Hype Cycle for Enterprise Networking, 2026
22 May 2026 - ID G00846621 - 108 min read
By Mike Leibovitz, Jonathan Forest, and 2 more
AI agents are disrupting enterprise networks, while AI workloads are reshaping data center networks. Security demands are also intensifying, driven by regulatory, sovereignty and emerging quantum pressures. Heads of I&O can leverage this Hype Cycle to help prioritize their networking investments.
Analysis
What You Need to Know
The 2026 Enterprise Networking Hype Cycle captures a marketwide inflection in how enterprise networks are built, operated and secured. AI-driven operating models are challenging long-standing approaches based on dashboards, CLI access, deterministic automation and manual intervention. Attention is rapidly consolidating around agentic network operations (NetOps) and related constructs that reshape how network decisions are formed, coordinated and executed.
In parallel, enterprises are rethinking network architecture to support new workload and traffic patterns. These include AI training and inference workloads, as well as increasingly distributed application architectures. AI network fabrics, cross-cloud networking and emerging WAN backbone services reflect rising demand to move, steer and secure traffic dynamically across cloud platforms and distributed environments. These workloads introduce fundamentally different scale, latency and data movement requirements compared with traditional enterprise applications.
Security will be increasingly shaped by these combined operational and architectural shifts, as organizations focus on governing data in transit and at rest amid real quantum risk, geopolitics, regulatory pressure and sovereignty concerns. These are pushing security considerations deeper into network design and operational decision making, rather than only being addressed through incremental controls.
The Hype Cycle
This Hype Cycle describes the 30 most-hyped innovations in enterprise networking. In each innovation profile, Gartner defines the concept, describes its expected value, and assesses adoption, along with key drivers, growth inhibitors and recommendations. This year’s Hype Cycle reflects a meaningful reordering of enterprise networking priorities, with five new innovations signaling where attention and investment are shifting.
New Hype
Five new innovations were added this year to reflect emerging demand signals and evolving enterprise priorities:
- Sovereign networking
- Energy-efficient AI networking
- OpenTelemetry
- Cross-cloud networking (CCN)
- VibeOps
Together, these additions highlight growing attention to data governance, observability, AI infrastructure efficiency, distributed connectivity and new operating patterns as enterprises adapt to more complex workloads and regulatory environments.
Peak Hype
The Peak of Inflated Expectations is concentrated around capabilities that promise to reshape how networks are built, operated and secured. Agentic NetOps and network digital twins sit firmly in the peak as enterprises and vendors place high expectations on AI-driven approaches that can reason network state, simulate outcomes and coordinate action across domains.
Architectural and backbone-oriented capabilities also cluster near the peak. AI network fabric and alternative WAN backbone services (XBaaS) reflect heightened expectations that enterprises can simplify connectivity and better support cloud and AI workloads through more flexible, software-driven architectures. Cross-cloud networking, while highly visible, remains just short of peak expectations as enterprises move toward more sophisticated multicloud use cases.
Security-driven innovation remains prominent at the peak, with universal ZTNA, postquantum cryptography and quantum networking attracting strong interest as organizations prepare for longer-term data protection challenges shaped by quantum risk, regulatory pressure and geopolitical concerns.
Fast Movers
Several innovations moved more rapidly than typical year-to-year shifts. Agentic NetOps accelerated sharply toward peak expectations as interest surged in AI-driven operational models. Network AI assistants moved quickly into the Trough of Disillusionment as assistant capabilities became broadly available across vendors and end users increasingly shifted focus toward prompt-driven, interface-centric AI.
Outside of AI operations, Wi-Fi 7 (802.11be) advanced rapidly, as products became broadly available and deployments scaled. OpenRoaming moved quickly past peak expectations, as slower-than-anticipated adoption by authentication providers constrained near-term enterprise impact.
The Priority Matrix
Given the critical role of network infrastructure in modern digital business, enterprises often face challenges accelerating adoption of new networking technologies due to the risk and blast radius of network change. The Priority Matrix helps heads of I&O identify transformational and high-impact technologies that are likely to mature next, and distinguish where near-term action is warranted versus where preparation and capability building are more appropriate.
Short-Term (Less Than Two Years)
In the near term, SASE stands out as the only transformational capability positioned for mainstream adoption, reflecting its role as an established foundation for converged networking and security. High-impact technologies such as network AI assistants and network security microsegmentation are also approaching mainstream use, enabling network and security operations teams to improve visibility, response time and enforcement using existing platforms and skills. These capabilities are well suited for incremental adoption and provide practical entry points for AI-driven network operations and security enforcement improvements.
Several moderate-impact technologies are also maturing quickly. Wi-Fi 7 (802.11be) is broadly available and entering scaled deployment, while AI network fabric continues to advance to support higher-performance and more dynamic traffic patterns associated with cloud and AI workloads.
Midterm (Two to Five Years)
The midterm horizon is shaped by high and transformational impact technologies that introduce operational model, architectural and governance change. Agentic NetOps represents the most significant transformational opportunity, with the potential to reshape how networks are operated by shifting decision making and execution toward AI-driven systems. High-impact technologies such as NetDevOps, OpenTelemetry, function accelerator cards (DPUs), postquantum cryptography and quantum networking will increasingly influence how networks are built, secured and operated across I&O, security and platform teams.
To gain advantage, heads of I&O should use near-term adoption to build operational experience and confidence, while aligning skills, data and governance models to support the higher impact of these technologies as they mature.
To gain advantage, heads of I&O should use near-term adoption to build operational experience and confidence, while aligning skills, data and governance models to support the higher impact of these technologies as they mature.
Priority Matrix for Enterprise Networking, 2026
| Benefit | Years to Mainstream Adoption | |||
|---|---|---|---|---|
| Less Than 2 Years | 2 to 5 Years | 5 to 10 Years | More Than 10 Years | |
Transformational | ||||
High | ||||
Moderate | ||||
Low | ||||
Source: Gartner (May 2026)
Off the Hype Cycle
These technologies are still important, but have been removed from the Hype Cycle:
- IPv6 is now a foundational networking requirement, driven by addressing and platform needs rather than market hype.
- Multicloud networking software (MCNS) has been absorbed into broader cross-cloud networking and WAN architectures, reducing its relevance as a stand-alone innovation category.
- SD-WAN no longer generates sustained hype, having become a standardized component of SASE architectures.
- Software-defined cloud interconnect (SDCI) has lost stand-alone hype as enterprise focus shifts away from last-mile cloud access toward connectivity inside the cloud, across cloud platforms, and along the backbone.
- Network sustainability remains important, but attention has shifted toward infrastructure efficiency and energy-aware design embedded within other networking innovations.
On the Rise
Supplemental Coverage From Space
Analysis By: Mohini Dukes, Mike Leibovitz
Benefit Rating: High
Market Penetration: Less than 1% of target audience
Maturity: Embryonic
Definition:
Supplemental coverage from space (SCS) regulatory framework enables partnerships between satellite, specifically low Earth orbit (LEO), providers and terrestrial mobile operators to expand or fill gaps in cellular coverage. SCS direct to device (D2D) includes unmodified handsets connecting directly to a LEO satellite constellation.
Why This Is Important
SCS fills gaps in terrestrial cellular network coverage initially with emergency or messaging services through compatibility with standard, ubiquitous devices like smartphones. The services address connectivity needs of individual users in remote areas and mission-critical locations outside of terrestrial coverage. Enterprises can derive value by leveraging the ecosystem through partnerships between mobile and satellite service providers and device and chipset manufacturers.
Business Impact
Applying SCS to connect directly to devices can reduce dead spots. Partnerships between satellite providers and mobile network operators (MNOs) allow devices to connect to the LEO constellation using local cellular frequencies. Organizations can expect cellular Internet of Things (IoT) and end-device connectivity even in remote geographies. Initially, this ensures availability of emergency services in remote locations. The technology will evolve to support higher-bandwidth use cases and distributed business operations.
Drivers
- Governments are aiming to diversify connectivity options and improve resiliency and coverage of civilian and defense communications infrastructure. There is an emphasis on building resilient infrastructure while leveraging satellites. Expanding cellular coverage through SCS becomes an attractive option toward achieving such goals.
- SCS direct to device is a potential alternative to expensive classical satellite data connectivity that includes unwieldy or dedicated endpoint equipment and hot spots for remote users and even IoT devices needing occasional connectivity and low data rates. The key benefit of SCS direct-to-device flavor lies in the ability to use an existing mobile handset without any modifications.
- Ongoing work by 3rd Generation Partnership Project (3GPP) starting with release 17 will reduce service costs and ease regulatory challenges. This work will standardize the interoperability between cellular 5G and satellite networks to support 5G New Radio (NR)-based access from smartphones and IoT devices. In the long term, support for the Ka and Ku bands will provide direct satellite access. The standardization efforts are beginning to drive a diverse ecosystem that was absent in the case of isolated services that required modifications to end devices.
- Mobile operators wanting to augment their footprint and retain incumbency are partnering with LEO service providers as a path toward future revenue growth. Ubiquity of existing cellular devices vastly increases the service availability prospects and scale of connectivity across use cases and geographical locations.
Obstacles
- Satellite service providers must be financially healthy since the business case is still in formulation given the large investment required. Constellation scale is a key factor with respect to geographical reach and availability of additional services like broadband.
- Services will primarily focus on consumer connectivity. Expect IoT and enterprise use cases to be addressed additionally.
- Initially, bandwidth from satellite connectivity is limited and suitable only for text or emergency messaging and basic data applications. Voice and video calls are in trials but not commercially available.
- Not all cellular-capable IoT devices will use SCS because the cost-effectiveness is still unclear and some of the IoT devices currently use, for instance, GEO satellite-based NB-IoT connections.
- Coordinating spectrum use and managing radio signal interference between nonterrestrial LEO satellite and mobile operators is still a work in progress.
User Recommendations
- Identify the most critical locations where operations will benefit from SCS direct-to-device offerings. Test for service performance variations at different locations with a representative set of devices.
- Include LEO-based SCS using unmodified devices in strategic connectivity planning for remote or mission-critical locations.
- Engage with MNOs and/or LEO providers to gauge their partnership plan for SCS within or across geographical regions. Regulations that permit such partnerships will be crucial to wider availability of SCS.
- Make cellular the foundational communication choice, and source SCS based on the MNO-LEO provider partnership and types of connectivity access services that are available.
- Validate the technical viability and financial health required by the LEO provider to launch and maintain their constellation.
- Expect performance to vary based on the location because capacity may be limited and depends on the number of cell devices in the satellite footprint.
- Prepare for international availability by liaising with local regulators and resellers.
- Engage with your mobile operators to assess their plans to offer SCS.
- Monitor the traffic profile and usage to gauge service pricing as video and voice services are added in the future.
Sample Vendors
AST SpaceMobile; Lynk; Skylo; SpaceX
Gartner Recommended Reading
Sovereign Networking
Analysis By: Tim Zimmerman, Mike Leibovitz, Andrew Lerner
Benefit Rating: Moderate
Market Penetration: 1% to 5% of target audience
Maturity: Emerging
Definition:
Network sovereignty is a design paradigm where organizations prioritize control over their network infrastructure, ensuring the control plane, management plane and data transfer remain under or within a specific jurisdiction. This helps prevent (or limit) foreign influence and access from an external jurisdiction. Network sovereignty represents a spectrum of design decisions and is not a binary condition.
Why This Is Important
Sovereign networking is a business imperative driven by increasing geopolitical tension and new regulations. It enables organizations to achieve digital sovereignty by prioritizing absolute control over their network infrastructure, including control, management and data planes.
Business Impact
Client inquiry volume in sovereignty has increased four times over the past year, driven by increasing geopolitical tension and new laws and regulations. This ensures technological resilience, supports national security objectives, and protects critical data and operations from external jurisdictional control or foreign government access, thereby mitigating significant compliance and operational risk.
Drivers
- Increased risk driven by geopolitical tension: There is an increasing need from some countries to reduce or eliminate their reliance on global or regional cloud resources.
- Regulation or law driven sovereignty: New country or regional regulations require management, control and data to stay within geographically specified areas.
- Data and operational security risk: The need to protect critical data and operations from external jurisdictional control or foreign government access and also assure better local and cultural representation.
Obstacles
- Technical dependency on global resources: Cloud or AI applications as well as network management plane applications have been designed to use the compute, storage and microservices of global or regional clouds that do not meet sovereignty requirements.
- Economic costs and scale challenges: Building and operating sovereign networks requires massive investment that lacks the ability to compete with global providers.
- Limited vendor options: Many networking vendors (e.g., service providers, infrastructure vendors) have limited options to control data transport or the control plane.
User Recommendations
- The degree of sovereignty for network implementation is a spectrum, and the key concepts to focus on when determining the degree of sovereignty are:
- Control
- Ownership of the network infrastructure (including hardware and software,
- Physical data transport options (including country inclusion/exclusion), where security is enforced
- How telemetry data is handled
- Incorporate sovereign networking as a design requirement within all sovereign cloud and sovereign AI initiatives. This includes where traffic physically flows, jurisdictional ownership and management and control of the network infrastructure.
- Prefer network vendors that offer multiple options to address jurisdictional requirements surrounding routing and transport, encryption, security enforcement and inspection.
Sample Vendors
Arista Networks; Cisco; Extreme Networks; Fortinet; Hewlett Packard Enterprise; Huawei
Gartner Recommended Reading
VibeOps
Analysis By: Andrew Lerner, Roger Williams, Cameron Haight
Benefit Rating: Moderate
Market Penetration: Less than 1% of target audience
Maturity: Embryonic
Definition:
VibeOps is an approach to deploying and managing IT infrastructure where the administrative UI is a natural language conversational interface supported by a language model. VibeOps is primarily intended to enable developers — not I&O personnel — to drive operational infrastructure tasks, such as provisioning resources, configuring load balancers, or troubleshooting issues.
Why This Is Important
VibeOps improves developer productivity by abstracting simple and complex infrastructure management into conversational interactions, allowing developers to remain in flow. It lowers the barrier to entry for performing infrastructure operations, enabling less experienced personnel to handle routine tasks. However, it introduces substantial risks regarding consistency, security, and compliance that organizations must manage before broad adoption.
Business Impact
VibeOps can accelerate software delivery velocity and reduce the support burden on dedicated I&O teams by enabling autonomous infrastructure adjustments. It facilitates agile prototyping and experimentation, allowing teams to turn ideas into working examples with minimal delay. This approach reduces context switching for developers, translating to faster time to market for digital products.
Drivers
- Advances in large language models (LLMs) and AI agents now enable systems to continuously interpret system signals and human intent to take operational action.
- The rising popularity of vibe coding creates demand for infrastructure tools that maintain developer flow and minimize distractions caused by context switching.
- Standardization developments — such as MCP and A2A — are accelerating the ability of AI agents to interface with diverse infrastructure platforms.
- Organizations are seeking ways to reduce the time and cost to implement infrastructure changes.
