implement policy enforcement beyond user and application need to evaluate the current D-Link functionality to ensure that it will meet your business needs.
Dell defines the edge of the network with the PowerConnect product family, which leverages its internal switching components along with its W-series wireless LAN, delivered through its direct and indirect channels.
The resale of Aruba's ClearPass under the Dell PowerConnect brand still continues to offer a robust wired and wireless, multivendor client onboarding, security and guest access suite of applications. Combining PowerConnect with Instant wireless LAN allows Dell to be a one-stop shop that has the ability to deliver in any access layer opportunity.
Dell targets enterprises from SMB to large enterprises in over 100 countries. Their campus networking solutions focus on verticals include higher education, healthcare, financial services, public sector and government. Dell should be considered for any global access layer solution for SMBs to large enterprises, and especially where managed services are needed.
- Dell maintains one of the largest catalogs of access layer components, in terms of access points and switches appealing to nearly all network design types and price points.
- SonicWALL Global Management System is an application or virtual appliance that provides enterprises with a firewall, anti-spam and backup solution to centralize and monitor security policies for remote access or WAN connectivity. The solution provides enhanced security monitoring capabilities for enterprises with a high-risk profile.
- OpenManage Network Manager provides a unified network management console for all PowerConnect wired and wireless products.
- Dell's managed services allow enterprises to deploy access layer technology in large corporate installations or many remote facilities without have to bring dedicated IT resources to manage new and often complex technologies.
- Dell does not control the development direction of Aruba's wireless hardware or software products and, therefore, is limited in its ability to address enterprise wireless issues that may arise during the implementation.
- Dell does not add any differentiating value to the Aruba ClearPass or AirWave network service applications that would not allow enterprises to separate the Dell components from Aruba during the evaluation or purchasing process.
Enterasys Networks has used its OneFabric architecture to unify the wired and wireless infrastructure. Centralized network management, in addition to the OneFabric Control Center, Mobile IAM and IdentiFi applications to allow IT organizations to manage, monitor and create policy for the vendor's wired and wireless components in the access layer.
Enterasys Networks is making strides with global brand recognition and although we only see the vendor in certain geographies, it continues to expand its sales channel, which provides 96% of revenue. Target markets include five major verticals: higher education, K-12, healthcare, manufacturing and government (federal as well as state and local). Enterasys Networks continues to be an appropriate choice for "greenfield" networks with a requirement for integrating wired and wireless networking, and for existing Enterasys customers and Siemens Enterprise Communications customers.
- The launch of the OneFabric architecture has focused the Enterasys product and messaging on providing a high-quality and consistent user experience for its installed customers.
- The vendor has a complete hardware access layer solution, including network service applications as well as vertical-market-specific applications to provide differentiation.
- OneFabric policy enforcement is flexible, with a wide range of variables that automate the definition and enforcement of networkwide policy rules across the wired and wireless network infrastructure.
- While the vendor continues to invest in expanding its channel organization, enterprises should work with resellers to ensure that Enterasys can provide the level of support for any new geographies or markets where the solution is expanding.
- Service continues to be an important part of the TCO for products that last eight to 10 years, and, while Enterasys places a priority on the quality of its technical support, enterprises must ensure that product warranty and maintenance pricing are part of the TCO evaluation.
- Although Enterasys has virtualized its WLAN controller application in both public and private clouds, and has aggressively priced its access points for wireless connectivity for migrating customers from older platforms, as well as trying to be a low-cost provider, enterprises should evaluate end-to-end functionality and the total cost of the wired and wireless connectivity.
Fortinet offers a complete, end-to-end wired and wireless access layer solution that focuses on security, visibility and management for the midmarket. It has a global presence that is geographically distributed through resellers that deliver its global revenue.
Fortinet's corporate focus has been on providing unified threat management (UTM) through its FortiGate product family. The vendor offers its FortiSwitches and a controller-based wireless architecture for retailers with its FortiAP or as a stand-alone appliance with its FortiWiFi. It is an appropriate choice for SMBs or branch offices, as well as for retail environments (including the retail banking or hospitality market sectors).
- Fortinet has a strong reputation as a security vendor, especially in retail, financial services and government.
- The breadth of the Fortinet product family provides an affordable, complete solution that focuses on simplicity for the configuration and management of wired and wireless products at the edge of the network.
