Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1148
Views
0
Helpful
3
Replies

SD-WAN and the internet

Go to solution
richardshannonBasset
Level 1
Level 1

‎08-16-2023 06:08 AM

I am having a debate with a colleague and wondered if some of you could please clarify:  
If I implement an SD-WAN accross several sites my understanding of the benefits are:
1) Connectivity is secure between the sites
2) I can use any internet connection and pop and SD-WAN capable device st the site, then join it to the SD-WAN HUB and off we go
3) I can use it in a hybrid scenario still connecting the HUB to my MPLS until all sites are migrated
4) connectivity between the sites on the SD-WAN is optimised so technically it is faster
There are more benefits I know

Questions
1) If is implement SASE SD-WAN without a physical device at each remote site, does this mormally require a VPN from the providers SASE to my DC, ie. a VPN tunnel 
2) Is it better to place a physical device at each location and have an SD-WAN and not SASE
3) If each site has a local internet breakout and the SD-WAN optimises connectivity, is the optimisation only on the traffic to and from all other SD-WAS sites and will my internet connectivity improve(I have a 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎08-16-2023 06:46 AM

Hello @richardshannonBasset,

1/ In a SASE architecture, SD-WAN capabilities are often provided as a cloud-based service by the SASE provider. If you don't deploy a physical SD-WAN device at each remote site, you would still need a way to connect those sites to the SASE provider's cloud infrastructure. This could involve setting up VPN tunnels or other secure connectivity mechanisms.

2) The decision of whether to deploy a physical SD-WAN device at each site or use a SASE approach depends on your organization's requirements and preferences. Physical devices offer more control and visibility at the edge but may require more management and resources. SASE provides a more cloud-centric and service-oriented approach, potentially simplifying deployment and management.

3) When implementing SD-WAN, including local internet breakouts at each site, the optimization typically extends to traffic between all SD-WAN sites. The SD-WAN solution optimizes and intelligently routes traffic between different sites, potentially improving the overall performance for applications hosted across those sites. However, whether your general internet connectivity improves significantly depends on various factors, including the capabilities of the SD-WAN solution, the quality of your internet connections, and the overall network design.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
M02@rt37
VIP
VIP

‎08-16-2023 06:46 AM

Hello @richardshannonBasset,

1/ In a SASE architecture, SD-WAN capabilities are often provided as a cloud-based service by the SASE provider. If you don't deploy a physical SD-WAN device at each remote site, you would still need a way to connect those sites to the SASE provider's cloud infrastructure. This could involve setting up VPN tunnels or other secure connectivity mechanisms.

2) The decision of whether to deploy a physical SD-WAN device at each site or use a SASE approach depends on your organization's requirements and preferences. Physical devices offer more control and visibility at the edge but may require more management and resources. SASE provides a more cloud-centric and service-oriented approach, potentially simplifying deployment and management.

3) When implementing SD-WAN, including local internet breakouts at each site, the optimization typically extends to traffic between all SD-WAN sites. The SD-WAN solution optimizes and intelligently routes traffic between different sites, potentially improving the overall performance for applications hosted across those sites. However, whether your general internet connectivity improves significantly depends on various factors, including the capabilities of the SD-WAN solution, the quality of your internet connections, and the overall network design.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

Go to solution
richardshannonBasset
Level 1
Level 1
In response to M02@rt37

‎08-16-2023 07:04 AM

Amazing.  I know people might say this all the time but that is exactly what my view is.

Thanks very much

0 Helpful

Go to solution
richardshannonBasset
Level 1
Level 1

‎08-16-2023 08:13 AM

Actually, one final question(and I think I know the answer).  If an SD-WAN is being suggested to speed up connecting and divesting new/old sites, I can see a potential speed benefit for an SASE but I believe that if I don't put a SD-WAN capable firewall on each site, I will still require a Firewall that delivers a secure connection or that would leave the site vulnerable would it not.

For example, I replace Cisco Firepower with a Draytek and then a VPN.  This site with the Draytek is surely not as secure as the Firepower or say a Meraki MX series?

Thanks very much

0 Helpful
Customers Also Viewed These Support Documents