- Democratization of IT — including the increased use of product teams and fusion teams — is driving more demand for ways to reduce the dependency these teams have on the I&O function to get work done.
Obstacles
- Changes driven by personnel inexperienced in I&O increase the risk of outages, cyberattacks, and compliance violations.
- Configurations generated by VibeOps can drive inconsistency and noncompliance, raising major questions and concerns.
- VibeOps implementations likely neglect essential change management, audit trails, and rollback mechanisms required for regulated enterprise environments.
- Abstracting infrastructure tasks may stifle the development of essential skills and knowledge among I&O personnel.
- Usage of VibeOps exclusively in development can create inconsistencies with production environments.
- The term carries hype and is polarizing and many I&O practitioners dislike it or feel it is too “cute.”
- Organizations not embracing vibe coding will not benefit as much from VibeOps.
User Recommendations
- Treat VibeOps as a complement to — not a substitute for — established DevOps and prescriptive automation workflows.
- Use interest in VibeOps as a demand signal for self-service capabilities and increased developer empowerment that could be met through other approaches such as IPE and SRE.
- Restrict initial VibeOps usage to sandboxed, nonproduction environments to facilitate rapid prototyping without exposing the enterprise to availability or security risks.
- Implement robust governance and guardrails, utilizing landing zone architectures to ensure AI-driven changes adhere to security policies.
- Leverage VibeOps capabilities for read-only I&O activities — such as troubleshooting and reporting — to gain efficiency without altering system state.
Gartner Recommended Reading
Wi-Fi 8 (IEEE 802.11bn)
Analysis By: Mike Leibovitz, Tim Zimmerman
Benefit Rating: Moderate
Market Penetration: Less than 1% of target audience
Maturity: Embryonic
Definition:
Wi‑Fi 8 (IEEE 802.11bn) is a prestandard Wi‑Fi generation expected to be ratified in 2028. It introduces enhanced multi‑AP coordination, tighter synchronization and improved spectrum efficiency aimed at delivering more predictable and stable performance in dense or interference‑prone environments.
Why This Is Important
Wi‑Fi 8 is important because enhanced multi‑AP coordination and tighter synchronization aim to reduce latency and performance variability in dense deployments. These improvements strengthen everyday IT connectivity and better support the rising mix of automation systems, physical‑AI endpoints and real‑time devices across enterprise, residential and public environments.
Business Impact
Wi‑Fi 8 can reduce performance variability in environments where Wi‑Fi has traditionally been challenged, including dense areas, interference‑prone spaces or mobility‑intensive environments. These gains improve reliability for employees, customers and connected devices while supporting the growth of machine‑driven and real‑time digital operations.
Drivers
- Industry attention around ongoing IEEE 802.11bn standards work is generating interest in what the next Wi‑Fi generation may enable, before products become available.
- Rising volumes of connected machines, sensors, wearables and real‑time endpoints are increasing pressure on Wi‑Fi networks, particularly where density, interference and variability are common.
- Organizations are seeking stronger and more predictable wireless performance in environments where current Wi‑Fi generations face limitations, including congested indoor spaces and high‑activity operational areas.
- Expectations for physical‑AI, continuous‑operation and machine‑driven devices across enterprise, residential and public environments are elevating interest in future Wi‑Fi standards that could deliver more stable and consistent connectivity.
Obstacles
- The 802.11bn standard is still being written and no products are shipping yet, creating uncertainty around final capabilities, timelines and maturity.
- Infrastructure and client devices typically become available at different times and with different feature sets, so early deployments may not realize intended benefits.
- The advanced coordination and timing features planned for Wi‑Fi 8 require new silicon and complex firmware across access points and clients, and precedent from recent generations indicates that some proposed capabilities may not ship or may not reach broad maturity.
- Enterprises that need highly mobile or safety‑critical performance will deploy private cellular or Wi‑Fi 6E/7 until Wi‑Fi 8 ecosystems stabilize and certified products are broadly available.
User Recommendations
- Avoid prestandard or “Wi‑Fi 8‑ready” offerings until the 802.11bn standard is finalized and certified products are available, as no Wi‑Fi 8 hardware is shipping and capabilities may change before ratification.
- Continue planning and investing in Wi‑Fi 6, Wi‑Fi 6E and Wi‑Fi 7 over the next several years, since infrastructure and client support for Wi‑Fi 8 will arrive at different times and early deployments will offer limited benefit.
Gartner Recommended Reading
Energy-Efficient AI Networking
Analysis By: Nauman Raja
Benefit Rating: High
Market Penetration: 1% to 5% of target audience
Maturity: Adolescent
Definition:
Energy-efficient AI networking enables AI-scale infrastructures to grow within fixed power limits by reducing the energy required to move data. It improves efficiency by minimizing electrical signal loss, simplifying optical paths, flattening network topologies, and adopting liquid-cooled, AI-optimized switching technologies to lower energy per bit and idle power consumption at scale.
Why This Is Important
AI-driven GPU clusters are pushing data centers toward power limits, forcing architects to find efficiency gains across the entire stack. Networking is a major opportunity because optics, switching silicon and cooling consume a growing share of total power. New optical, cooling and co-design approaches allow organizations to scale GPU workloads within power budgets.
Business Impact
Energy-efficient AI networking improves the economics and sustainability of AI training and large-scale inference by reducing network-driven power and cooling costs. As GPU clusters scale, network power efficiency becomes a limiting factor alongside GPU availability. More efficient networks enable higher GPU density, faster job completion and better utilization within power and carbon budgets.
Drivers
- The speed of AI deployments is outpacing the electrical grid; without power-efficient hardware, AI deployment will slow due to lack of power
- Rapid growth of east-west “elephant flows” from distributed AI training and inference workloads
- Data center architecture moving from AC to DC in order to remove AC-to-DC conversion wastage
- Introduction of co-packaged optics and liner pluggable optics that eliminate DSP-heavy transceivers and reduce per-port power
- Transition to 51.2 Tbps and 102.4 Tbps switches that require liquid-to-chip cooling for energy-efficient operation
- Network power inefficiency in traditional DSP-based optics and fan-cooled switches, driving vendors toward linear and co-packaged optics, as well as liquid cooling, to reduce electrical loss and cooling overhead
- Network-driven job completion time emerging as a critical economic factor for AI training and inference, as inefficient fabrics leave GPUs underutilized while still consuming power
Obstacles
- Higher acquisition costs and immature supply chains for co-packaged optics and liquid-cooled switches
- Reduced modularity, serviceability and multivendor interoperability in tightly integrated designs
- Operational complexity introduced by liquid cooling and new failure domains
- Limited enterprise experience designing flattened, high-radix AI fabrics
- Benefits remain concentrated in large-scale AI environments, limiting near-term adoption elsewhere
- Lack of mature, cross-vendor standards and comparable benchmarks for energy-efficient AI networking, making it difficult for enterprises to objectively evaluate power efficiency
- Increased risk of vendor lock-in with co-packaged optics, as optical engines are integrated into the switch backplane and cannot be independently sourced or replaced, unlike pluggable transceivers used in traditional SFP-based designs
User Recommendations
- Pit networking vendors against each other for AI network buildouts. In 2026, AI scale-up is tied to the GPU vendor.
- Make the power efficiency of the switch part of the RFP process, which is the total power draw of the switch divided by the total switching throughput in gigabits per second.
- Make idle power consumption part of the RFP process.
- Work closely with AI engineers to understand the GPU requirements, so hardware and software are aligned (co-designed).
- Evaluate linear pluggable optics and co-packaged optics against AI workload scale, reach, serviceability and power targets, and deploy each selectively where their trade-offs align with cluster size and operational maturity.
- Use high-radix, high-port-count, fixed-form switches to reduce network tiers and total device count.
- Plan for liquid-to-chip cooling as throughput exceeds air-cooling efficiency limits.
- Require vendors to provide power telemetry across silicon, optics and cooling components.
Sample Vendors
Arista Networks; Cisco; Hewlett Packard Enterprise (HPE); Huawei; NVIDIA
Gartner Recommended Reading
6G
Analysis By: Kosei Takiishi
Benefit Rating: High
Market Penetration: Less than 1% of target audience
Maturity: Embryonic
Definition:
6G is the next generation of cellular technology after 5G, currently studied under ITU‑R IMT‑2030 and early 3GPP activities. Although not fully defined as of 2026, early commercialization is expected around 2029 by leading communications service providers (CSPs). 6G targets AI‑native, sensing‑enabled networks with near‑terabit‑per‑second peak data rates, sub‑millisecond latency, improved energy efficiency, and ubiquitous coverage enabled by integrated nonterrestrial networks.
Why This Is Important
- Beyond greater speeds and higher efficiency, 6G plans to improve 5G by supporting new capabilities that facilitate multitechnology integration and use cases, and learning from 5G commercial experiences.
- The proliferation of agentic and physical AI systems shifts connectivity requirements toward network‑native intelligence, integrated sensing and deterministic ultra‑low latency that exceed the architectural limits of 5G.
- 6G aims at enabling distributed AI inference and agentic workflows at the network edge, allowing autonomous systems, robotics and real‑time digital‑physical convergence to operate reliably beyond centralized cloud or best‑effort connectivity models.
Business Impact
6G will enable new categories of services built around persistent AI agents, real‑time digital‑physical fusion, and wide‑area sensing. Enterprises can expect more deterministic connectivity for immersive collaboration, autonomous operations, and mission‑critical systems. For CSPs, 6G shifts the value proposition from connectivity alone toward AI‑driven platforms combining communications, compute and sensing.
Drivers
- Government and policy momentum:
- National and regional governments increasingly view 6G as a long‑term strategic infrastructure priority. Across major economies, public policies have emerged that emphasize spectrum planning, early standards engagement, and sustained public funding for 6G research and development. Regions including North America, Europe, and Asia/Pacific — encompassing countries such as China, South Korea, Japan and India — are advancing national or coordinated 6G initiatives to shape future wireless leadership and ecosystem positioning.
- Standardization progress:
- 3GPP held its first TSG‑wide 6G workshop in March 2025 and confirmed that Release 20 will focus on 6G studies, with normative specification work expected from Release 21 (starting around 2027). This provides the first concrete industry timeline toward IMT‑2030 submissions and early implementations.
- AI‑native network vision:
- Industry consensus has strengthened around 6G being designed as an AI‑native system. Major vendors and hyperscalers now position 6G around three pillars: connectivity, wide‑area sensing, and high‑performance compute. Announcements at MWC 2026 highlighted early prototypes and coalition‑based roadmaps targeting commercial readiness from 2029 onward.
- Ecosystem and investment dynamics:
- Vendors, CSPs and semiconductor companies are accelerating 6G research to secure future intellectual property and ecosystem influence. Early lab validations in cmWave spectrum and AI‑RAN architectures indicate a shift from exploratory research toward proof‑of‑concept systems.
Obstacles
- Unproven monetization beyond 5G
- Persistent challenges in turning 5G capabilities into new revenue streams raise concerns about whether 6G will deliver sufficiently differentiated, scalable business value. New use cases enabled by 6G such as immersive XR and holographic telepresence might not result in additional monetization opportunities for CSPs.
- Ecosystem influence risk
- The mobile industry has historically controlled its own specifications and standardization through tightly defined telecom‑centric processes. While 6G discussions increasingly involve players from AI, cloud and vertical industries, it remains unclear whether these external perspectives will meaningfully influence requirements and architecture, or whether 6G standardization will continue to be driven primarily by traditional telecom priorities.
- Risk of overcomplexity and delayed adoption.
- Expanding the scope of 6G beyond connectivity — into sensing, compute, and intelligence — implies a pivot in the scope of the mobile services specifications, increasing standardization, deployment, and regulatory complexity.
User Recommendations
- Monitor discussion of the currently emerging 6G landscape carefully by tracking 3GPP working groups, requirement studies and emerging use cases. Active participation in these is essential if you want to lead critical technology for future 6G services.
- Prepare early trials and proofs of concept in the late 2020s with vendors to learn more about the capabilities of 6G, the required infrastructure and operation changes, and early use cases. Then, begin building skill sets.
- Collaborate with policymakers and regulators to influence spectrum strategy and standards alignment well ahead of commercialization.
Sample Vendors
Ericsson; Huawei; Nokia; NTT DOCOMO; Qualcomm; Samsung; SK Telecom
Gartner Recommended Reading
At the Peak
Agentic NetOps
Analysis By: Jonathan Forest, Karen Brown, Andrew Lerner, Mike Leibovitz
Benefit Rating: Transformational
Market Penetration: 1% to 5% of target audience
Maturity: Emerging
Definition:
Agentic NetOps uses AI agents to operate network operations life cycle tasks. It senses network conditions, interprets goals, produces explainable multistep plans and executes approved actions with verification, rollback and policy guardrails. It can initiate events and policies as well as prompts; retain context across steps or sessions; and coordinate with tools, systems and other agents.
Why This Is Important
Agentic NetOps is an advancement from GenAI network assistants since it uses AI agents to take action and make decisions. It is also an enhancement from network automation, since agentic NetOps software is nondeterministic (so outputs can change) and it doesn’t require a human process to be defined first. Agentic NetOps can improve network performance, efficiency and response times by making rapid decisions that can’t reasonably be achieved through traditional manual network operations.
Business Impact
Agentic NetOps will be judged by the level of human activity that can be minimized or eliminated to improve efficiency and reduce errors in network operations. It will result in richer processing of various data inputs and better outcomes by accelerating and improving decision-making processes, which in turn will enhance the agility and administration of network operations. Agentic NetOps has the potential to deliver semiautonomous networks with near real-time remediation capabilities.
Drivers
- Organizations are seeking to address resource constraints and skills gaps. Agentic NetOps investments are seen as a way to move humans to “on the loop.”
- There are a number of networking vendors, including start-up vendors, that are actively investing in agentic NetOps.
- Organizations are looking to accelerate the detection and resolution of network incidents while reducing false positives. In short, there is a desire to improve the efficiency in network operations.
- Many networking capabilities are becoming commoditized, so improving the operational experience is increasingly driving buying decisions.
- There is a desire to improve network/application performance to enhance end-user experience in support of the organization.
- Some enterprises want to integrate networking and security functionality to improve troubleshooting.
- Platform and cloud teams are having a greater influence on networking decisions. They prefer to use modern automation and AI techniques versus traditional manual approaches to network operations.
- Cloud and carrier networks are using AI agents to improve network operations outcomes.
- Agentic NetOps makes it easier for organizations to manage their network environment in-house and eliminate the need for outsourced managed network services (MNS).
Obstacles
- Most agentic NetOps vendors have limited proven production-ready capabilities.
- Network operations personnel are generally risk-averse, as their objective is to “keep the lights on” and not necessarily to introduce new technology to be more efficient. General mistrust and concerns over AI hallucinations/inaccuracies exacerbate this perspective.
- There is increased potential for complexity and cost of infrastructure to support agentic NetOps software.