- Network service applications (such as guest access, load balancing, rate limiting, content filtering, policy enforcement and network management) are integrated into the FortiGate platform with no additional licenses or charges. This is important when evaluating the TCO of any access layer solution. Separate pricing is available for virtual machine (VM) versions or separate appliances.
- Fortinet lacks a controllerless solution, which often leaves the vendor at a financial disadvantage, compared with competitors that have such a solution. Enterprises that have implemented FortiGate are required use the platform to host the integrated Wi-Fi controller functionality, as well as its integrated network service applications.
- Fortinet has a strong name in security and in-store retail, but Gartner rarely sees it on the shortlist for wired or wireless client inquiries. Enterprises need to evaluate all usage scenarios to ensure that their needs are met with the proposed solutions.
HP Networking has established itself as a global access layer vendor with its unified wired and wireless FlexCampus solution. HP's integrated security, policy enforcement and network management application provides a comprehensive solution across wired and wireless components. Its Intelligent Management Center (IMC) also has the ability to provide a single pane of glass for wired and wireless solutions.
HP Networking has a large global sales force that focuses on the education, hospitality and government markets, but should be considered for all opportunities in which the entire access layer (wired and wireless connectivity) is being replaced. Every organization should at least consider and competitively include HP in all network evaluations of any size; we mainly see HP considered for SMB opportunities.
- HP provides multivendor wired and wireless management of over 6,000 devices from over 220 third-party vendors, which provides end-to-end access layer management from a single managed application.
- HP's sales channel, as well as its service/support, provides global reach and access to opportunities that only a few vendors can match.
- HP provides a breadth of services, including managed network services, application services, security services and cloud services.
- The lifetime warranty offered on many of the HP access points and switches is an important element when calculating the overall TCO of any access layer solution.
- While the IMC application brings benefits as single-pane-of-glass management, training is recommended to take full advantage of it. There is extensive documentation, but HP should improve accessibility to find the appropriate functionality, especially for the SMB market.
- Training continues to be an area of improvement for HP's WLAN solution, especially in its North America channel, where HP's access layer solution has been misquoted or not proposed.
- Clients looking for a unified wired and wireless switching solution should consider the HP 830 Unified Wired-WLAN Switch, but also need to determine whether this platform will meet their enterprise access layer needs.
Huawei's Enterprise Business Group (EBG) has a strong presence in the Asia/Pacific region, including Japan, Russia and India, as well China, where 72% of its revenue was deployed for access layer solutions. The vendor has made an effort to increase its presence in EMEA during 2012 and continues to market to North America. Huawei's EBG targets healthcare, education, financial services and the public sector/government.
Huawei's Smart Campus solution shows the vendor's vision of end-to-end campus networking in mobility, programmability and video optimization. With its strong carrier heritage, we traditionally see Huawei in the data center or core of large enterprises, but with its new access layer products, including the launch of a controllerless WLAN architecture, we expect to see more Huawei solutions deployed in the access layer. Huawei's eSight network management, eSight TSM and application security gateway provide guest access, onboarding, security and network management.
Huawei should be considered for any enterprise network opportunity within the service provider market, as well as for opportunities where it has a geographical presence.
- In 2012, Huawei invested in next-generation wireless access points, switches, and network services and network security, which give it a rich portfolio of products and the resources to be able to deliver to new markets.
- Huawei has the ability to deploy end-to-end multivendor wired and wireless network management, security, firewall, guest access, policy enforcement applications for enterprises looking for a single vendor. The vendor's solutions can provide differentiation through its automatic network quality analysis, which looks to optimize the network as well as its green energy saving initiatives.
- Huawei has an extensive reseller channel and Gartner also sees it selling to service providers.
- Enterprises looking to deploy in carpeted office environments should review the available information on application functionality for requirements to ensure that it meets their specific network service application needs.
- Huawei solutions are technically capable; however, limited marketing communications continue to limit enterprise awareness in its target markets.
- The vendor has had challenges in expanding its market outside of the Asia/Pacific region, and enterprises should request references for implementation and service of new wired and wireless products and services, especially outside of that region.
In 2012, Juniper Networks experienced double-digit growth from its new access layer switch revenue, but a slight decrease in year-over-year wireless LAN revenue. While the EX2200 and EX3200 are doing well, a slower ramp-up in the channel's WLAN expertise continues to limit Juniper's ability to take advantage of significant access layer growth opportunities specific to WLAN. The vendor's VM-based controller gives customers a wider range of deployment options.
