Sophos. SD-WAN and XG Firewall
Few terms in networking have generated as much buzz recently as SD-WAN (or Software Defined Networking in a Wide Area Network). All that buzz has been accompanied by equal doses of useful information and confusing rhetoric. As a result, SD-WAN has grown to mean a lot of different things to different people, while some are still trying to figure out exactly what it means.
Fundamentally, SD-WAN is usually about achieving one or more of these networking objectives:
- Reduce connectivity costs: Traditional MPLS connections are expensive, and organizations are shifting to multiple more affordable broadband WAN options
- Business continuity: Organizations require solutions that will elegantly handle WAN failures and outages, and are looking for redundancy, routing, fail-over and session preservation
- Simpler branch office VPN orchestration: VPN orchestration between locations is often complex and time-consuming, so organizations are looking for tools to simplify and automate deployment and setup
- Quality of critical applications: Organizations are seeking real-time visibility into application traffic and performance in order to maintain session quality of mission-critical business apps
What’s most important to you?
XG Firewall includes all the common SD-WAN features and capabilities you need to achieve these goals. Check out our XG Firewall and SD-WAN Solution Brief for the full details, but here’s a quick summary of how XG Firewall can help you achieve your SD-WAN objectives:
Multiple WAN links: XG Firewall offers support for multiple WAN links, including a variety of copper, fiber, and even cellular interface options. XG Firewall can terminate MPLS circuits using Ethernet handoff and VDSL through our optional SPF modem. XG Firewall also offers essential WAN link monitoring, balancing, and fail over capabilities.
Branch office connectivity: Sophos has long been a pioneer in the area of zero-touch branch office connectivity with our unique SD-WAN RED devices. These affordable devices are super easy to deploy by a non-technical person, and provide a robust secure Layer 2 tunnel between the device and a central XG Firewall. XG Firewall also supports site-to-site RED tunnels, as well as a variety of standard VPN solutions and easy orchestration wizards and tools to make inter-office connectivity quick and painless.
VPN support and orchestration: XG Firewall offers support for all the standard site-to-site VPN options you would expect including IPSec, SSL, and even our own unique RED Layer 2 tunnel with routing that is very robust and proven to work reliably in high-latency situations such as over-satellite links. Sophos Firewall Manager or Central Firewall Manager also offer centralized multi-site VPN orchestration tools to easily set up a mesh of VPN SD-WAN connections. XG Firewall also offers a flexible failback option to automatically fail back to the primary VPN connection when a WAN link is restored.
Application visibility and routing: You can’t route what you can’t identify, so accurate, reliable application identification and visibility is critically important. This is one area where XG Firewall and Synchronized Security provide an incredible advantage. Synchronized Application Control provides 100% clarity and visibility into all networked applications, providing a significant advantage in identifying mission critical applications, especially obscure or custom applications.
XG Firewall also includes application-based routing and path selection in every firewall rule as well as policy based routing (PBR), making it easy to direct important application traffic out the optimal WAN interface. Additionally, it includes predefined Fully Qualified Domain Name (FQDN) objects for popular SaaS cloud services with thousands of FQDN hosts definitions included out of the box with the option to easily add more.
What’s Next for SD-WAN with XG Firewall?
XG Firewall includes many innovative solutions to help organizations reach their SD-WAN objectives – from great WAN connectivity options to our unique RED SD-WAN appliances, to our unmatched application visibility and great routing options.
XG Firewall offers a powerful, flexible network connectivity and security solution for every type of network and Sophos is continuing to invest in SD-WAN capabilities in upcoming releases, with new features for link monitoring and management, VPN orchestration, and application routing.
Check out our XG Firewall and SD-WAN Solution Brief, to get further insights into how XG Firewall is solving the top challenges with SD-WAN and helping organizations achieve their important SD-WAN goals.