- Existing data, telemetry and infrastructure need to integrate with agentic NetOps software. There is also no standard for telemetry data, which means some data will be vendor-specific and not available to stand-alone vendors.
- There is a security risk of AI agents being compromised, spreading malware and going rogue.
- Organizations may not know where to start and what vendor(s) offerings to use, and/or may feel overwhelmed with the potential transformation.
User Recommendations
- Avoid vendor hype of GenAI network assistants masquerading as agentic NetOps software. Pilot agentic NetOps software to fully validate the capabilities and impacts.
- Prefer vendors who provide explainable planning, event‑driven initiation, governed execution with verification and rollback, and integration with your existing operational toolchain.
- Start with areas where traditional automation struggles: multisource (cross‑signal) diagnostics and root cause analysis (RCA), drift and variance remediation, and change‑plan generation.
- Strengthen the quality of telemetry, configuration sources, approvals and policy guardrails before moving forward with agentic NetOps software.
- Be mindful of the potential infrastructure resource/cost impact and security risks when implementing agentic NetOps solutions.
Sample Vendors
Aviz Networks; Cisco; HPE; Huawei; IBM; LinkEye; Nanites; NetPrompt AI; Selector; Supertrace
Gartner Recommended Reading
Cross-Cloud Networking
Analysis By: Jonathan Forest, Simon Richard
Benefit Rating: Moderate
Market Penetration: 1% to 5% of target audience
Maturity: Emerging
Definition:
Cross-cloud networking (CCN) is an offering or feature explicitly designed to connect multiple public clouds with each other. CCN offerings aim to simplify cloud-to-cloud connectivity and reduce provisioning time compared with alternative legacy and do-it-yourself (DIY) methods. The service can be delivered by a third-party provider offering software defined cloud interconnect (SDCI) or by cloud provider offerings such as AWS Interconnect - multicloud or Google Cross-Cloud Interconnect.
Why This Is Important
AI is driving increased traffic, applications are more distributed across clouds, and organizations are seeking resilience against cloud outages. While there are DIY ways to support cloud-to-cloud traffic, CCN simplifies network connectivity using third-party service providers or directly with a cloud provider. Google’s Cross-Cloud Interconnect was an early entry, and AWS has introduced Interconnect - multicloud, providing an open API standards-based connectivity from AWS to other clouds.
Business Impact
CCN offers simpler, faster, and more agile cloud-to-cloud network connectivity. The various options simplify organizations’ ability to architect and provision intercloud connectivity compared with legacy and DIY options. This includes simplifying billing across cloud providers using SDCI as a third-party provider. It also limits the need for third-party vendors where Google Cross-Cloud Interconnect or AWS Interconnect - multicloud offer a solution delivered directly by cloud providers.
Drivers
- AWS Interconnect - multicloud with launch partner Google Cloud Platform marks the first time that there is a structured way for cloud providers to work directly together offering simplicity, rapid provisioning times, and agility for customers.
- There is increased AI-related cloud-to-cloud traffic where data residency is in one cloud and large language models (LLMs) are in another. Processes such as retrieval-augmented generation drive this increased traffic pattern.
- There is a desire for non-network teams to provision connectivity between clouds on demand, without needing deep knowledge from the network teams.
- There is a preference to use a third party to manage billing and network environments across cloud providers.
- CloudOps increasingly manages cloud networking within a single cloud provider, and this would extend that concept across multiple providers.
- There is an increased concern of cloud outages due to recent events, so there is less reliance on a cloud provider.
Obstacles
- AWS Interconnect - multicloud is newly launched, and other cloud providers still need time to develop their capabilities.
- Cloud-to-cloud traffic is nascent, as most traffic flows are between users and workloads in the cloud. Over time, there is also the risk of elevated egress costs when connecting between clouds.
- With the AWS interconnect - multicloud, customers have to work with each cloud provider and pay that cloud provider directly.
- SDCI vendors introduce a third party to manage all cloud connectivity. Customers, in general, are looking to reduce the number of vendors they work with.
- There is potential resistance from highly skilled DIY network teams who typically architect, implement, and operate connectivity end to end.
- There is the potential loss of network visibility with cloud provider solutions, which could require additional tooling.
User Recommendations
- When using CCN, establish governance to control which roles have the ability to provision or use cloud-to-cloud connectivity services.
- Leverage AWS Interconnect - multicloud if your organization relies primarily on AWS but wants to directly connect to GCP (and soon other clouds).
- Leverage SDCI where a third-party cloud-to-cloud provider is desired to manage the overall service and provide a single bill.
- Leverage Google Cross-Cloud Interconnect if your organization relies primarily on Google Cloud Platform but wants to directly connect to other clouds with management support.
- Track new cloud provider integrations with AWS Interconnect - multicloud.
- For DIY organizations, route cloud-to-cloud traffic through infrastructure deployed at a colocation facility. This is effectively still hairpinning, but it avoids the latency of bringing traffic back on-premises.
Sample Vendors
Alkira; Amazon Web Services; AT&T; BT Group; Console Connect; Equinix; Google Cloud Platform; Megaport; Orange Business; Tata Communications
Gartner Recommended Reading
Quantum Networking
Analysis By: Matthew Brisse, Jorge Aragon, Nauman Raja
Benefit Rating: High
Market Penetration: Less than 1% of target audience
Maturity: Embryonic
Definition:
Quantum networking (QN) is the infrastructure and protocols that enable quantum communication (the transmission of qubits) across a topology. Quantum networks carry information in the form of qubits, while most existing networks are based on the binary encoding of 1s and 0s.
Why This Is Important
QN enables organizations to securely connect quantum systems, and cannot be decrypted using existing decryption mechanisms. One of the advantages of a quantum network is that it connects many smaller quantum computers. Just as GPU clusters revolutionized classical high-performance computing, quantum networking interconnects both homogeneous and heterogeneous QPUs linking similar and dissimilar modalities such as trapped ions, photonic quantum computing, and cold atom processors, through entanglement.
Business Impact
Quantum networking will transform the way information is transmitted by security-sensitive industries such as financial services, healthcare, energy, education, defense and government. New, disruptive applications of quantum networks — such as quantum sensing and interconnecting distributed quantum computers — have the potential to create the foundations of a next-generation “quantum internet.”
Drivers
- R&D innovations like testbed networks and pilots are driving interest in and awareness of quantum networks.
- Government and military organizations are funding quantum initiatives and exploring the feasibility of QN to prepare for the next generation of network connectivity. They are focused on increased security and new use cases that involve interconnecting quantum sensors for applications such as helping people navigate in GPS-denied environments. China and Europe have been the most active to date. The EU has launched several centrally funded quantum testbeds and created an open system for ease of public-private collaboration. The most advanced, however, are Chinese initiatives with ground-ground, ground-satellite and satellite-satellite quantum communication infrastructures.
- Academic institutions are the primary drivers of U.S. quantum networking initiatives, exploring the technology’s feasibility to solve real-world scale, performance, and security challenges. Through these research activities, they are simultaneously generating industry interest and cultivating a vital talent pipeline.
- Quantum-based networks are not susceptible to known decryption mechanisms that can be used on existing networks. Thus, organizations concerned about the potential to break traditional VPN encryption are exploring mitigation techniques, which may or may not include quantum and QN alternatives.
- Standards bodies, such as the IEEE, ITU’s Telecommunication Standardization Sector (ITU-T), the European Telecommunications Standards Institute (ETSI), the National Institute of Standards and Technology (NIST) and the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC), are actively working on QN.
Obstacles
- QN is still a nascent technology, but is critical to scale quantum computing with similar and dissimilar modalities.
- Quantum networks are complex to build and expensive to deploy, and there is no clear commercial ROI to build them.
- Quantum networks are not compatible with Ethernet and TCP/IP; thus, they cannot be integrated easily into an organization’s existing infrastructure or the internet.
- Deploying QN requires specialized infrastructures, such as photon detectors, that are hard to integrate with commercial telecom infrastructure.
- QN requires greater timing and synchronization granularity than what classical technologies can deliver, limiting its growth.
- QN still has low qubit transmission rates and is sensitive to noise.
- While quantum networks are more resistant to decryption than existing networks, applying postquantum encryption to existing networks can provide a similar functionality.
User Recommendations
- Focus on tangible business value that quantum networking could deliver in the future. Until then, monitor QN developments, associated network technologies, protocol stacks and emerging platforms.
- Work with your local university or government entities and join their emerging quantum networks to build one or gain experience with QN. These partnerships can enable you to tap into the emerging quantum-enabled talent pipeline and form early relationships with quantum vendors.
- Limit QN to niche/emerging network use cases and test environments, as it is not suitable for “like for like” replacements of existing networks.
- Continue to invest in Ethernet-based networks and postquantum cryptography now, as the quantum network will not supersede current IP/Ethernet networks. The two are not mutually exclusive.
Sample Vendors
Aliro Quantum; Arqit Quantum; Cisco; Juniper Networks; Nu Quantum; Qnnect; Quantum Internet Alliance; SandboxAQ; Welinq
Gartner Recommended Reading
5G Private Mobile Networks
Analysis By: Sylvain Fabre
Benefit Rating: High
Market Penetration: 1% to 5% of target audience
Maturity: Adolescent
Definition:
5G private mobile networks (PMNs) provide mobile services specifically and exclusively to an enterprise or public organization and are based on the 3rd Generation Partnership Project (3GPP) R15 or above. A PMN is used to provide unified connectivity, optimized services and security to interconnect people and things for an enterprise. Deployments can be local or linked to a public network.
Why This Is Important
The importance of 5G private mobile networks lies in giving organizations direct control over wireless performance, security and economics where shared public networks or Wi-Fi cannot reliably meet operational requirements. It can also optimize connectivity costs for large areas; 5G requires far fewer radio nodes than Wi-Fi, which drastically reduces the expense of hardware and cabling.
Business Impact
5G PMN enables transformational use cases (e.g., factory digital twins, edge AI, and computer vision). Unlike 4G, 5G delivers strict deterministic connectivity, guaranteeing sub-20ms latency and massive uplink throughput for critical OT. It offers improved reliability, security and independence, supporting high-density endpoint connections with absolute performance guarantees to drive efficiency gains in automated industrial environments. 5G PMN is the enterprise’s own infrastructure, with limited outside dependency. In practice, the business impact of 5G PMNs is highest in asset-intensive and mission-critical environments, and significantly lower where connectivity requirements can already be met with simpler alternatives.
Drivers
- Practical applications and vertical-specific integration are increasing. Beyond 3GPP, other bodies are now contributing, such as 5G Alliance for Connected Industries and Automation and 5G Automotive Association.
- Liberalization of the radio spectrum has opened up standard radio bands, often around 3.5 GHz, for use by 5G PMN networks.
- The requirement for full, reliable network coverage for machines, sensors and equipment, including indoor, outdoor, office and large industrial areas, at a lower cost than Wi-Fi, is a driver.
- Bridge to edge computing: 5G’s deterministic high-bandwidth and low-latency profile supports embedding edge AI and compute for demanding industrial use cases.
- Shift to NaaS and OpEx: Vendors and SIs now offer flexible, OpEx-based network-as-a-service models, drastically lowering upfront CapEx barriers.
- Some enterprises in specific verticals or those adopting specific use cases deploy private networks because they want to run their network more independently, as their own infrastructure, with limited outside dependency, such as long-term commitment from public network operators.
- Data sovereignty: Strict physical and logical isolation ensures sensitive data remains on-premises, giving defense and regulated clients absolute control.
- Network slicing for strict SLAs: Slicing allows enterprises to secure guaranteed sub-20ms latency for critical OT traffic over shared networks.
Obstacles
- Unclear ROI against alternatives: Cautious enterprises struggle to justify 5G investments, perceiving that mature 4G, Wi-Fi or low-power alternatives sufficiently service most of their current industrial use cases with lower risk.
- 3GPP Release 16 maturity: Buyers perceive that the true value of 5G relies on advanced Release 16 capabilities (such as dynamic network slicing), whose commercial maturity and broad availability are still a work in progress.
- Deployment and integration complexity: Global multisite scaling is hindered by highly fragmented regional spectrum regulations and the technical friction of unifying private 5G with legacy enterprise Wi-Fi and existing OT frameworks.
- Device availability and hardware costs: There remains a limited ecosystem and high cost for ruggedized industrial devices natively designed to operate on the dedicated radio bands available for private network use.
User Recommendations
- Mitigate deployment complexity and internal engineering skill gaps by adopting private 5G through OPEX-based network-as-a-service (NaaS) offerings, thereby transferring operational responsibilities to managed service providers that leverage zero-touch provisioning and unified management dashboards to streamline IT operations.
- Address specialized use cases in conjunction with Wi-Fi by deploying private 5G networks specifically for operational scenarios that demand extensive coverage and stringent, deterministic application performance, rather than positioning private 5G as a wholesale replacement for enterprisewide wireless LAN.
- Enable advanced industrial AI and edge computing applications by aligning critical requirements, such as low inference latency, high-capacity uplink throughput, and data sovereignty mandates, with the unique capabilities of 5G technology prior to finalizing network architecture decisions.
Sample Vendors
AT&T; Celona; China Mobile; Ericsson; Hewlett Packard Enterprise; Huawei; Nokia; T-Mobile; Verizon; Vodafone
Gartner Recommended Reading
Network Digital Twin
Analysis By: Tim Zimmerman, Andrew Lerner, Mike Leibovitz
Benefit Rating: Transformational
Market Penetration: 1% to 5% of target audience
Maturity: Adolescent
Definition:
A network digital twin is a software-based model of the behavior of campus, WAN, or data center network infrastructure. It is delivered as an application that validates configurations, policies, and operational changes for individual components or entire networks using production and end-user data.
Why This Is Important
Enterprise network complexity continues to increase while the pace of configuration, policy, and software changes accelerates, even as skilled network staff remains limited. As automation and AI-assisted technologies become more prevalent, changes that are human-led today will increasingly be human-observed over time. A network digital twin provides a trusted validation mechanism and leads to the safe adoption of agentic technologies.
Business Impact
By checking configurations and policies before they are deployed, a network digital twin makes network changes faster and more reliable. As automation and AI-driven tools grow, digital twins will be essential for controlling changes. This allows for faster updates while cutting down on outages, security problems, and the need for manual testing.
Drivers
- Lack of time and resources to test network component updates: As network vendors adopt agile development processes, new versions of operating systems and applications are being delivered at a much increased pace compared to several years ago. Most IT organizations do not have the ability to completely test one version and fix outstanding issues before the next version arrives.
- Configuration and policy errors are a primary cause of outages: More than 80% of network problems are due to improper configuration and change management issues.
- Cloud migration issues: More than 15% of security breaches are caused by misconfigured cloud services.
- Increasing desire to improve automation: This is driven by the ability to use an automated pipeline to deliver data center network changes.
- Reduced dependence on physical test environments: Organizations struggle to replicate, simulate, or emulate their production networks due to equipment cost or operational expense to keep the environment synced with production systems.
