The Vendor Selection Framework
Don't buy the brochure. Buy the solution that solves your specific architectural constraints.
The biggest mistake in SD-WAN procurement is starting with "Which vendor is best?" The answer is always "It depends." Fortinet is great for security; VeloCloud is great for cloud. You must define your needs first.
Step 1: Requirements Definition
Create a "Must Have" vs. "Nice to Have" list. Be ruthless.
- Must Have: BGP support on LAN side? LTE failover built-in? FIPS 140-2 compliance?
- Nice to Have: Fancy integrated reporting? WAN Optimization (Dedup)?
Step 2: The RFP Template
When writing your RFP (Request for Proposal), ask open-ended questions that force the vendor to explain how, not just check a box.
Key RFP Questions
- "Describe how your solution handles a brownout (2% packet loss) on a voice call. Is failover sub-second?"
- "Do you support Zero Touch Provisioning? Describe the workflow from unboxing to full config."
- "How is your licensing structured? Is it by bandwidth, by device, or by feature set?"
- "Can we create a custom application signature for our internal proprietary app?"
Step 3: Scoring Matrix
Remove emotion from the decision. Score each vendor from 1-5 on weighted criteria.
| Criteria | Weight | Vendor A | Vendor B |
|---|---|---|---|
| Technical Fit | 40% | 4 | 5 |
| Cost (TCO) | 30% | 5 | 2 |
| Ease of Use | 20% | 3 | 5 |
| Support | 10% | 4 | 4 |
| Total Score | 100% | 4.1 | 4.1 |
Step 3.5: Support & SLA Evaluation
Do not evaluate a vendor based solely on their data plane and control plane capabilities. The management plane and the post-sale support structure are where most deployments succeed or fail. When running an RFP, explicitly ask for the vendor's Mean Time to Resolution (MTTR) for critical network down events.
If you are leaning toward a managed service provider (MSP), demand a clear demarcation point matrix. Who is responsible when a localized BGP route flaps? Who owns the RMA process for a dead edge appliance? If the SLA only covers the hardware uptime but not the actual application delivery metrics, it is essentially worthless for modern cloud-first organizations.
Step 3.6: Cloud On-Ramp Evaluation
Not all SD-WAN architectures treat cloud access equally. Some vendors rely entirely on the public internet to reach SaaS applications (like Microsoft 365 or Salesforce), utilizing basic local internet breakout. Others have built massive, private global backbones strategically located next to major public cloud data centers.
If your workforce is highly distributed globally and relies heavily on latency-sensitive cloud apps, prioritizing vendors with a robust middle-mile backbone and native cloud on-ramps is critical during the selection phase.
Step 4: The POC "Bake-Off"
Take your top 2 vendors and put them in a lab. Do not skip this step.
Step 5: Contract Traps
Watch out for these common licensing pitfalls:
- Throughput Licensing: Some vendors charge you more if you upgrade your ISP circuit from 100Mbps to 1Gbps. Ensure your license allows for growth.
- Add-on Features: "Oh, you want Advanced Security? That's an extra SKU."
- Cloud Gateway Fees: Data egress charges from the vendor's cloud gateways can add up.
Ready to Issue Your RFP?
Download our template or talk to an architect to review your requirements.