The Convergence of WAN, CDN and Cloud Security

Convergence within the CDN industry began to take shape in the early part of 2015. This year, convergence will accelerate, reshaping incumbent business models and inspiring new ones in the process.

The convergence is likely to echo the disruption that the cloud industry had on legacy providers. In the world of cloud, there are four pillars that form its foundation: cloud compute, cloud storage, content delivery and cloud security.


The disruption created by Amazon, and magnified by Google and Microsoft, is still ongoing, but winners have already emerged. On one side we have the three big winners, and on the other a host of niche players.

The next sector up for disruption is WAN, CDN and Security, which we will refer to as the convergence of infrastructure services. The primary function of infrastructure services is to secure content and deliver it to and from different locations. The methods used in securing and delivering the content are changing dramatically as new startups challenge legacy modes of practice. Incumbent providers must transform their business models, or they face becoming a part of the 40% of businesses that will cease to exist, as John Chambers predicts.

New Growth Markets

As the prices for compute and storage head to zero, industry players are looking for new growth opportunities to invest in. Based on our proprietary research, we have expert guidance on where the trends are headed.

WAN-CDN-Security-Convergence 1 = 1st Generation. 2 = 2nd Generation. 3 = 3rd Generation. 4 = 4th Generation

Convergence of WAN, CDN and Security

As business and consumer applications continue to move to the cloud, legacy infrastructure services like MPLS, CDN caching, and perimeter/datacenter based security services are becoming highly commoditized, consequently falling short of meeting the demands of the newfound cloud ecosystem. The primary force driving the collapse of these once impenetrable industries are the next generation startups, who are pushing the envelope beyond anything that we’ve seen to date in the market.

The startups basically solve an old problem with a radically new approach and brand new business model. The best part: we have identified these game changers, five to be exact, and we’ll preview them all here: Aryaka Networks, Cato Networks, PerimeterX, Viptela and Zscaler.

First, the big picture. Our research indicates that there are two different ecosystems, which are emerging in the industry: those that put CDN infrastructure at the core of their business, and those that don’t. Since we are in the early days of convergence, it’s not yet possible to denote a right or wrong approach.

Three of the five startups have made CDN infrastructure the centerpiece of their strategy: Aryaka Networks and Cato Networks on the WAN side, and PerimeterX in cloud-based security. Although PerimeterX doesn’t have a CDN of its own, its platform integrates into existing CDNs, completely supplementing CDN functionality. Thus every existing CDN Buyer is a potential customer for PerimeterX, regardless of what CDN they are using.

Then we have Viptela and Zscaler, two other startups who, while they are not making CDN infrastructure the centerpiece of their strategy, are disrupting some very large incumbents.

  • WAN over CDN Infrastructure: Aryaka Networks and Cato Networks
  • Leverages CDN for Cloud Security: PerimeterX
  • Non-CDN Strategy: Viptela and Zscaler

The New WAN

Let’s start with the WAN. CDN infrastructure is no longer only about delivering content from origin to consumer in a B2C fashion. In fact, it can be argued that the CDN infrastructure is just as good a fit for the global WAN as it is for B2C CDN delivery. CDN infrastructure can be used in a cloud-based WAN setting to solve problems that MPLS can’t. MPLS is rigid, slow and extremely limited, built to support the pre-cloud days of inter-office connectivity. However, once a finely-tuned high performance CDN is thrown into the mix in place of MPLS, the limitations disappear.

In essence, the cloud-based WAN powered by CDN infrastructure becomes an application-aware, highly intelligent platform that can offer an unlimited number of QoS levels, as opposed to the mere handful offered by MPLS. In the carrier setting, the limited number of QoS levels in MPLS is a direct result of the hardware being used. SDN and NFV are changing that, but we are still years away from carriers having the ability to create new impactful services like cloud-based WANs over CDN infrastructure.

Non-CDN SD-WAN Providers

Some of the cloud-based WAN providers not using CDN infrastructure are Viptela, VeloCloud, Versa Networks and CloudGenix. In a nutshell, these startups take the SDN approach to heart by acting as a layer that manages existing multi-vendor legacy networks. These SD-WAN providers simplify the task of setup, configuration, provisioning, and management from a single pane of glass for existing legacy architectures.

They solve one of the biggest problems today when it comes to WAN: they eliminate the need to learn different management interfaces for setting up and managing routers and different carrier networks. In short, they compliment legacy networks, rather than replacing them. We only included Viptela as part of the five most disruptive companies in our research brief because they are the first to market in their niche, and by far have been the most successful.

CDN Cloud-based WAN

Next, we have a different group of disruptors – Aryaka Networks and Cato Networks. They solve the same problem as the SD-WAN startups but employ a far more radical approach. Instead of leveraging existing outdated MPLS architectures, including Hybrid WANs, they insist on replacing them with a cloud-based WAN solution that scales on demand, anywhere in the world, and offers application intelligence, where QoS levels are unlimited. Furthermore, the foundation of the cloud-based WAN is the CDN infrastructure. Instead of leveraging existing legacy architectures and protocols, they replace it with a global private network of PoPs (points of presence), which naturally makes collaboration amongst branch locations, easy. This is the true meaning of convergence.

Legacy Security and Legacy CDN Convergence

The same shifts are also occurring in the security industry. The notion of buying and selling hardware in order to secure the perimeter or data center is now old school. Many legacy security vendors have updated their existing perimeter/datacenter based architectures and called it a cloud solution, when there is nothing cloud about it. Either a product is pre-cloud or built for the cloud. There is no such thing as a pre-cloud product made for the cloud.

Challenging this approach is Zscaler. Zscaler is one of the first companies to challenge the incumbent business model, and their business has exploded. The only flaw we see in their business model is that it is not powered by CDN infrastructure. Therefore, data can only be secured in the cloud under the Zscaler approach; accelerated content between two locations is not possible. Cato Networks, by figuring in the CDN, avoided the same mistake.

  • Next-Gen Cloud Security no CDN: Zscaler
  • Next-Gen Cloud Security leveraging CDN: Cato Networks


Two different ecosystems, CDN powered and non-CDN powered, have emerged amongst the next generation startups. There are no wrong or right ways of doing it, but we believe that the startups that have made CDN infrastructure an inherent part of their strategy, will have a bigger market opportunity because they are creating new markets, challenging the status quo, and offering superior features at radically low price points.

In summary, Aryaka Networks, Cato Networks and PerimeterX are the most disruptive startups in the global ecosystem to date. We consider them revolutionaries because they are refusing to co-exist with the legacy way of doing things. Instead, these radical gamechangers are challenging the largest incumbents in the world. As a result, they are forcing change in the WAN, CDN and Security industries, as they all converge into one shared sector.

Digiprove sealCopyright secured by Digiprove © 2016