- Employee training: Organizations can use a network digital twin to train new employees in a lower-risk environment.
Obstacles
- High cost of high-fidelity network modeling: Creating network models and test suites is complex and will require skill sets.
- Complexity of modeling multivendor networks: Connecting discrete network components for a single vendor is challenging, and network digital twin tools and IT skills will need to improve for building multivendor composite networks.
- Limited standards and interoperability: Standards are not yet in place and current solutions may be proprietary- or vendor-specific.
- Lack of trust in model accuracy and data freshness: Enterprise network teams may lack trust in digital twins due to the technology’s immaturity or their own limited experience with it.
- Amount of physical resources required: The compute and memory resources required to model a discrete component will require that modeling and testing be completed in the cloud.
User Recommendations
- Invest in network digital twins as a predeployment validation mechanism with the intent that the technology will assist in addressing issues with change windows and risk of outages.
- Use a network digital twin that is delivered as a service, offers subscription-based pricing and supports multiple vendors.
- Deploy a network digital twin to validate changes to existing network configuration, changes in security policies or application migration to the cloud.
- Use network digital twins to reduce dependence on manual testing and expert review
- Calculate the ROI for network digital twin savings resulting from preventing security and configuration issues.
- Educate senior management on the value of discrete and composite network digital twin modeling.
Sample Vendors
Ericsson; Forward Networks; IP Fabric; Keysight; NetBrain; Nokia; NVIDIA
Gartner Recommended Reading
Postquantum Cryptography
Analysis By: Mark Horvath, Sarah Almond
Benefit Rating: High
Market Penetration: 5% to 20% of target audience
Maturity: Early mainstream
Definition:
Postquantum cryptography (PQC), also called quantum-safe cryptography, is a set of algorithms designed to secure against both classical and quantum-computing attacks, with no efficient mechanism for breaking the algorithm on any system. PQC will replace existing asymmetric encryption, which will become unsafe to use around 2030. This will require deprecating existing classical encryption methodologies and processes.
Why This Is Important
- Existing key encapsulation and digital signature algorithms like Diffie-Hellman, RSA and ECC are vulnerable to cryptographically relevant quantum computers and will be unsafe to use by 2030. As a result, common cryptographic functions such as relying on digital signatures, e.g., SAML, JSON Web Tokens, FIDO2, blockchains and key exchanges will require replacement.
- PQC offers organizations a level of cryptographic protection that will remain strong as quantum computers enter the mainstream.
Business Impact
- The advance of quantum computers means that existing asymmetric and digital signature algorithms must be replaced with quantum-safe ones.
- All existing cryptography, network, applications and data security, will need to be inventoried, to ensure proper upgrade/replacement.
- New algorithms have different performance and resource characteristics, so current applications must be retested and, in some cases, rewritten. They are not drop in replacements.
Drivers
- Existing asymmetric encryption algorithms will become vulnerable to quantum-based decryption attacks around 2030, potentially requiring reencryption of all data where the risk of exposure of the symmetric keys or tokens is considered important.
- Governments around the world are preparing and issuing mandates and legal frameworks requiring government agencies and enterprises to start devising PQC strategies. For example, in the U.S., the National Quantum Initiative Act and the Cyber Security Research and Development Act require owners and operators of national security systems and organizations supplying to the U.S. government to start using postquantum algorithms.
- “Harvest now, decrypt later” attacks are an ongoing concern, especially within the scope of the advanced persistent threat. This drives the urgency to implement PQC security measures now, for data at risk.
Obstacles
- Most organizations don’t know how cryptography functions within their operations, where keys and algorithms are used, or how secrets are stored and managed. Swapping them out for new algorithms will be challenging.
- New algorithms have different characteristics than existing algorithms, including ciphertext sizes and different encryption and decryption times. Far from being drop-in replacements, new cryptography will require some experimentation and testing to maintain the dependent application performance envelope.
- PQC algorithms will require new standards. Standards like PKCS and TLS handshakes will be modified to accept the longer key lengths and other attributes of PQC.
- Most vendors are typically unprepared when the time comes to upgrade the cryptography and often require some pushing from their clients to recognize the demand.
- Some crucial systems (e.g., IAM, data security platforms, network equipment) lack built-in crypto-agility.
User Recommendations
- Start PQC migration initiatives now, gaining sponsorship, pulling together key stakeholders and launching a postquantum program.
- Develop cryptography policies for easing the transition to new algorithms. Adopting a policy-based program for cryptographic replacement will reduce confusion and arbitrary choices and increase manageability.
- Build an inventory of all cryptographic assets. Use it to assess exposure and create a prioritised PQC migration roadmap.
- Start experimentation with PQC. Vet and test new PQC algorithms to understand their characteristics, uses and performance and highlight interoperability issues that require vendor action.
- Prioritise crypto-agility improvements. The more seamless cryptographic implementation and management is, the more resilient organizations will be as the algorithm and threat landscape evolves.
Sample Vendors
AppViewX; Crypto4A Technologies; DigiCert; IBM; ISARA; Keyfactor; Palo Alto Networks; SafeLogic; SandboxAQ; Sectigo
Gartner Recommended Reading
AI Network Fabric
Analysis By: Simon Richard, Naresh Singh
Benefit Rating: Moderate
Market Penetration: 20% to 50% of target audience
Maturity: Emerging
Definition:
AI network fabric is a collection of data center purpose-built hardware and software designed exclusively to address AI workload networking requirements. AI network fabrics is consolidated into three complementary domains: scale-up within or racks or between proximate racks, scale-out within data centers and scale-across across data centers.
Why This Is Important
AI workloads have different requirements than traditional data center workloads. For example, packet loss or out-of-order packet delivery between graphics processing units (GPUs), will significantly reduce GPU efficiency. These new requirements are typically not met with existing ethernet technology and necessitate investment in solutions that include new features and capabilities.
Business Impact
AI network fabric enables businesses to scale AI cluster compute nodes, as well as improve GPU clusters efficiency and performance while decreasing GPU idle time and tail latency. The benefits apply to organizations that want to run AI workloads on-premises or in a hybrid cloud setup — reducing idle time for AI workload and enabling jobs to complete faster by increasing performance or scale.
Drivers
- Hyperscalers, AI companies and neoclouds are making huge investments in AI Ethernet fabrics to deliver frontier models and other AI services to their customers.
- Most organizations are not InfiniBand-proficient and prefer using the richer Ethernet-based ecosystem, as well as leveraging their Ethernet expertise.
- There is a significant ramp-up in using Ethernet for scaling out AI clusters for multinode training and inference, relatively to InfiniBand.
- An open Ether-based newcomer, OCP Networking Project's workstream Ethernet Scale-up Networking (ESUN), is positioning itself as an industry alternative to NVIDIA NVLink’s proprietary offering in the fast-growing scale-up market.
- Most vendor data center network investment and innovation are in AI network fabric.
- Vendors are increasingly marketing Ultra Ethernet solutions — leveraging DPU and SuperNICs — and educating customers about them.
- Organizations plan to run inference AI workload on-premises for geographic, regulatory, cost,-control or data privacy reasons.
- Vendors introduced scale-across solutions that address distributed AI inference and training across data centers.
Obstacles
- The initial cost for running GPU AI workload on-premises is very high.
- Memory and laser technology shortages introduce long-term risks around supply chain.
- Organizations do not need AI network fabrics if they’re not running AI on-premises. Most organizations run their experimental or initial AI projects in a public cloud environment or neoclouds to avoid large capital expenditure investment and lock-in with GPU vendors.
- Data processing units (DPUs) and SuperNICs are often needed to enhance network performance and efficiencies — improving the AI infrastructure, but increasing complexity and cost.
User Recommendations
- Leverage your GPU vendor scale-up fabric to its maximum before considering scale-out options.
- Evaluate AI network fabric included in commercial GPU-packaged cluster solutions before looking at third-party alternatives.
- Use a dedicated pair of lossless Ethernet switches for GPU clusters where all of the links can fit within the switch pair — for simplicity.
- Start the deployment of AI network fabric with small scale, test it; then expand to your targeted size. Don’t underestimate the simplicity benefits of connecting all your GPUs using a single switch.
- Deploy your AI network fabric in a dedicated pod of data center as spine-and-leaf switches for AI workloads.
Sample Vendors
Aria Networks; Arista Networks; Cisco; Google; HPE; Huawei; Nexthop AI; NVIDIA; UnifabriX; Upscale AI
Gartner Recommended Reading
Universal ZTNA
Analysis By: Andrew Lerner, John Watts
Benefit Rating: High
Market Penetration: Less than 1% of target audience
Maturity: Adolescent
Definition:
Universal zero-trust network access (ZTNA) extends ZTNA technologies to use cases beyond remote access to support local enforcement in campus and branch on-premises locations. Although universal ZTNA describes a broad ZTNA implementation, the original ZTNA definition was not limited to remote access use cases.
Why This Is Important
Universal ZTNA unifies access control. It extends ZTNA products from remote access deployments to campus environments and creates several benefits for enterprises, including security gap elimination, unified policy, enhanced visibility, simplified operations and modernized pricing models.
Business Impact
Hybrid working creates challenges for employees and administrators due to inconsistent network access implementations, which can lead to lost productivity and increase the likelihood of security and networking incidents. Universal ZTNA helps to streamline network and security policies across multiple environments.
Drivers
- IT teams that aim to deliver a consistent end-user experience for accessing corporate resources, regardless of their physical location.
- IT teams that desire a unified security policy based on identity that allows access to applications regardless of the user or device’s physical location.
- Organizations that have deployed ZTNA for remote workers and want to extend a consistent security policy to users while on-premises.
- Organizations that are looking to simplify their campus networks by moving some of the security controls to the ZTNA software stack.
- Organizations that are looking to replace or refresh their network access control (NAC) implementations with a more software-centric, identity-based and dynamic mechanism.
- Organizations that are looking to enable near-real-time adaptive access controls based on the risk of the user and device, beyond relying on the physical location or Internet Protocol (IP) address of a user or device.
- Vendors are aggressively marketing universal ZTNA.
Obstacles
- Establishing granular user-to-application security policies is difficult for many enterprises to define for all applications.
- Steering traffic to enforcement points may require network redesign, reduce performance or add complexity.
- Campus network investments are driven by refresh cycles, which are often five years or longer.
- Few vendors have robust offerings. Common challenges include unmanaged devices, unauthenticated users, older legacy applications, and IT management tools for patching and software distribution.
- Siloed network and security teams result in organizations overlooking the opportunity to unify remote access and campus security.
- There is an increased outage risk that a ZTNA service failure — or security vulnerability — will impact both remote and campus work simultaneously.
- Organizations fear that UZTNA will not be sufficient to satisfy compliance requirements that specifically reference NAC.
User Recommendations
- Pilot universal ZTNA deployments by extending existing remote access deployments to smaller campus or branch environments — with limited OT — in order to determine feasibility.
- Phase universal ZTNA deployments by starting with secure remote-user-access use cases before extending to on-premises use cases.
- Prefer vendors who provide unified policy from a single management plane and offer both on-premises and cloud-hosted enforcement points to help avoid suboptimal traffic routing.
- Prefer cloud-based management for universal ZTNA deployments to gain faster access to new capabilities from the vendor and avoid having to manage the management system.
- Align universal ZTNA product selection and deployment with secure access service edge (SASE) and security service edge (SSE) initiatives.
- Develop and test a resiliency plan to prepare for unavailable enforcement points and resources that are not reachable — or example, local policy caching when cloud resources are not available.
Sample Vendors
Appgate; Cloud Brink; Fortinet; Netskope; Versa Networks; Zscaler
Gartner Recommended Reading
Alternative WAN Backbone Services (XBaaS)
Analysis By: Karen Brown
Benefit Rating: Moderate
Market Penetration: 5% to 20% of target audience
Maturity: Early mainstream
Definition:
Alternative WAN backbone services (XBaaS) is an option offered by colocation, cloud or security providers that allows enterprise customer WAN traffic to flow across their private backbones. This can improve network security and performance for users, devices and locations, but it also requires customers to procure access circuits to and from the provider.
Why This Is Important
Enterprises continue to look beyond traditional WAN providers to alternative backbone as a service (XBaaS) WAN offerings to support network traffic between their corporate locations. Not only does XBaaS provide a competitive alternative, but it typically offers better application performance because there are fewer router hops on the provider’s private backbone. As a private backbone, it also offers better security compared to public internet transport.
Business Impact
Compared to traditional WAN services, XBaaS offers better application performance and security for transport, which is the largest segment of a WAN. Available from SASE and colocation vendors, these services don’t support end-to-end connectivity. Clients must still buy access circuits from a traditional network provider to link their sites to the XBaaS provider’s node. This can add to cost as well as vendor and network management complexity. XBaaS service geographic reach and SLAs also vary.
Drivers
- Public colocation, cloud and security providers use aggressive marketing and sales techniques to convince enterprise clients to use their backbone services and discard legacy WANs.
- XBaaS is attractive to enterprise customers relying on the provider’s colocation, cloud and security service edge (SSE) services.
- Enterprises often see XBaaS private backbones as a means to improve network security by limiting exposure to the public internet infrastructure.
- As an architecture, XBaaS is compelling for organizations that lack data center investment and instead rely heavily on one public cloud or colocation provider.
- XBaaS provides additional route diversity for clients seeking to improve their WAN business continuity architectures.
- SASE providers’ XBaaS offerings make their solutions more compelling as a single-vendor underlay and overlay vendor option.
- Enterprise dissatisfaction with traditional WAN carriers is high, and many clients seek to limit reliance on these providers. Enterprises often believe that the carriers have ignored their complaints about lack of support and network performance issues, further accelerating their efforts to seek better alternatives.
- Organizations deploying AI and agentic AI are increasingly relying on multiple cloud and neoclouds for support. This increases the importance of WAN performance, which increases the appeal for XBaaS options.
Obstacles
- XBaaS can be more expensive than traditional WAN services.
- Since XBaaS providers support only their own customer traffic, they are less useful to clients relying on multiple colocation, cloud or security providers.
- While XBaaS offers improved security across the provider’s private backbone, this protection does not extend to the access link from the customer’s locations to the provider’s nodes. Access connection security depends on the traditional telco supplier.
- The number of XBaaS nodes is typically small compared to traditional telcos. This can limit resilience options if a node fails and add end-to-end latency depending on an end user’s location relative to the serving node.
- Limited colocation and cloud monitoring data impairs XBaaS value to network operations personnel.
- SLAs cover availability only, lacking circuit performance guarantees such as latency, jitter and packet loss.
- XBaaS providers may not support cloud onramp connectivity to other IaaS or SaaS application providers.
User Recommendations
- Use XBaaS opportunistically, given its higher costs. For example, use XBaaS if there is a specific need to lower latency for high-capacity interregional or intraregional links between data centers or for connectivity to a particular colocation, cloud or security provider.
