Palo Alto Networks SD-WAN

PAN-OS Security

with SD-WAN Functionality

Software-Defined Wide Area Network (SD-WAN) is a technology that allows you to use multiple internet and private services to create an intelligent and dynamic WAN, which helps lower costs and maximize application quality and usability.

Beginning with PAN-OS^® 9.1, Palo Alto Networks^® offers strong security with an SD-WAN overlay in a single management system. Instead of using costly and time-consuming MPLS with components such as routers, firewalls, WAN path controllers, and WAN optimizers to connect your WAN to the internet, SD-WAN on a Palo Alto Networks firewall allows you to use less expensive internet services and fewer pieces of equipment. You don’t need to purchase and maintain other WAN components.

SD-WAN Link

and Firewall Support

SD-WAN supports the following types of WAN connections: ADSL/DSL, cable modem, Ethernet, fiber, LTE/3G/4G/5G, MPLS, microwave/radio, satellite, WiFi, and anything that terminates as Ethernet to the firewall’s interface. You decide the appropriate strategy for how to use the links. You could use inexpensive broadband connections before expensive MPLS or LTE connections. Alternatively, you could use specific VPN tunnels to reach specific hubs in a region

Centralized Management

Your Security, Our Priority

Panorama™ provides the means to configure and manage SD-WAN, which makes configuring multiple options on many geographically-dispersed firewalls much faster and easier than configuring firewalls individually. You can change network configurations from a single location rather than configuring each firewall individually. Auto VPN configuration allows Panorama to configure branches and hubs with secure IKE/IPSec connections. A VPN cluster defines the hubs and branches that communicate with each other in a geographic region. The firewall uses VPN tunnels for path health monitoring between a branch and a hub to provide subsecond detection of brownout conditions.

The Panorama dashboard provides visibility into your SD-WAN links and performance so that you can adjust path quality thresholds and other aspects of SD-WAN to improve its performance. Centralized statistics and reporting include application and link performance statistics, path health measurements and trend analysis, and focused views of application and link issues.

Begin by understanding your SD-WAN use case, then review the SD-WAN configuration elements, traffic distribution methods, and plan your SD-WAN configuration. To greatly accelerate the configuration, the best practice is for you to export an empty SD-WAN device CSV and enter information such as branch office IP address, the virtual router to use, the firewall site name, zones to which the firewall belongs, and BGP route information. Panorama uses the CSV file to configure the SD-WAN hubs and branches and to automatically provision VPN tunnels between hubs and branches. SD-WAN supports dynamic routing through eBGP and is configured using Panorama’s SD-WAN plugin to allow all branches to communicate with the hub only or with the hub and other branches.

Schedule a Demo Today

We're Here to save you time and Money

First Name

Last Name

Phone

Solution or Service Interested In

Company Name

What industry are you in?

2086737152