{"id":103575,"date":"2019-11-21T13:00:39","date_gmt":"2019-11-21T21:00:39","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=103575"},"modified":"2019-11-22T08:09:35","modified_gmt":"2019-11-22T16:09:35","slug":"cloud-sase-secure-sd-wan","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2019\/11\/cloud-sase-secure-sd-wan\/","title":{"rendered":"Better Together: Security + SD-WAN by Palo Alto Networks"},"content":{"rendered":"

By\u00a0Koroush Saraf, VP, Product Management for SD-WAN<\/span><\/p>\n

 <\/p>\n

Applications moving to the cloud and increased user mobility are changing the way networking and network security services must be delivered. Palo Alto Networks founder and CTO Nir Zuk believes that the future of network security is in the cloud, and has been driving this change for the past few years, with Prisma Access, the industry\u2019s most comprehensive SASE. In this ongoing series, Palo Alto Networks thought leaders explore the core tenets of an integrated, effective SASE solution, and more broadly, its implementation and implications.<\/span><\/i><\/p>\n

We live in an age of cloud and digital transformation. Users and applications are moving outside the traditional network perimeter, accessing an ever increasing number of applications \u2013 both SaaS and in the public cloud. Organizations face the challenge to proactively protect their users, applications and data from security threats, without compromising user experience.<\/span><\/p>\n

 <\/p>\n

Cloud Access Needs Security That Is Simple<\/b><\/p>\n

In order to solve the complexity of networking and security, a single, unified platform for cloud access is needed. Gartner writes about a model known as the \u201csecure access service edge,\u201d or <\/span>SASE<\/span><\/a> (pronounced \u201csassy\u201d). In Gartner\u2019s words:<\/span><\/p>\n

\u201cThe secure access service edge is an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions, such as SWG, CASB, FwaaS and ZTNA, to support the dynamic secure access needs of digital enterprises.\u201d <\/span>(Gartner, The Future of Network Security is in the Cloud, 30 August 2019)<\/span><\/p>\n

A <\/span>SASE solution<\/span><\/a> converges connectivity (SD-WAN, VPN, QoS, etc.) and security (including FWaaS, CASB, DLP, ZTNA, DNS, etc) into one unified, cloud-delivered solution. <\/span>Prisma™ Access<\/span><\/a> by Palo Alto Networks is the industry\u2019s most comprehensive SASE solution. To further drive momentum for our SASE, Palo Alto Networks now offers the most secure SD-WAN solution in the industry. <\/span><\/p>\n

 <\/p>\n

SD-WAN from Palo Alto Networks<\/b><\/p>\n

\"SD-WAN<\/p>\n

Before we get into the details of the unique and compelling capabilities of Palo Alto Networks SD-WAN, here is a quick introduction to SD-WAN. <\/span>Software-Defined Wide Area Network<\/span><\/a> (SD-WAN) offers a transformational approach to optimize branch office networking and assures peak application performance. In fact, according to Gartner\u2019s Magic Quadrant for WAN Edge Infrastructure (October 18, 2018), Gartner states that \u201cby 2023, more than 90% of WAN edge infrastructure refresh initiatives will be based on vCPE platforms or SD-WAN appliances vs. traditional routers\u00a0 (up from less than 40% today).\u201d\u00a0<\/span><\/p>\n

But although SD-WAN offers <\/span>many benefits<\/span><\/a>, it also brings many challenges, including new security risks, unreliable performance and increased complexity. SD-WAN exposes the branch to public Internet and moves security close to the branch edge.\u00a0 When security is an afterthought, it tends to be bolted on, introducing management complexity and subpar protection. Moreover, network performance becomes less reliable because organizations use the congested internet as the WAN middle mile \u2013 and when customers try to address this by building their own SD-WAN hub and interconnect infrastructures, it can translate into more complexity.<\/span><\/p>\n

By using Prisma™ Access as the SD-WAN hub, customers can address several transformation challenges all at once. Prisma Access provides bookended SD-WAN hub-as-a-service, as well as high-performance, low-latency global interconnect between branch offices and cloud workloads. Combining security and end-to-end SD-WAN<\/a> provides the best user to application experience. Customers can easily consume our secure Prisma Access SD-WAN hub as a service, eliminating the complexity of building their own SD-WAN hub and global interconnect fabric. Equally important, customers have options with our solution \u2013 they can build their own hub using Palo Alto Networks Next-Generation Firewalls, both hardware appliances and virtualized form factors like the <\/span>VM-Series<\/span><\/a>.\u00a0\u00a0<\/span><\/p>\n

Palo Alto Networks SD-WAN<\/span><\/a> allows customers to seamlessly adopt an end-to-end SD-WAN architecture with natively integrated, world-class security and connectivity. Through tight integration, customers can manage security and SD-WAN on a <\/span>single, intuitive interface<\/span><\/a>.<\/span><\/p>\n

\"End-to-End<\/p>\n

Palo Alto Networks SD-WAN enables organizations to confidently manage their branch and cloud transformation initiatives, and realize a host of benefits:<\/span><\/p>\n

Flexible Deployment Options \u2013\u00a0<\/b>Palo Alto Networks is the only vendor in the industry to offer both cloud-based SD-WAN Hub and Interconnect as a service, as well as components (both VM-Series virtualized form factor and hardware appliances) for customers to build their SD-WAN deployment on their own.\u00a0\u00a0<\/span><\/p>\n