- Verify that the provider’s backbone aligns with your organization’s corporate location footprint. If the provider’s nodes are a significant distance from any subset of corporate locations, a long access connection will be necessary, which will add cost and introduce latency for performance-sensitive applications.
- Ensure enterprise traffic is secure end-to-end, including security across the access connection. Mitigate the security vulnerability when traffic moves between the access provider and XBaaS providers’ access circuits by adding VPN or ZTNA security to internet access connections or use private access connections such as MPLS.
Sample Vendors
Alkira; Amazon; Cato Networks; Cloudflare; Digital Realty; Equinix; Google; Megaport; Microsoft; Netskope
Gartner Recommended Reading
NetDevOps
Analysis By: Andrew Lerner
Benefit Rating: High
Market Penetration: 5% to 20% of target audience
Maturity: Early mainstream
Definition:
NetDevOps entails applying DevOps and/or continuous integration/continuous deployment (CI/CD) practices to networking activities. This requires an automated pipeline that often includes staging, prevalidation, postvalidation and testing of networking activities such as provisioning. Similar terms used to describe this approach include “NetOps 2.0” and “network as code.”
Why This Is Important
NetDevOps can improve agility, reduce toil and increase reliability. It is particularly valuable for organizations that have implemented infrastructure as code (IaC) because network changes are often a bottleneck in agile workflows. We estimate that less than 10% of enterprises actively use NetDevOps practices currently. Thus, there are ample opportunities to further improve agility while reducing human error within network provisioning and ongoing operations.
Business Impact
The use of NetDevOps practices helps to deliver networking functionality to the business faster, increase overall network uptime and aid with compliance. It can also increase overall IT efficiency via reducing handoffs within workflows between teams.
Drivers
- As organizations implement IaC and DevOps, traditional approaches to network provisioning are not sufficiently agile or reliable. NetDevOps helps to bring the network up to speed with other infrastructure and application processes.
- There is very limited tolerance for network outages or downtime. The practices associated with NetDevOps, such as automated testing, reduce the likelihood of a production impact because of increased testing, peer review, validation and automated rollback.
- NetDevOps practices drive clear workflows and documentation, which helps with auditing and governance, and troubleshooting.
- Network infrastructure and automation vendors are increasingly integrating their workflows with IaC and CI/CD tools, and marketing these concepts.
- For organizations embracing public cloud and cloud-native concepts, networks are typically built and provisioned with the application. Thus, it makes sense to integrate network, infrastructure and app provisioning using the same (or similar) processes.
Obstacles
- Network teams struggle implementing NetDevOps practices, as skill sets, time and rigid processes create challenges.
- NetDevOps requires network engineering skills and software development process awareness. Engineers with both of these skills are limited in supply.
- Some organizations are delaying investing in network automation in anticipation that AI technology will deliver similar outcomes.
- NetDevOps requires highly accurate up-to-date network information (such as inventory, configuration and location), which is uncommon in many enterprises and often referred to as a “network source of truth.”
- Network teams are risk-averse and lack confidence in automating data center networks because the business impact of outages is massive and personal benefits of adoption are often insufficient.
- Inconsistent or undocumented workflows limit adoption.
- Most enterprises do not have “development” or “test” network environments, which limits the effectiveness of NetDevOps practices.
User Recommendations
- Apply NetDevOps practices opportunistically, including as part of broader IaC practices. However, avoid trying to use NetDevOps techniques for all changes.
- Invest in personnel by shifting hiring and training focus toward specific competencies, including Ansible and Python, and cross-pollinating networking teams with adjacent DevOps personnel.
- Invest in a low-code/no-code network automation platform as an alternative to the do-it-yourself approach to network automation.
- Capture and store both device configurations and operational network state (for example, active routing tables) in a version control system.
- Invest in network infrastructure and network automation tools that offer published, open, restful APIs that expose more than 90% of functionality.
- Automate prechange and postchange validation, configuration rollback, and preenvironmental and postenvironmental testing, such as latency and availability checks.
Sample Vendors
Cisco; IBM; Itential; NetBox Labs; Network to Code; OpsMill;
Gartner Recommended Reading
Sliding into the Trough
Coffee Shop Networking
Analysis By: Andrew Lerner, Jonathan Forest, Mike Leibovitz
Benefit Rating: Moderate
Market Penetration: 5% to 20% of target audience
Maturity: Early mainstream
Definition:
“Coffee shop networking” encompasses a combination of technologies that enables a simplified and consistent employee experience regardless of the employee’s location. The user experience is: grab a seat, connect, work from anywhere. The same experience applies whether the employee is in the office, at a coffee shop or working from home. Enterprises typically refer to coffee shop networking in the context of simplifying their branch office networks.
Why This Is Important
Network teams are looking to mimic the employee experience of working at a coffee shop (or cafe) at branch offices. Coffee shop networking can improve employees’ experience accessing applications, simplify infrastructure and potentially optimize network investments. It is aligned with hybrid work requirements and hoteling arrangements where employees are working anywhere and primarily accessing SaaS-based applications.
Business Impact
Coffee shop networking allows flexibility of work location and can simplify and streamline employee experience when accessing applications. This also allows a single consistent security posture irrespective of where the user chooses to work. This is particularly important as many employees are hybrid (employees who work remotely less than one day to four days in an average week).
Drivers
- Coffee shop networking appeals to organizations embracing hybrid work styles and/or for which applications are primarily internet-based SaaS and public cloud, with limited footprint of on-premises apps.
- Employees prefer a simple and consistent user experience when accessing corporate applications, regardless of their location.
- Network and security teams want to deliver a simple, secure and consistent user experience to hybrid working employees.
- Enterprises often have experience with the underlying technology that enables coffee shop networking, including lightweight software-defined WAN (SD-WAN), zero-trust network access (ZTNA), digital experience monitoring and local Wi-Fi.
- Some vendors are actively marketing this concept to users as a new and innovative approach.
- As applications shift to the public cloud and SaaS, the need for multiple WAN topologies beyond hub and spoke diminishes.
- Network teams are looking for ways to reduce or optimize costs for branch and remote workers. Coffee shop networking promises lower costs by reducing the need for private WAN circuits or network/security equipment. However, actual cost savings depend on the specific use case.
- Companies that rent office space (versus owning) where internet access is provided as a utility look to coffee shop networking. This also applies to hoteling arrangements where employees are assigned a desk but are required to be on-site at least a few days a week, which creates the need to work remotely.
- Enterprises that already invest in ZTNA/security service edge solutions want to leverage that investment in the branch office — not only for remote workers.
Obstacles
- Coffee shop networking isn’t well-aligned with the requirements of enterprises that haven’t embraced a hybrid-working model.
- Coffee shop networking doesn’t efficiently address requirements for large amounts of nonusers connecting to networks, including Internet of Things and operational technology (OT), such as printers, badge readers and digital signage.
- Enterprises that maintain a significant number of on-premises applications are not as likely to adopt coffeeshop networking.
- Lack of adoption of SaaS adoption or public cloud services reduces the value of coffee shop networking.
- It is difficult to justify the shift to the coffee shop approach if there are existing investments in next-generation firewall, SD-WAN, and the like that are adequate and aren’t due for refresh.
- Enterprises that avoid using internet connectivity due to either privacy, security or performance concerns are unlikely to adopt this model.
- Preexisting poorly designed/deployed Wi-Fi at branch locations.
User Recommendations
- Prefer coffee shop networking for use cases when your organization is cloud-first, internet-first, WLAN-first, focused on hybrid working and has a north-south traffic pattern for users.
- Include coffee shop networking as an architectural option presented to business leaders when building, refreshing or modernizing branch or campus infrastructures.
Sample Vendors
Cloudbrink; Fortinet; Hewlett Packard Enterprise; Netskope; Zscaler
Gartner Recommended Reading
OpenRoaming
Analysis By: Mike Leibovitz
Benefit Rating: Moderate
Market Penetration: 1% to 5% of target audience
Maturity: Early mainstream
Definition:
OpenRoaming is a federated framework that enables seamless and secure Wi‑Fi roaming by automatically authenticating devices through participating identity providers, eliminating passwords and captive portals for supported devices.
Why This Is Important
OpenRoaming automates guest and visitor access by replacing passwords and captive portals with secure, federated authentication. It connects users to a secure Wi-Fi service set identifier (SSID) without manual onboarding, reducing friction while improving consistency and trust in high‑visitor environments.
Business Impact
OpenRoaming lowers the cost and complexity of guest Wi‑Fi for disparate sets of users by automating authentication and eliminating manual onboarding. By connecting users to a secure SSID instead of an open captive‑portal network, it reduces risk and improves trust in guest environments. Early impact is strongest in airports, stadiums, retail and campus venues, with broader enterprise value tied to identity‑provider participation and device support.
Drivers
- Organizations want simpler and more secure ways to provide guest Wi‑Fi access, increasing interest in identity‑based onboarding that eliminates passwords and captive portals.
- High‑visitor venues such as airports, stadiums, retail locations and campuses see value in automating guest onboarding to reduce support effort and deliver more consistent connectivity.
- Wi‑Fi Alliance Passpoint capabilities and Wireless Broadband Alliance governance provide a standardized basis for federated authentication, supporting gradual ecosystem expansion as more identity providers participate.
- Wi‑Fi 6, Wi‑Fi 6E and Wi‑Fi 7 infrastructure refresh cycles create natural opportunities to enable OpenRoaming during broader wireless upgrades, since modern hardware platforms typically include the required Passpoint capabilities.
Obstacles
- Awareness and adoption remain low across many enterprises and end users, limiting network effects and reducing the practical value of federation‑based onboarding.
- Many devices still require a one‑time profile or configuration before automatic onboarding works, adding early friction that can deter first‑time use and slow broader adoption.
- Identity provider participation is growing slowly, constraining where OpenRoaming can deliver seamless authentication, limiting coverage consistency and reducing perceived value for roaming users.
- Privacy and data‑handling requirements, including regional regulations, create hesitancy around automatic authentication and identity sharing, slowing adoption in regulated environments.
User Recommendations
- Prioritize OpenRoaming evaluations in high‑visitor venues where automated onboarding offers clear value, such as airports, stadiums, retail locations, healthcare, government locations and campus environments.
- Confirm that your Wi‑Fi infrastructure supports Passpoint/OpenRoaming capabilities and that your identity and authentication services (RADIUS or cloud IdP) can handle increased guest usage.
- Identify which identity providers actively participate for your target audience and design onboarding flows around those partners to maximize automatic authentication rates.
- Plan for a one‑time profile installation requirement on many devices by publishing simple instructions and providing a fallback guest‑access option for users or devices that are not yet supported.
Sample Vendors
Boingo; Cisco; Cloud4Wi; Enea; Extreme Networks; HPE Networking
Gartner Recommended Reading
OpenTelemetry
Analysis By: Andre Bridges
Benefit Rating: High
Market Penetration: 20% to 50% of target audience
Maturity: Early mainstream
Definition:
OpenTelemetry (OTel) is a collection of specifications, tools, APIs and software development kits (SDKs) that describe and support the implementation of an open-source instrumentation and observability framework for software. The initiative, curated by the Cloud Native Computing Foundation (CNCF), defines multiple telemetry signals — traces, metrics, logs, and now performance profiles. OTel is widely supported by commercial and open-source observability solutions.
Why This Is Important
OTel provides a vendor-neutral, standardized way to instrument, generate, collect and export telemetry data about application health and performance. It has changed how observability platforms are evaluated, built and adopted. OTel has gained broad support and adoption and is now one of the fastest‑growing projects in CNCF, second to Kubernetes. Many software vendors, cloud providers and observability platforms now offer native OTel integration across their agents, pipelines and back ends.
Business Impact
- OTel provides deep visibility into application health across service boundaries.
- It enables the use of multiple observability vendors and simplifies migrations, benefiting product owners, site reliability engineers (SREs) and platform operators with an “instrument once, analyze anywhere” approach.
- OTel standardizes the encoding and delivery of telemetry and improves reliability and scalability as more vendors become compliant, ensuring seamless data flow between diverse sources and targets.
Drivers
- Uniformity of instrumentation: Distributed traces provide a rich, sequenced perspective to request handling in distributed software but are not always enough to fully identify and resolve anomalies. By including support for correlating metrics and logs with traces, OTel incorporates a more complete dataset for application observability use cases.
- Software architecture: Microservices, containers and serverless functions are powerful constructs that serve as the basis for modern applications. Loose coupling facilitates the build, test and release of independent components.
- Cost of observability solutions: Many organizations have struggled with the cost of monitoring all of their applications with commercial observability offerings and either reduce the monitoring footprint or use a low-cost, secondary solution. OTel facilitates the latter by allowing the same telemetry to be flexibly routed to different solutions.
- Site reliability engineering: In many organizations, SREs are responsible for health and performance management, and are the most likely to demand insights from OTel. Interest in building an SRE role and adopting SRE practices is increasing.
- Project stability: The OTel project has applied to become a “graduated” project, in CNCF parlance, which offers a level of assurance that stability and maturity are sufficient for widespread production use.
Obstacles
- Maturity: OTel is evolving rapidly and beginning to be used widely in the field. There may be a cost in time and effort associated with adopting it now that will diminish over time.
- Implementation variations: Universal compatibility across vendors is difficult to achieve. Although the project’s implementers have succeeded in a big way, there are still occasional wrinkles at the edges.
- Limited expertise: Although an increasingly prominent industry standard, OTel expertise is unevenly distributed. Organizations looking to adopt it may struggle to find trained personnel or traverse the learning curve themselves.
User Recommendations
- Choose vendors that are committed to OTel when selecting monitoring tools and observability platforms, especially those built on top of OTel as a foundation.
- Embrace OTel for distributed tracing today when building trace instrumentation into your custom application software.
- Instrument your cloud-native applications using OTel SDKs as they are available for your languages and frameworks. Zero-code instrumentation mechanisms, many based on eBPF, are also becoming more commonly available.
- Augment existing observability solutions with OTel for hybrid workloads.
- Familiarize yourself with OTel by experimenting with the OTel Demo, a complete, services-based sample application with problem-solving scenarios.
Sample Vendors
Amazon Web Services; Chronosphere; Cisco Systems; Dash0; Dynatrace; Elastic; Grafana Labs; Honeycomb; New Relic; Observe
Gartner Recommended Reading
eBPF
Analysis By: Simon Richard
Benefit Rating: Moderate
Market Penetration: 5% to 20% of target audience
Maturity: Adolescent
Definition:
Extended Berkeley Packet Filter (eBPF) is a capability of the Linux operating system kernel that allows specific instruction sets to run (sandboxed) inside the kernel. It enables organizations to add features to Linux without changing kernel source code or requiring kernel modules.
Why This Is Important
eBPF increases the extensibility of Linux. It allows users to create hooks that are triggered by Linux kernel events. This offers a safer and simpler way to add capabilities, such as for performance, security and observability, in Linux systems. Technology vendors use eBPF to avoid loading third-party kernel-level modules, which carry inherent risks.