As a global vendor that sells 100% through the channel, Juniper's wired and wireless LAN product lines offer scalable solutions. Its five core markets are government, healthcare, education, finance and service provider. Consider this vendor for campus upgrade and refresh requirements in its targets, where Juniper or Trapeze Networks components are being refreshed at the edge of the network.
- Juniper provides a complete solution for a secure enterprise access network, including the ability to provide switches, routers, wireless, security and management products for its target markets, including a single-pane-of-glass management solution via Junos Space Network Director.
- The addition of wireless controller functionality into the new EX9200 switch platform allows the elimination of a wireless-specific platform for controller functionality and demonstrates Juniper's strategy of a converged wired-wireless environment.
- Juniper's policy enforcement application, Unified Access Control (UAC), allows organizations to define and apply a single policy for user, device or session, independent of wired or wireless connectivity.
- The vendor's multiple network application options for guest access, onboarding and security may require enterprises to remap current or future policies as part of a migration strategy as Juniper continues to consolidate legacy Trapeze functionality into new applications.
- Newly introduced Junos Space Network Director provides single-pane-of-glass management for converged wired/wireless network infrastructures. Clients need to verify that the wired and wireless management functionality that they require, such as client profiling, is available.
- Juniper must continue to grow its enterprise channel and account coverage to spur market share expansion.
Motorola Solutions is a wireless overlay vendor with limited wired port connectivity that can provide end-to-end solutions through strategic wired partnerships. It has a strong global channel organization that delivers over 80% of its revenue. In 2012, we saw a renewed focus by the vendor to provide a complete end-to-end access layer solution.
Motorola Solutions is a global leader in WLAN within the in-store retail, transportation and logistics and government verticals, but also services hospitality, manufacturing and healthcare. The vendor should be on the shortlist for any wireless LAN opportunities in in-store retail, government and other verticals that have data collection, security (including guest access), location and analytical requirements.
- Motorola Solutions offers virtualization and application provisioning and delivery, and plug-and-play architecture that seamlessly integrates with any wired infrastructure.
- Within the vertical markets that it serves, Motorola Solutions extends beyond the network infrastructure to meet the needs of its clients providing not only wired and wireless guest access, onboarding, security and network management, but also push-to-talk capabilities between mobile clients, two-way radio communications, client analytics, as high-definition location solutions.
- Motorola Solution's Global Solutions and Services organization provides a managed service portfolio that includes wired and wireless monitoring and reporting as the vendor proactively manages the day-to-day operations of the network from its network operations center.
- While Motorola Solutions has its own switching products, enterprises looking for end-to-end wired and wireless solutions should get references in all geographies.
- The vendor's wired product offering set fits well for its target markets, but may not address all the requirements of enterprises (such as stacking or additional port density) that are required for an end-to-end wired and wireless solution.
- As the vendor moves outside of its traditional stronghold markets, where there are intangible benefits, enterprises need to ensure that the channel partner has the ability to propose, design, deliver and service a competitive solution.
The Netgear ProSafe wired and wireless solution offers a complete access layer solution for SMBs. Eighty-five percent of Netgear's solution is delivered by North American and European partners that service the education, hospitality, state/local governments and professional services verticals.
The controller-based architecture integrates many of its network services into the platform, such as guest access, AAA server for security and network management. It is an appropriate choice for SMBs or branch offices, as well as for the education, government, hospitality and retail market sectors, where a high degree of complexity or functionality is not needed in network service applications.
- The breadth of the Netgear product family provides an affordable solution that focuses on simplicity for the configuration and management of wired and wireless products at the edge of the network. The vendor's wireless portfolio, with the combination of controller and access points, is competitively priced, compared with all access layer architecture, including controllerless and cloud-based solutions.
- While Netgear's wireless architecture requires a controller platform, it typically resides locally and also provides basic guest access for no additional charge or licenses. Management software is also provided at no charge for up to 200 managed devices. Netgear's Universal Threat Management system works in conjunction with wired and wireless components and applications to provide content filtering and rate limiting functionality on the same platform, although an additional license is needed.
- Netgear's lifetime warranty includes on-site support; this means that enterprises can implement a known brand with low risk, which is very important in the small, midsize, remote and branch office markets.
- Large organizations looking to deploy outdoor access points or 802.11ac during their immediate refresh should evaluate Netgear's longer-term plan, as this is one of the product portfolio gaps today.
- Organizations looking to address onboarding for BYOD or to implement policy enforcement need to evaluate the current Netgear functionality in the existing guest access or UTM applications to ensure that it meets their business needs, because neither application is identified separately.
