SD-WAN, or software-defined wide area network, is a wide area network that uses software to control network operations across different geographies. SD-WAN is the next evolutionary step from a traditional WAN network which connects local area networks (LANs) together using VPNs or routers and un on MPLS.

    WANs support a traditional client-server model where applications live in on-site data centers but are not designed to support applications hosted in the cloud. WAN networks run over MPLS and cannot directly access cloud resources from the branch but instead follow a hub and spoke design that backhauls traffic through the corporate data center. An SD-WAN extends support and visibility from the enterprise, branch and corporate data center into cloud-based applications allowing remote workers to experience high-performance levels.

    SD-WAN allows WANs to mix and match different transport layers like broadband, 4G, or LTE, instead of only MPLS.



    Moves, adds, and changes can happen on demand without significant preplanning or deployment periods. SD-WAN makes change management much more agile with its scalability of resources. Network changes can be made in a matter of clicks instead of stretching out over weeks and involving multiple parties.


    Bandwidth is pooled from different service providers, so prioritization of specific applications can automatically run on the least congested links – the applications are not tied to underlying transport types but can take the fastest path intelligently for optimized performance. This results in fewer QoS policy violations and mitigates network congestion.


    Is SDWAN Secure?

    The broadness of SD-WAN makes security a top-of-mind concern for many NetOps and SecOps teams alike. The introduction of SASE products that overlay an SDWAN network attempts to correct this oversight but can still fall short. Because you can use different transport types, SD-WAN introduces public cloud and public internet connectivity which can be a concern as an access point for cybercriminals.

    Is the monitoring included with my SD-WAN adequate?

    Some SDWAN monitoring only gives visibility into the overlay SD-WAN fabric but not the underlay transport layers. During deployment and network maintenance, visibility into your entire network, from infrastructure core to cloud, is critical for troubleshooting and managing network health.

    Find out if your SD-WAN native monitoring platform includes visibility into:

    • network devices
    • each transport provider and their SLAs
    • data centers
    • cloud applications
    • north-south and east-west traffic

    If not, you may need to supplement your monitoring platform with additional tools.

    Related Products


    Network Performance
    Management Software


    Extend Network


    Packet Capture
    and Analysis

    Related Glossary Terms

    QoS, or quality of service, is key to ensuring the performance of critical applications on a network. Learn how QoS works and its benefits.

    A protocol analyzer is an essential tool for network operations. Protocol analyzers act as a vital intermediary between devices within a network, allowing administrators to gain valuable insights into the active communication between these devices.

    By encrypting “stolen” files and demanding a ransom payment for the decryption key, bad actors force organizations to pay a ransom because it is sometimes the easiest and most cost-effective way to regain access to the files.

    Encryption is a data security practice that converts normal, readable information into an unintelligible cypher. Once network traffic is encrypted, it can only be accessed by authorized users with a key, or by advanced encryption practices that can decode cyphertext. This process allows organizations to safely move confidential and sensitive information around without exposing it to bad actors.

    Packet analysis is a primary traceback technique in network forensics, which, providing that the packet details captured are sufficiently detailed, can play back even the entire network traffic for a particular point in time.

    Packet loss causes reduced throughput, diminished security, and other issues in your network. Learn about causes and effects and how you can mitigate its impact.