Business Impact
eBPF improves observability, security and performance for applications. However, most enterprises will not use eBPF directly. Technology vendors use eBPF as an underpinning technology in their products and services to improve the performance and safety of their interactions with Linux systems. eBPF allows extremely technically savvy organizations to safely and quickly make changes to Linux. It is an improvement over alternative approaches, such as using Linux kernel modules or upstreaming to the Linux distribution.
Drivers
- Hyperscalers use eBPF to deliver more efficient cloud offerings. Networking, monitoring and security vendors, including the largest cloud-native application protection platform (CNAPP) offerings, also use it in their products.
- eBPF is becoming a fairly common approach to building alternatives to user-mode agents for observability platforms.
- eBPF is becoming a common technique for capturing API traffic in API protection market tools.
- Vendors use eBPF to remediate kernel vulnerabilities without patching to address Day 0 vulnerabilities and more efficiently handle distributed denial of service (DDoS) attacks.
- eBPF helps overcome the scale and visibility limitations of iptables, which is the networking stack in Linux. eBPF helps optimize and customize Linux network packet handling by processing packets earlier in the cycle.
- Vendors are increasingly using eBPF in their carrier network infrastructure (CNI) software to improve performance, security and network visibility.
- Microsoft has been investing in eBPF capabilities in Windows since 2021 and supports eBPF today in an open-source release of Windows.
Obstacles
- While eBPF is realistic for technology vendors and hyperscalers, most enterprises lack the expertise and skills necessary to build and integrate eBPF-based functions.
- Most enterprises do not have the awareness, need or risk tolerance to tackle Linux kernel challenges directly.
- Some older Linux kernels don’t support eBPF or only partially support the latest features.
- Concerns about security and system reliability will severely limit what organizations are willing to deploy using eBPF, as poorly written eBPF programs can directly impact the operation of the Linux kernel.
- Integration and backward compatibility with existing non-eBPF-enabled products pose challenges.
- Microsoft Windows supports some eBPF features in preview mode, but not in GA.
User Recommendations
- Migrate to more modern platforms if your organization is still using Linux distributions with limited or no eBPF support. Seek eBPF-based container network interface (CNI) solutions when scale, performance, visibility and security are top priorities.
- Assess vendor support to eBPF and maturity on their implementations.
- Configure eBPF securely so that it does not become an attack path or vulnerability.
- Explore whether eBPF can meaningfully address your organization’s performance, security or visibility challenges by supporting technologically advanced enterprises.
- Invest in eBPF, if you are a networking or network security vendor, to improve performance, enhance visibility and remain competitive.
Sample Vendors
Aqua Security; Cisco; Cloudflare; CrowdStrike; F5; Fastly; Gigamon; New Relic; Sysdig; Tigera
Gartner Recommended Reading
SONiC
Analysis By: Jorge Aragon, Andrew Lerner
Benefit Rating: Moderate
Market Penetration: 1% to 5% of target audience
Maturity: Emerging
Definition:
Software for Open Networking in the Cloud (SONiC) is a modular, open-source network operating system (NOS). The SONiC NOS is deployed primarily on network switches in data center environments; however, it can also run in some campus switches. SONiC was written and open-sourced by Microsoft and is now overseen by the Linux Foundation.
Why This Is Important
SONiC is an open-source NOS that runs on network devices. Commercially supported by vendors, it is being adopted in different environments such as data centers, hyperscalers, campus, and edge locations. SONiC facilitates the disaggregation of hardware and software as an alternative to a proprietary NOS, with an increasing number of vendors behind it. SONiC offers strong potential for network innovation, similar to what Linux offered in the server OS market.
Business Impact
SONiC can run on network switches and application-specific integrated circuits from different manufacturers. Organizations can leverage SONiC as a vendor-agnostic NOS while procuring network equipment from local or global manufacturers based on availability and price, instead of relying on a single hardware vendor for uniformity. SONiC also reduces reliance on vendor proprietary approaches, which enables network teams to evolve at a pace independent of any specific vendor.
Drivers
- Organizations that operate large networks, including service providers, cloud providers and large enterprises, seek to avoid vendor lock-in and/or to leverage the pace of innovation associated with open source, and are increasingly interested in SONiC.
- SONiC is a viable option for disaggregating hardware and software, especially as organizations look for approaches that can enable sovereignty in their network infrastructure.
- SONiC is open source, so it presents low barriers to acquisition (e.g., no software-licensing cost upfront) compared with commercial software, which limits friction of initial testing and deployment.
- Technologically advanced organizations seek to standardize on an open-source NOS supported across hardware vendors, creating the potential for innovation equivalent to Linux’s offer in the server OS market.
- Commercial distributions of SONiC include hardware and/or software support, creating more options for enterprises.
- Market interest, adoption, features, and commercial vendor support of SONiC feed into its emerging prominence among open-source NOS options.
- SONiC can be used outside the data center to address some campus and edge environments.
- Active vendor marketing increases interest in and awareness of SONiC among enterprises and service providers.
Obstacles
- Nearly all commercial switching vendors lead with integrated switches running their proprietary OSs when selling to enterprises.
- Vendors that offer SONiC typically do so only in corner-case or one-off scenarios.
- Support concerns regarding noncommercial software and disaggregating hardware from software hinder SONiC adoption.
- A strong culture of risk aversion among enterprise network teams may cause them to prefer vendor-proprietary commercial solutions with branded support.
- Many organizations lack awareness of SONiC, especially among midmarket and smaller enterprises.
- SONiC may not offer feature parity with an established proprietary NOS, which hinders its adoption when enterprises seek to perform a like-for-like hardware replacement.
- SONiC lacks native or open-source centralized management and orchestration for SONiC-based switches, requiring command-line or API management or the use of third-party management/orchestration software.
User Recommendations
- Start by using SONiC for VXLAN-EVPN-based fabrics in the data center with a Clos architecture.
- Pilot SONiC as a NOS in large environments of more than 250 switches and/or within forward-leaning organizations to drive innovation and reduce lock-in.
- Leverage SONiC for greenfield deployments, such as AI fabrics that support connectivity for graphics processing units (GPUs).
- Use commercially supported SONiC distributions for mission-critical production data centers.
- Leverage a fabric manager to operate your SONiC-based fabric for your network’s centralized administration and monitoring.
- Avoid rushing SONiC deployments. The opportunity to insert SONiC comes with physical switching investments typically associated with hardware refreshes that happen every five years. Wait for the next life cycle iteration or a large build-out instead of interrupting the cadence.
- Stay as close as possible to the main open-source version or trunk. Avoid implementing features that will not be added upstream to the main trunk.
Sample Vendors
Arista Networks; Aviz Networks; BeyondEdge; Broadcom; Cisco; Dell Technologies; Dorado Software; Hedgehog; HPE (Juniper Networks); Huawei; Nokia; NVIDIA
Gartner Recommended Reading
5G
Analysis By: Sylvain Fabre
Benefit Rating: High
Market Penetration: More than 50% of target audience
Maturity: Early mainstream
Definition:
5G is the fifth-generation cellular technology standard by the 3rd Generation Partnership Project (3GPP). IMT-2020 eventually targets maximum downlink and uplink throughputs of 20 Gbps and 10 Gbps, respectively, with latency as low as 4 milliseconds (ms) in a mobile scenario and 1 ms in ultrareliable low-latency communication scenarios, down to centimeter-level location accuracy indoors, and massive Internet of Things scalability. New system architecture includes core slicing and wireless edge.
Why This Is Important
5G is foundational infrastructure for the Fourth Industrial Revolution, built around three service classes that address distinct enterprise needs: enhanced mobile broadband (eMBB) for high-throughput applications; ultrareliable low-latency communications (URLLC) for mission-critical, real-time control; and Massive Internet of Things (MIoT) for dense, low-power device connectivity at scale. Together, they make 5G the first wireless generation designed explicitly for enterprise transformation — not just consumer mobility. For enterprises and communications service providers (CSPs), 5G’s ongoing standards evolution matters not because of raw performance gains, but because it determines whether mobile networks can reliably deliver differentiated digital services that meaningfully outperform 4G and Wi‑Fi alternatives.
Business Impact
- 5G enables three main technology deployments; each supports distinct new services for multiple industries and use cases of digital transformation:
- eMBB for HD video
- Massive machine-type communications (mMTC) for large IoT deployments
- URLLC for high-availability and very low-latency use cases, such as remote vehicle operations
- Promising applications for 5G use include fixed wireless access, IoT support and private mobile networks.
- In practice, the business impact of 5G remains uneven, with clear value in select scenarios such as fixed wireless access and private networks, but limited differentiation for many mainstream enterprise connectivity needs.
Drivers
- As of February 2026, 383 operators have launched commercial 3GPP-compatible 5G services (per the Global Mobile Suppliers Association). 5G coverage reaches the majority of mobile subscribers globally, with 5G‑capable devices available across nearly all price tiers. This makes 5G the default cellular baseline for new devices and services.
- Increased data usage per user and device requires a more efficient infrastructure.
- Industrial users require 5G lower latency from URLLC and expect 5G to outperform rivals in this area.
- Demand continues for mMTC to support scenarios of very dense deployments up to the 5G 3GPP R17 target of 1 million connected sensors per square kilometer. Availability has increased for private spectrum options.
- Fixed wireless access (FWA) remains one of the strongest commercial use cases for 5G, enabling CSPs to extend broadband coverage quickly and economically while deferring or complementing fiber investments.
- Demand for redundancy, particularly for mission-critical enterprise connections with route and access diversity, is driving use of 5G as an additional access technology for network-as-a-service (NaaS) and enterprise gateways.
- The proliferation of AI creates new connectivity demands: low-latency, high-reliability links to coordinate distributed AI agents, stream model updates, and offload compute between device, edge, and cloud. 5G — and increasingly AI radio access network (AI-RAN) — is becoming the connectivity substrate for physical AI deployments across industrial, logistics, and autonomous systems environments.
Obstacles
- 5G value realization remains uneven. Many enterprise use cases can still be served by 4G, Wi‑Fi or low-power wide-area network (LPWAN) alternatives at lower cost.
- Issues with availability and cost of radio spectrum, in particular for industrial private networks, occur in some countries.
- Security concerns arise when using 5G in critical industrial scenarios.
- Realizing 5G's full value in enterprise and industrial settings depends on a coherent edge computing layer. In practice, fragmentation across hyperscaler multiaccess edge computing (MEC) offerings, operator edge platforms, and on-premises deployments creates integration friction that stalls enterprise use case deployment and undermines the low-latency value proposition 5G is meant to deliver.
User Recommendations
- Organizations should evaluate 5G investments primarily through the lens of business outcomes and operational requirements, rather than assuming newer standards alone will unlock incremental value.
- Treat 5G as a strategic platform rather than a coverage upgrade, and prioritize use cases that benefit from mobility, outdoor coverage, and deterministic performance.
- Align 5G investments with near‑term business outcomes, while preparing organizational capabilities for 5G Advanced evolution.
- Provide clear SLAs for network performance by testing installation quality for sufficient and consistent signal strength, signal-to-noise ratio, video experience, throughput, and coverage for branch locations.
- Focus on architecture readiness — such as software-defined networking, network function virtualization, CSP edge computing and distributed cloud architectures, and end-to-end security — to take advantage of 5G.
- Reframe 5G as a platform business — move beyond connectivity pricing. The CIO must develop network-as-a-service commercial models, expose 5G capabilities via APIs, and enable slice-based service packaging — treating the network as a programmable product rather than a managed asset.
- Accelerate SA core migration as a strategic priority — non-stand-alone configurations cap your ability to deliver slicing, URLLC, and advanced R17/R18 capabilities. Build a credible SA migration roadmap with defined milestones, and treat NSA as a transitional state — not a stable operating model.
Sample Vendors
Ericsson; Huawei; Nokia; Qualcomm; Samsung; ZTE
Gartner Recommended Reading
NaaS
Analysis By: Jonathan Forest, Andrew Lerner
Benefit Rating: Low
Market Penetration: 1% to 5% of target audience
Maturity: Adolescent
Definition:
Network as a service (NaaS) is a standardized and automated delivery model for network products and services. NaaS providers own and operate the offering, with the primary objective of simplifying full life cycle network operations, inclusive of equipment refreshes and capacity scaling. While not a market, it combines hardware, software and management into a consumption- or subscription-based opex pricing model. Many vendors promote offerings as NaaS, with few meeting the definition.
Why This Is Important
NaaS is overhyped, as vendors are positioning a wide range of network products and services as NaaS, but rarely meet the formal definition. The main objective of enterprises interested in NaaS is to simplify full life cycle network operations and, to a lesser extent, deliver a more flexible consumption model. It also offers organizations an asset-light-model option for those who don’t want to own infrastructure.
Business Impact
Customers seeking NaaS are looking to simplify their network operations with a flexible consumption model. NaaS provides enterprises with agility, defined service delivery quality, automation, and end-to-end full life cycle management — with up/down scalability and adaptive billing. NaaS providers’ goal is to offer alternative network sourcing options with a managed opex model, where customers don’t own the equipment.
Drivers
- Enterprises are interested in a service offering where simplified life cycle network operations are delivered via an opex-friendly pricing model. The rise of NaaS could potentially disrupt campus networking, data center switching and WAN markets, for both on-premises or cloud-based network functions.
- Enterprises primarily see NaaS as an option for more opex-based pricing, with a “pay-for-what-is-used” model. In short, customers who have more available opex budget and less capex budget.
- Some enterprises see NaaS as a more flexible option to supply equipment and connection services for temporary locations.
- Enterprise buyers seek a focus on their end users and applications for improved service delivery quality and automation, and a more predictable customer experience.
- NaaS provides a simpler, turnkey network consumption model for smaller organizations.
- NaaS is seen as an asset-light model where the customer doesn’t own the equipment.
- Built in network refreshes and software updates ensure functionality is up to date.
- This type of offering is attractive to customers who are familiar with and open to the cloud consumption model.
- Customers who require dynamic shifts in networking resources may favor NaaS.
- NaaS may be helpful to organizations that lack network operations resources and specific skill sets.
Obstacles
- Many provider offerings are limited to pricing/licensing changes, which isn’t true NaaS.
- Some organizations view leasing as a form of NaaS, which has been around for decades.
- Many enterprises view NaaS primarily as consumption-based pricing and overlook the operational benefits.
- Most enterprises prefer flat-rate predictable pricing.
- NaaS is often more expensive than more traditional capex-based pricing models.
- Enterprises entering into NaaS agreements relinquish control and face complete replacement of product components upon contract exit.
- Large, established vendors have been reluctant to prioritize NaaS offerings due to the risk of impacting the revenue of their existing installed base.
- NaaS is often confused with network on demand delivered by carriers.
- NaaS is not a market, but often is referred to as such. The NaaS term is often misused to the point of it becoming nondescriptive.
- NaaS is not attractive for customers who have more capex budget and less opex budget.
User Recommendations
- Exercise caution with NaaS due to confusion created by the provider community. Expect that most offerings marketed as NaaS don’t actually align with true NaaS principles.