Xirrus continues to invest in its access layer solution. Historically, a wireless overlay vendor that differentiates itself with its phased array access points and integrated controller, Xirrus released a two-radio access point to add to its existing modular Array product line, which supports from two to 16 integrated radios to better support enterprise environments. Xirrus has now added 24-port and 48-port switches, and a three-port wall plate switch, to continue to enforce its enterprise message. The Xirrus modular Array architecture allows customers to add capacity to an existing Array or upgrade to 11ac. Xirrus Access Manager application provides guest access and BYOD onboarding, and the Xirrus Management System provides network management and analytics. Both can be implemented on-premises or be cloud-based, plus there is an automatic provisioning service, Xirrus Mobilize, in the cloud for registration and initial device configuration. Xirrus has implemented a programmable RESTful API for integration with enterprise applications such as AirWatch for mobile device management (MDM)/mobile application management (MAM) and Euclid for retail analytics.
Xirrus sells through direct and indirect channels in education, healthcare, retail and hospitality, primarily in North America and EMEA. The vendor is also strong in outdoor coverage events, such as stadiums, as well as in highly dense user environments, such as classrooms, auditoriums and entertainment venues where the array can provide a large coverage area and service high-density and performance needs.
- Xirrus now has the ability to provide an end-to-end access layer solution for hardware and network service applications, while providing additional capabilities with its array technology that addresses outdoor or large venues, including stadiums, convention center exhibit halls and auditoriums.
- Xirrus offers a managed service program that can be deployed by partners or directly. The Xirrus cloud-based Mobilize service can provide auto license activation and zero-touch provisioning of the entire access layer.
- A WLAN control plane built into the arrays means that the solution is deployed as a controllerless architecture that is both cost-effective and pushes policy enforcement to the edge of the access layer, including application recognition and QoS via deep packet inspection technologies. The multiradio array architecture also means that fewer arrays need to be installed to provide equivalent coverage, leading to fewer cable runs during installation.
- While Xirrus continues to invest in expanding its channel organization, enterprises should work with resellers to ensure that it can provide the level of support for any new geographies or markets where the solution is expanding, especially in Latin America and Asia, where Xirrus does not have name recognition. Xirrus is addressing this through new relationships with distribution partners and through global partner relationships.
- Xirrus continues to develop new access layer components, including wired switches and smaller access point arrays to address enterprise market needs. Enterprises need to document their usage scenarios and test to ensure that the proposed solution meets all their business needs.
We review and adjust our inclusion criteria for Magic Quadrants and MarketScopes as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant or MarketScope may change over time. A vendor appearing in a Magic Quadrant or MarketScope one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. This may be a reflection of a change in the market and, therefore, changed evaluation criteria, or a change of focus by a vendor.
The following vendor was added to this Magic Quadrant:
The following vendors were dropped from this Magic Quadrant:
- Extreme Networks
- Meru Networks
- Ruckus Wireless
Vendors must be able to demonstrate a minimum of $80 million in 2012 revenue in enterprise-class product revenue for wired and wireless access layer hardware and software solutions, of which a minimum of $40 million is derived from enterprise wireless LAN solutions. All hardware and software components must be available on the vendor's published price list. A minimum of 80% of access layer product revenue must be generated from vendor-manufactured or OEM components. Product revenue must be from enterprise office environments, which may include in-store retail, healthcare, and K-12 and higher education. Product revenue may not include convention centers, hotels or cellular offloading for outdoor environments or public venues, including stadiums and train or bus stations. Vendors must provide factual details on how they meet these criteria.
Vendor solutions must be able to address the following criteria:
- Vendor must minimally sell and support a 24- or 48-port Power Over Ethernet, chassis or stackable switch
- Vendor must minimally sell and support 2X2 and 3X3 access points capable of both 2.4 GHz and 5 GHz radios that can be mounted indoors using Power Over Ethernet.
- Vendor must support a guest access application with the ability to minimally support:
- Ability to provide Web authentication credentials via SMS, email or printout for Windows, iOS and Android clients
- More than one captive portal
- Vendor must be able to minimally support the following security functionality:
- Device authentication for Windows, Android and iOS devices via 802.1X, as well as an authentication method for supporting devices that cannot support a supplicant
- Ability to detect wired or wireless intrusion
- Vendor must be able to minimally support the following policy enforcement functionality:
- Ability to create access policies that minimally include device and user for wired and wireless connectivity
- Ability to traffic shape/rate limit and content filter trusted clients, as well as for guest access connected clients; the solution may be internally developed or a strategic alliance
- Vendor must be able to minimally support network management:
- Must be able to minimally discover and manage wired and wireless access layer infrastructure, including supported switches and access points
We continue to adjust the weighting and criteria for this Magic Quadrant as buyers' requirements and market forces shift what is important for vendors to provide.