- Prioritize network operations benefits of NaaS, rather than pricing flexibility, when evaluating vendors.
- Choose NaaS offerings when you have limited resources and are looking for a turnkey SLA-backed network solution priced as opex with no asset ownership.
- Choose NaaS offerings when you require a high SLA and/or have limited internal resources to meet the desired SLA.
- Where there is a concern of vendor lock-in, retain network design control by separately procuring equipment as an operating lease and adding managed network services.
- Calculate before-and-after-NaaS ROI by capturing all in-scope costs and uniformly comparing proposals to identify the differences.
- Avoid NaaS if you sweat network assets beyond a typical life cycle. This will effectively increase the price when compared to traditional capex models.
Sample Vendors
Alkira; Join Digital; Megaport; Meter; Nile; Verizon
Gartner Recommended Reading
Function Accelerator Cards (aka DPU or SuperNIC)
Analysis By: Naresh Singh
Benefit Rating: High
Market Penetration: 20% to 50% of target audience
Maturity: Adolescent
Definition:
Function accelerator cards (FACs) are a class of devices that have dedicated hardware accelerators with optional programmable processors that use onboard memory to accelerate network, security and storage functions. Essentially, their role has evolved into two categories — offloading of CPU-heavy tasks, such as networking, security and data processing, and optimization of network fabric by effective traffic scheduling and critical functions like in-network computing.
Why This Is Important
FACs can boost server performance by up to 50% by offloading non-core tasks like virtual switching, security and ADCs. They enhance storage via NVMe-oF offload and can host dedicated appliances, such as firewalls. FACs also improve security by isolating critical functions within dedicated, secure environments. While mainly used by hyperscalers and large cloud providers, adoption is growing among new cloud providers and enterprises as FACs become vital for AI and network fabrics.
Business Impact
FACs contribute to more cost- and energy-efficient data center operations, while improving performance. By offloading high-overhead functions, they allow the server to host more workloads, which reduces the direct cost of additional servers and, in some cases, infrastructure software. In addition, they can optimize data transmission between servers and AI systems, thus addressing costly network delays affecting training runs.
Drivers
- Significant growth in generative AI workloads and wide embedding of agentic AI in applications has led to the demand for FACs.
- Hyperscale cloud providers, neo-cloud and AI developers increasingly use FACs to optimize price and performance.
- With the growing need for accelerated applications and services for generative AI workloads at the edge, and growing power consumption concerns impacting sustainability, enterprises have started evaluating DPUs as well.
- The rise of AI/ML workloads, solid modeling, seismic analysis and advanced analytics has created unprecedented demand on storage and network, resulting in latency and bandwidth issues that FACs solve.
- By optimizing both the CPU and GPU/AI accelerators through offloading of non-core functions, they increase utilization as well as mitigate energy use during processing delays. This can lead to significant operational cost benefits in terms of energy savings.
- FACs can reduce the number of servers and hypervisor licenses by 10% to 30%, and may also decrease the number of application software licenses.
- Moving performance-intensive functions into the hardware reduces the software-based surface area for attack, thereby creating a proxy perimeter.
- Telecommunication networks are moving toward virtualizing the network edge with 5G adoption, which leads to offloading 5G user plane function (UPF) and 5G network slicing to FACs to achieve low latency and high throughput.
- FACs are increasingly bundled in high-performance solid-state storage systems to boost input/output per second and minimize latency.
- FACs provide an alternative platform to host network appliances, such as firewalls and ADCs, with price/performance benefits in specific usage scenarios.
Obstacles
- Enterprises view FACs as a disruptive shift from traditional data center networking, which can limit adoption due to perceived risks.
- There is confusion in the market due to vendors using different terminology and providing different capabilities and architectures.
- Data plane programmability is high risk, limiting adoption in enterprises.
- Hyperscale cloud service providers (CSPs) can justify the higher cost of high-end FACs due to the advantages of large-scale purchasing and customization. However, this level of spend limits enterprise, thereby hindering rapid adoption. More cost-effective solutions need to be positioned for more cost-sensitive users and those needing only certain functionalities.
- Form factor and power consumption can impact rack, power and cooling budgets, if they occupy a full-size Peripheral Component Interconnect Express (PCIe) slot.
User Recommendations
- Use FACs for specific use cases, such as acceleration of AI/ML and NVMe-oF.
- Use FACs to enhance AI network fabrics to optimize their performance.
- Engage your existing data center infrastructure vendors on their plans for multivendor interoperability for FACs offloading, prior to your next server refresh.
- Use FACs opportunistically to replace legacy components, such as physical firewalls, and reduce the number of application licenses.
- Pilot FAC offerings to improve scale/security needs in a large-scale data center network (typically more than 1,000 switches) with either FACs in servers (more successful) or FACs in switches, or to support extremely network-sensitive workloads.
- Select FAC-based storage offerings for applications that require microsecond-latency performance when processing large datasets.
- Use a cross-functional team that includes networking, compute, storage and security personnel to evaluate FAC offerings.
- Focus on management and orchestration when evaluating FACs, as they are key differentiating factors.
Sample Vendors
AMD; Broadcom (VMware); Ethernity Networks; Intel; Kalray; Marvell; Microsoft; Napatech; NVIDIA; Pliops
Gartner Recommended Reading
Network AI Assistants
Analysis By: Karen Brown, Marissa Schmidt
Benefit Rating: High
Market Penetration: 20% to 50% of target audience
Maturity: Mature mainstream
Definition:
Network AI assistants are interactive digital tools backed by generative AI (GenAI) technologies that perform specific automated tasks as directed by human engineers via conversational, natural language chat interfaces. When integrated into network management consoles, network AI assistants provide actionable network insights and help human engineers with network tasks, improving administrator user experience, configuration and operational efficiency.
Why This Is Important
Network AI assistants are useful digital tools that allow humans to interact with network infrastructure and service management consoles via natural language chat interfaces rather than using command line interface (CLI) or dashboard-style UIs. As directed by human engineers, network AI assistants can perform specific configuration, troubleshooting or analytics review tasks. The result is accelerated and improved network operations and efficiency.
Business Impact
Enterprises require network teams to efficiently manage diverse infrastructure to support business objectives. Network AI assistants are a useful efficiency tool, performing routine network tasks as directed by a human engineer via conversational chat interfaces. Network AI assistants are a value-added feature built into vendor products. Capabilities and multilingual chat interface support vary by vendor, which impacts network AI assistants’ ability to add value or reduce costs.
Drivers
- Network vendors have, to varying degrees, added simple chatbots, task-focused AI agents and semiautonomous AI agents to their products, marketing them as either standard or value-added features.
- Many enterprise network leaders want to use network AI assistants to streamline specific routine tasks that improve operational efficiency for complex enterprise WAN, LAN, data center and cloud-native environments.
- Network AI assistants support growing demand for automated network management processes.
- Enterprises with limited or skill-challenged network staff need the engineering support that network AI assistants supply.
- Network AI assistants, in helping to resolve networking issues, can improve performance for applications.
- Many network infrastructure vendors are investing in network AI assistant development as part of larger automation and AI technology initiatives to strengthen their products’ competitive differentiation. This is partly enabled by the availability of GenAI technologies.
- Network AI assistants, as part of infrastructure or network provider offerings, are positioned to help not only with simple network configuration and troubleshooting tasks, but also with more complex incident troubleshooting and remediation support.
Obstacles
- Network teams may not trust network AI assistants’ ability to correctly perform tasks, fearing they will make mistakes that will result in network outages.
- Network infrastructure vendors have not uniformly launched network AI assistants across their product portfolios.
- Heads of I&O may hesitate to use network AI assistants within their operations, awaiting evolution of agentic AI technology.
- Network AI assistant offerings vary widely in their ability to support Day 0, Day 1 and Day 2 operational tasks.
- Underlying AI technologies require time to train and adapt, which impacts the quality of network AI assistant responses. In early deployment, a network AI assistant may offer inaccurate responses that could negatively impact network operational efficiency.
User Recommendations
- Include network AI assistants in RFPs as a desired feature during network refresh or new deployment cycles.
- Question vendors about their network AI assistant and agentic NetOps roadmaps, and ask them for value-driven metrics for network AI assistant upgrades.
- Compare the potential operational improvement benefits for network AI assistants versus moving directly to agentic NetOps. Factor in the organization’s network operations maturity and ability to manage either technology.
- Require a proof-of-concept trial of network AI assistants to establish their effectiveness and accuracy in performing human-directed network tasks.
- Select products/offerings with network AI assistants that are integrated with major network UI, CLI and automation framework partners.
- Introduce network AI assistant technology first to support observability and troubleshooting tasks. Then expand it to include configuration and, where possible, integrate it into larger automation frameworks for more advanced capabilities.
Gartner Recommended Reading
Climbing the Slope
Edge IoT Networking
Analysis By: Tim Zimmerman, Mike Leibovitz, Bill Ray
Benefit Rating: High
Market Penetration: 5% to 20% of target audience
Maturity: Adolescent
Definition:
Edge Internet of Things (IoT) networking represents a diverse set of communication technologies that connect devices and sensors to edge computing platforms or to the cloud. For WAN-connected devices, this includes cellular (public and private), low-power wide-area (LPWA) and satellite technologies. For on-premises environments, connectivity includes Ethernet and Wi-Fi, as well as more than 40 industrial and building automation protocols for wired and wireless infrastructures.
Why This Is Important
Edge IoT networking is traditionally siloed because data must be transported to different application platforms — on-premises, edge or cloud. Sensors operate in diverse and often remote environments, requiring multiple communication methods to ensure data is securely and reliably delivered to applications.
Business Impact
As IoT devices connect to enterprise networks, visibility for security risk management and asset discovery becomes mandatory for IT strategies. As responsibility converges toward IT, edge IoT networking can simplify deployment and operations while reinforcing security best practices. Longer term, hardware commoditization and broader connectivity options will pressure pricing across verticals, particularly where high performance is not required to achieve business outcomes.
Drivers
- Standardization of technology — These include advancements in cellular, Wi-Fi and Bluetooth low energy (BLE). Both 5G and Wi-Fi 7 (802.11be) allow the technology to meet performance requirements and offer coverage and low-latency wireless connectivity.
- Convergence between standards — Emerging initiatives out of smart home applications, such as the Matter standard, hope to unify networking systems to provide common addressing and management, reducing the complexity of edge IoT networking.
- Convergence of operations — As more technologies converge onto a single IT infrastructure, a growing number of operational technology (OT) teams continue to merge into IT.
- Security — Historically, siloed connectivity technologies provided security by obscurity, while newer, standards-based options provide authentication and data encryption options to address use-case requirements.
- Pricing — The ability for the market to focus on a discrete set of solutions will drive pricing for overall connectivity down.
Obstacles
- Refresh rates of devices — Edge IoT business solution refresh rates are very slow (often 10 years or longer), which means the opportunity window to update them to standardized technologies is drawn out.
- Proprietary protocols — Many communication protocols at the edge are proprietary, and the move to IP-based protocols is slow and not always practical.
- Slow deployment of connectivity options — The ability for newer connectivity options to be deployed is also drawn out. The adoption of satellite has become prevalent because the rollout of 5G, cellular IoT (LTE-M) and narrowband IoT (NB-IoT) to reach nonmetropolitan/rural areas continues to drag on.
- Limited migration capabilities — Unfortunately, moving from LPWA or WirelessHART means replacing the entire infrastructure with newer technologies. This will affect deployment time frames for end users that need to use the existing assets to address business case ROI requirements.
User Recommendations
- Document any organization changes to ensure that the information about legacy OT networks or any inherited network and associated assets is well-known.
- Beware that WAN, LPWA and WLAN/LAN solutions today require different and separate communication infrastructures.
- Evaluate satellite communications if the solution attributes for throughput, latency and device density are required by your applications. If warranted, invest in satellite communications, public (5G, LTE-M, NB-IoT), if available, or private cellular technology for large, open environments that could be indoor (utilities or manufacturing plants) or outdoor.
- Assure support for OpenRoaming to allow federated authentication of devices and the migration of applications connectivity from cellular to WLAN infrastructures and upgradability to any new standards that provide Wi-Fi.
- Choose vendors that provide IoT platform connectivity — such as IoT ports or multiple radio options — to address edge solution requirements.
Sample Vendors
AT&T; Belden (Hirschmann); Cisco; Extreme Networks; HPE; Semtech (Sierra Wireless); Siemens; Verizon Communications; Vodafone Group
Gartner Recommended Reading
Quantum Key Distribution
Analysis By: Mark Horvath
Benefit Rating: Low
Market Penetration: 5% to 20% of target audience
Maturity: Early mainstream
Definition:
Quantum key distribution (QKD) is a tamper-evident communication method that implements a cryptographic protocol for creating and transporting keys based on quantum mechanics. It enables parties to produce a shared secret, which then can be used to encrypt and decrypt messages. These keys are exchanged such that the system can detect the interference with the exchange of the key and generate new keys. QKD does not require asymmetric algorithms and provides a point-to-point postquantum solution.
Why This Is Important
QKD is an important technology for creating, moving and preserving the quantum entanglement of two or more particles. QKD provides a tamper-evident channel for secure key exchange by maintaining the quantum entanglement of photons as they transfer the initial secret between systems, after which standard symmetric keys are used. The nature of entanglement means that any disturbance will result in automatic channel collapse, destroying the secret and preventing the transmission of further data.
Business Impact
- QKD’s main property, tamper evidence, is required by companies that need to exchange high-value encryption keys in as secure a way as possible.
- QKD provides a demonstrably secure channel that allows high-value data to be transmitted without compromising the integrity of the data.
- A quantum random number generator (QRNG), usually part of the QKD setup, can generate cryptographically better keys than classical sources of entropy.
Drivers
- Organizations are looking to move to “quantum-safe” technologies, sparking renewed interest in QKD as cryptographically relevant quantum computers become more realistic.
- QKD is a foundational technology for networking quantum computers and quantum information science.
- QKD is a foundational technology for the next generation of secure satellite-based networking.
- Governments and military departments have a need for extremely secure methods of key exchange, which are becoming increasingly commercialized.
- QKD has some advantages over certificate-based systems in that there is physical protection of the secret with no algorithmic dependence, i.e., they are permanently crypto-agile.
Obstacles
- QKD does not, by itself, change data: QKD can be used to transmit keys but cannot make preexisting keys quantum-safe, and subsequent cryptographic processes rely on classical encryption technologies.
- QKD can be subject to denial-of-service attacks: Any disturbance in the transfer channel causes it to collapse.
- QKD is not recommended in some cases: As of 2021, the U.S. National Security Agency’s current stance is to not recommend the use of QKD for national security systems.
- QKD fiber-optic transmission distances are limited to a few hundred kilometers: Current attempts to boost channels or use repeaters break the entanglement, making large-scale routing difficult. Satellite relay can vastly extend that range but relies on “trusted” nodes.
- Algorithmic methods are typically sufficient: Key-exchange algorithms typically provide a high-enough level of trust for most purposes, especially when using postquantum cryptography (PQC), without the need for specialized kit.
User Recommendations
Security and risk management leaders evaluating QKD should:
- Evaluate whether QKD is needed as part of their plan for moving to postquantum networking.
- Identify high-value or sensitive data that could benefit from tamper-evident key exchange.
- Upgrade any systems that cannot utilize PQC through the quantum key distribution approach.
Sample Vendors
AUREA Technology; Arqit Quantum; IonQ (ID Quantique); KETS; MagiQ Technologies; QNu Labs; QuantumCTek; QuintessenceLabs; SK Telecom; Toshiba
Gartner Recommended Reading
SASE
Analysis By: Andrew Lerner, Jonathan Forest, Neil MacDonald
Benefit Rating: Transformational
Market Penetration: 20% to 50% of target audience
Maturity: Early mainstream
Definition:
Secure access service edge (SASE) delivers converged network and security capabilities, including SD-WAN, secure internet access, secure SaaS access, firewall and zero-trust network access capabilities. SASE supports branch office, remote worker and on-premises secure access use cases. Primarily delivered as a service, SASE enables zero-trust access based on the identity of the device or entity, combined with real-time context, and security and compliance policies.
Why This Is Important
SASE enables modern digital business transformation, including work from anywhere, branch office transformation and the adoption of edge computing and cloud-delivered applications. It also dramatically simplifies the delivery and operation of critical network and security services via a cloud-centric management and delivery model. SASE reduces the number of vendors for secure access to one or two explicitly partnered vendors.
Business Impact
- SASE enables digital business use cases (such as branch office transformation and hybrid workforce enablement) with increased ease of use while reducing complexity.
- It allows I&O and cybersecurity teams to deliver consistent and integrated networking and network security services, supporting the needs of digital business transformation, edge computing and work from anywhere.
Drivers
- Digital workforce and branch transformation projects driven by the adoption of cloud-based services and an increasingly mobile workforce require secure access anywhere, anytime.
- Organizations desire to move toward a zero-trust security architecture while managing complexity.
- There are dozens of vendors who offer competitive SASE platform offerings that are prominently promoting and positioning their offerings to customers.
- SASE can reduce the deployment time for new users, locations, applications and devices.
- SASE enables a single way to set consistent policy enforcement across internet, web application and private application access, which reduces the attack surface and shortens remediation times.
- Enterprises want to simplify network and network security deployments via the reduction of policy engines and management consoles.
Obstacles
- Organizations that have not embraced cloud/SaaS are much less likely to benefit from a SASE architecture.
- SASE requires a coordinated approach across security, networking and digital workplace teams, which is challenging given refresh and renewal cycles, silos and staff expertise.
- A vendor’s cloud footprint may prevent SASE deployments in certain geographies such as China, Africa, South America and the Middle East, which may be related to sovereign requirements.
- Concentration risk: Organizations cite both commercial and technological concerns over consolidating multiple technologies from a single vendor.
- It is challenging to justify SASE deployment solely from a financial/cost perspective.
- Agentic AI adoption shifts enterprise needs and may bypass decryption and inspection by SASE deployments, requiring new products to be deployed.
User Recommendations
- Involve both cybersecurity and network teams when evaluating offerings and roadmaps from incumbent and emerging vendors to ensure an integrated approach.
- Leverage renewals and refresh of SD-WAN, Firewall and VPN to update network and network security architectures.
- Avoid enabling SASE outcomes with more than two product vendors to avoid complexity and suboptimal performance.
- When implementing a dual-vendor SASE solution, use only vendor combinations with explicit integration including turnkey automation, visibility and, ideally, management and data plane integration.
- Combine branch office and remote access in a single implementation to ensure consistent policies and minimize the number of vendors required.
Sample Vendors
Cato Networks; Check Point Software Technologies; Cisco; Cloudflare; Fortinet; Hewlett Packard Enterprise; Netskope; Palo Alto Networks; Versa Networks; Zscaler
Gartner Recommended Reading
Network Security Microsegmentation
Analysis By: Adam Hils, Rajpreet Kaur
Benefit Rating: High
Market Penetration: 5% to 20% of target audience
Maturity: Early mainstream
Definition:
Network security microsegmentation is the creation of more granular and dynamic access policies than is possible in traditional network segmentation. It is deployed by the insertion of a security control between workloads, applications, or nodes in the same segment. Microsegmentation tools support the implementation of finer-grained zoning across public, private and hybrid cloud infrastructures. The local enforcement points are orchestrated by management consoles.
Why This Is Important
Once a system is breached, attackers often attempt to move laterally (including in ransomware attacks), which can cause serious damage. Microsegmentation seeks to limit the propagation and spread of such attacks. It can greatly reduce the initial attack surface as well. In addition to security enforcement, microsegmentation products also provide enhanced visibility into network traffic as well.
Business Impact
Microsegmentation reduces attack surface and enables breach containment of cyberattacks. It is a component of zero-trust architecture that controls the access between workloads and is used to limit lateral movement, if and when an attacker breaches the enterprise network. Microsegmentation also enables enterprises to enforce consistent segmentation policies across on-premise and cloud-based workloads, including those hosting containers.
Drivers
- As servers are being virtualized, containerized or moved to infrastructure as a service (IaaS), existing safeguards such as traditional firewalls, intrusion prevention solutions and antivirus software struggle to follow the fast pace of deployment for new assets. This leaves the enterprise vulnerable to attackers gaining a foothold and then moving laterally within enterprise networks. This has created increased interest in visibility and granular segmentation for east-west traffic between applications, servers and services in modern data centers.
- Zero-trust approaches are expanding and are now a requirement in modern data center design. Microsegmentation is cited by zero-trust frameworks as a practical way to build a secure policy-driven infrastructure.
- The increasingly dynamic nature of data center workloads makes traditional network-centric segmentation strategies difficult to manage at scale, if not impossible to apply.
- Microsegmentation products provide rich application communication mapping and visualization, allowing data center teams to identify which communication paths are valid and secure.
- The shift to application microservices has increased the amount of east-west traffic and further restricted the ability of network-centric firewalls to provide segmentation.
- The extension of data centers into IaaS has placed a focus on software-based approaches for segmentation — in many cases, using the built-in segmentation capabilities from cloud-based vendors.
- The emerging need to secure CPS environments is driving an interest in microsegmentation for non-IT environments.
- Growing interest in zero-trust networking approaches has also increased interest in using application and service identities as the foundation for adaptive application segmentation policies. This is critical to enforcing segmentation policies in the dynamic networking environments used within container-based environments.
Obstacles
- Complexity — If not planned and scoped correctly, microsegmentation projects can lose organizational support before completion.
- Lack of application dependency knowledge — Cybersecurity leaders don’t know which applications should be communicating with others, sowing doubt in automatically generated protection rules.
- Legacy network firewalls — Traditional firewalls can present operational challenges to some microsegmentation solutions when policies overlap or conflict.
- Organizational dynamics — Cloud-centric organizations employing DevOps may value agility more than security, believing that any additional security controls will introduce operational friction.
- Expense — Full microsegmentation can come at a high price. Many organizations consider microsegmentation to be a net-new budget item.
User Recommendations
- Select zones to microsegment based on the highest risk. Oversegmentation is the leading cause of failure and excessive costs.
- Seek a solution that maps application communication paths and makes policy recommendations, using AI-based policy recommendations.
- Do not use IP addresses or network location as the foundation for east-west segmentation policies. Use logical tags, labels, fingerprints or stronger identity mechanisms to identify workloads.
- Use the microsegmentation style (such as network overlay, host-based, cloud-native and API-based) that best works with your environment, factoring in location (such as on-premises, hybrid and IaaS) and environment (such as containers and virtual machines).
- Focus on automating microsegmentation deployment and changes integrated with the DevOps continuous integration/continuous delivery pipeline to maintain agility.
- Plan for coexistence of traditional firewalls and microsegmentation approaches and seek microsegmentation products that support integrations with firewalls.
Sample Vendors
Akamai; Broadcom; Cisco; ColorTokens; Elisity; Fortinet; Illumio; Palo Alto Networks; Zero Networks; Zscaler
Gartner Recommended Reading
Entering the Plateau
Wi-Fi 7 (802.11be)
Analysis By: Tim Zimmerman, Christian Canales, Mike Leibovitz
Benefit Rating: Moderate
Market Penetration: More than 50% of target audience
Maturity: Mature mainstream
Definition:
Wi-Fi 7 (IEEE 802.11be) is the latest wireless LAN (WLAN) standard, designed to improve throughput, latency and spectrum efficiency compared with previous generations. The standard expands channel bandwidth, increases the number of spatial streams, and improves operation across 5 GHz and 6 GHz spectrum. Wi-Fi 7 also introduces mechanisms intended to support more deterministic and lower-latency traffic, although adoption and practical value vary by deployment and endpoint maturity.
Why This Is Important
New high-performance applications, such as AR/VR and high-resolution video, are increasing performance and latency expectations for enterprise WLANs. Wi-Fi 7 leverages expanded spectrum availability in many geographies and introduces enhancements intended to improve capacity and latency characteristics. While peak performance claims are largely theoretical today, the standard establishes a foundation for future enterprise and industrial wireless use cases as ecosystems mature.
Business Impact
For most enterprises, the immediate business impact of Wi-Fi 7 is incremental rather than transformational. Organizations are primarily adopting Wi-Fi 7 as part of normal campus WLAN refresh cycles, driven by vendor roadmaps, hardware availability and access to 6 GHz spectrum. While advanced low-latency and high-throughput use cases remain niche, Wi-Fi 7 provides improved capacity, spectrum efficiency and long-term platform viability for environments with growing device density.
Drivers
- Refresh-driven adoption: Wi-Fi 7 is increasingly selected during routine campus WLAN refresh cycles as vendors prioritize new designs around the latest standard and reduce focus on earlier generations.
- Ecosystem availability: Broad availability of Wi-Fi 7 access points and supporting infrastructure, along with expanding 6 GHz regulatory adoption, is accelerating uptake regardless of immediate performance need.
- Incremental capacity and efficiency gains: Improvements in spectrum usage and channel flexibility offer benefits in high-density environments, even if peak throughput advantages are rarely realized in practice.
- Future-proofing infrastructure: Organizations favor Wi-Fi 7 to extend platform lifespan and avoid deploying infrastructure that may age quickly as endpoint and application requirements evolve.
Obstacles
- Surplus performance for many enterprises: Wi-Fi 7 will typically provide speed up to 46 Gbps in a single coverage area, which is more than three times greater than 802.11ax.
- Marginal near-term value for most enterprises: While Wi-Fi 7 offers significant theoretical performance gains, most enterprise use cases do not yet require these capabilities or have 6 GHz devices, limiting immediate business justification beyond refresh alignment.
- Upstream infrastructure requirements: Realizing the benefits of Wi-Fi 7 may require upgrades to campus switching (multigig Ethernet and higher PoE), increasing overall project cost and complexity.
- Endpoint and ecosystem maturity: Although Wi-Fi 7 access points are broadly available, many client devices do not yet fully support the standard, delaying realization of benefits in typical enterprise environments.
User Recommendations
- Adopt Wi-Fi 7 primarily as part of planned campus WLAN refresh cycles rather than as a standalone upgrade driven by performance requirements.
- Plan for associated wired infrastructure upgrades, including multigig Ethernet and higher PoE, and align WLAN refreshes with access-layer switching updates to manage cost and disruption.
- Test Wi-Fi 7 in a pilot project to evaluate performance improvements, while considering the support of 6GHz in your environment’s end-user devices before deciding to scale it out enterprisewide.
- Be prepared to update LAN switching to address higher Power over Ethernet (PoE) requirements for access points and accommodate the higher-performance wireless connectivity. Use campus WLAN refreshes as an opportunity to also upgrade access switches.
Sample Vendors
Arista Networks; Cisco; Extreme Networks; Fortinet; Hewlett Packard Enterprise; Huawei
Gartner Recommended Reading
Appendixes
See the previous Hype Cycle: Hype Cycle for Enterprise Networking, 2025
Hype Cycle Phases, Benefit Ratings and Maturity Levels
Hype Cycle Phases
Phase | Definition |
Innovation Trigger | A breakthrough, public demonstration, product launch or other event generates significant media and industry interest. |
Peak of Inflated Expectations | During this phase of overenthusiasm and unrealistic projections, a flurry of well-publicized activity by technology leaders results in some successes, but more failures, as the innovation is pushed to its limits. The only enterprises making money are conference organizers and content publishers. |
Trough of Disillusionment | Because the innovation does not live up to its overinflated expectations, it rapidly becomes unfashionable. Media interest wanes, except for a few cautionary tales. |
Slope of Enlightenment | Focused experimentation and solid hard work by an increasingly diverse range of organizations lead to a true understanding of the innovation’s applicability, risks and benefits. Commercial off-the-shelf methodologies and tools ease the development process. |
Plateau of Productivity | The real-world benefits of the innovation are demonstrated and accepted. Tools and methodologies are increasingly stable as they enter their second and third generations. Growing numbers of organizations feel comfortable with the reduced level of risk; the rapid growth phase of adoption begins. Approximately 20% of the technology’s target audience has adopted or is adopting the technology as it enters this phase. |
Years to Mainstream Adoption | The time required for the innovation to reach the Plateau of Productivity. |
Source: Gartner (May 2026)
Benefit Ratings
Benefit Rating | Definition |
Transformational | Enables new ways of doing business across industries that will result in major shifts in industry dynamics |
High | Enables new ways of performing horizontal or vertical processes that will result in significantly increased revenue or cost savings for an enterprise |
Moderate | Provides incremental improvements to established processes that will result in increased revenue or cost savings for an enterprise |
Low | Slightly improves processes (for example, improved user experience) that will be difficult to translate into increased revenue or cost savings |
Source: Gartner (May 2026)
Maturity Levels
Maturity Levels | Status | Products/Vendors |
Embryonic | In labs | None |
Emerging | Commercialization by vendors Pilots and deployments by industry leaders | First generation High price Much customization |
Adolescent | Maturing technology capabilities and process understanding Uptake beyond early adopters | Second generation Less customization |
Early mainstream | Proven technology Vendors, technology and adoption rapidly evolving | Third generation More out-of-box methodologies |
Mature mainstream | Robust technology Not much evolution in vendors or technology | Several dominant vendors |
Legacy | Not appropriate for new developments Cost of migration constrains replacement | Maintenance revenue focus |
Obsolete | Rarely used | Used/resale market only |
Source: Gartner (May 2026)
Gartner analysts have taken over 4,000 inquiries on the topic of enterprise networking from May 2025 through May 2026.
Networking Hype Index. To help identify and select the most hyped networking terms, Gartner researchers compiled a “hype index.” This hype index is a composite metric that includes client interest (inquiry and portal search), Google Trends, articles in popular periodicals and analyst opinion.