Gartner evaluates technology providers on the quality and efficacy of the processes, systems, methods or procedures that enable IT provider performance to be competitive, efficient and effective, and to have a positive effect on revenue, retention and reputation. Technology providers are ultimately judged on their ability and success in capitalizing on their vision.
Product/Service: Here, we evaluate access layer infrastructure products and services consisting of switches, access points and related components needed for the end-to-end solution. This includes network services, such as management, monitoring, access control, policy enforcement and security applications. We also evaluate product migration strategies from legacy implementations, whether there is an incumbent vendor or a new solution provider. We also look at maintenance and deployment service capabilities.
Overall Viability (Business Unit, Financial, Strategy, Organization): Viability includes an assessment of the organization's overall financial health, and the financial and practical success of the business. We also evaluate whether the organization continues to invest in access-layer-related business, including technology and product development, as well as solution delivery to the market, including sales channels, marketing communication and service delivery.
Sales Execution/Pricing: This involves the vendor's capabilities in presales activities and the structure that supports them. This criterion includes deal management, pricing and negotiation, presales support (including communication of differentiating functionality), and the overall effectiveness of the sales channel, both direct and indirect.
Marketing Responsiveness and Track Record: This includes the quality and effectiveness of the organization's marketing messages in communicating to the market the advantages and differentiating capabilities of the vendor's product lines, company and supporting partners/services. This evaluation also includes the history of the vendor's marketing messages and its ability to react to changes in market requirements in its target markets.
Marketing Execution: This criterion focuses on how the vendor is perceived in the market, and how well its marketing programs are recognized. For access layer infrastructure, the evaluation focused on how well the vendor was able to influence the market around key messages and attributes. An additional indicator for this criterion is how often Gartner clients consider a vendor as a possible supplier in a shortlist evaluation. The change in momentum in this indicator is particularly important.
Customer Experience: How do customers and partners view this vendor? This evaluation includes significant input from Gartner clients in the form of inquiries, face-to-face meetings and written responses about the vendors. A key component in this category is the vendor's ability to provide strong presales and postsales support, especially aligned with vertical requirements.
Product or Service
Source: Gartner (September 2013)
Gartner evaluates technology providers on their ability to convincingly articulate logical statements about current and future market directions, innovation, customer needs and competitive forces, as well as how they map onto the Gartner position. Technology providers are ultimately rated on their understanding of how to exploit market forces to create opportunities for themselves.
Marketing Understanding: Does this vendor's marketing message articulate a clear, understandable message that answers the market requirements for technologies and services? Does the vendor's message and supporting products lead the access layer market requirements or merely fulfill them?
Market Strategy: Here, we evaluate the ability of the vendor to influence the market through its messaging and marketing campaigns. Are the issues that are being communicated and addressed meeting the trends in the market and the needs of end users? Are vendors focusing on building their core competencies or are they investing in random technologies?
Offering (Product) Strategy: Does the current and future planned product line meet the needs of buyers now, and how will it do so in the future? Is the vendor simply building products that the buyer is asking for, or is it anticipating the issues that those buyers will face and allocating resources to address them?
Vertical/Industry Strategy: Does the vendor's strategy, direct resources, skills and offerings meet the needs of market segments, including vertical industries? In this market, can the vendor differentiate itself with solutions that are specifically developed for the unique requirements of many verticals, such as healthcare, logistics, manufacturing, retail, hospitality, etc.?
Innovation: What has the vendor done to address the future requirements of access layer infrastructure, including the need for tighter integration with wired networking products, voice, video and application support? Has the vendor successfully differentiated the current and future product lines, to better address customer requirements, both now and two to five years out?
Source: Gartner (September 2013)
A vendor in the Leaders quadrant will have demonstrated an ability to fulfill a broad variety of customer requirements through the breadth of their access layer product family. Leaders will have the ability to control changes to wired and wireless component requirements and provide complete and differentiating access layer applications, as well as global service and support. Leaders should have demonstrated the ability to shape the market, maintain strong relationships with their channels and customers, and have no obvious gaps in their portfolios.
A vendor in the Challengers quadrant will have demonstrated sustained execution in the marketplace, and will have clear and long-term viability in the market, but may not have a complete access layer product portfolio for either products or network applications. Additionally, Challengers may not have shown the ability to shape and transform the market with differentiating functionality.
A vendor in the Visionaries quadrant demonstrates an ability to increase features in its offering to provide a unique and differentiated approach to the market. A Visionary will have innovated in one or more of the key areas of access layer technologies within the enterprise (e.g., convergence, security, management or operational efficiency). The ability to apply differentiating functionality across the entire access layer will affect their position.
A vendor in the Niche Players quadrant demonstrates a near-complete product offering, but may not be able to control development or provide differentiating functionality because part of the solution is being offered through a strategic partnership, whether it is a hardware component or a network application. Niche Players may also lack strong go-to-market capabilities that limit their regional or global reach or service capabilities in their product offerings. Niche Players often have deep vertical knowledge and will be an appropriate choice for users in the specific vertical markets where they have specialized offerings and knowledge.
The historical separation of wired and wireless solutions for LAN access connectivity is disappearing. End users need to connect to network resources, regardless of whether the connection is wired or wireless. While the revenue for wired LAN access ports is still more than double that of wireless, the shifting momentum can be clearly seen as wireless revenue continues to grow at more than 20% annually and switching revenue at the edge is at best flat.
Increasingly, wireless connectivity is being viewed as the default connectivity to the network, as users demand more mobility; moreover, a growing number of devices do not have wired network capabilities. Today, we see a new crop of Ultrabook computers, which have no internal Ethernet jack — devices like these make wireless the default connection, with wired connectivity left to a USB dongle. Additionally, smartphones are increasingly connected to unified communications systems as a replacement for desk phones. While the growth is clearly on the wireless side, it does not eliminate the need for wired connections to the enterprise infrastructure. However, the mix will impact port purchasing as enterprises rightsize and rebalance their networks and address access aggregation and policy enforcement requirements.
The market has now matured to a state where there are no "wired vendors doing wireless" or vice versa; vendors must have an end-to-end hardware solution to be a viable access layer competitor. The historical separation is gone and enterprises should evaluate vendors in the new light of end-to-end access layer capabilities. We evaluated vendors on their ability to provide the entire end-to-end solution, because it is difficult to sit in the seat of the IT administrator when vendors focus on one specific technology or the other. We recognize that some vendors also focus on specific vertical markets (such as Motorola in retail in-store environments, or deployment scenarios such as Xirrus in large or outdoor venues) with special requirements, even as they look to address the needs of a larger enterprise market and provide a complete wired and wireless portfolio.
Additionally, new technologies like 802.11ac will continue to be introduced, but enterprises must look at their usage scenarios to understand whether they should be evaluated as road map technologies or deployed today. Our guidance to clients is that the multiple phases of implementation for 802.11ac make it a technology that they should watch and make sure is on the vendor road map, but should only be deployed with caution at present.
Over half of our evaluation was of the vendors' network service applications to unify onboarding, security, guest access, policy enforcement and network management. These applications reduce enterprise complexity and costs to provision, manage, authenticate and even locate end users across one or multiple enterprise facilities. Vendors continue to provide innovation around network services that are not only wired and wireless, but also support multiple vendors (such as Aruba's ClearPass applications, Aerohive's HiveManager and Alcatel-Lucent's applications). Moving forward, flexible pricing and packaging will also be important as small and midmarket enterprises expect the same functionality as larger enterprises, and Cisco's ISE and Prime, as well as HP's IMC, attempt to close the gap in functionality and ease of use. Additional services that provide improvements in indoor location, voice, video, intrusion detection, network management and security are just the beginning for new application capabilities as vendors search for new areas of differentiation.
Ability to Execute
Product/Service: Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria.
Overall Viability: Viability includes an assessment of the overall organization's financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization's portfolio of products.
Sales Execution/Pricing: The vendor's capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel.
Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor's history of responsiveness.
Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization's message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This "mind share" can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities.
Customer Experience: Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on.
Operations: The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.
Completeness of Vision
Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs, and can shape or enhance those with their added vision.
Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements.
Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base.
Offering (Product) Strategy: The vendor's approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements.
Business Model: The soundness and logic of the vendor's underlying business proposition.
Vertical/Industry Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.
Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.
Geographic Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the "home" or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market.