If you need help, call (352) 316-7704
What is SD-WAN?
Software-Defined Wide Area Networking (SD-WAN) is a great way to simplify a branch office network and gives optimal application performance by using centrally controlled and managed WAN virtualization.
Compared to a traditional WAN, SD-WAN delivers cost reduction and allows for a more agile Network implementation. SD-WAN has its roots in Software-Defined Networking (SDN), the underlying principle of which is to abstract the network hardware and transport characteristics from the applications that use the network.
Characteristics of Peplink SDWAN
- The device, either virtual or physical, must support more than one WAN source
- The device needs to use all WAN sources simultaneously
- The device must be able to use software to define how those sources are used. For instance, being able to send HTTP traffic over WAN 1 and Voice traffic over WAN 2
- Load balance incoming/outgoing traffic
- Bond all WAN sources between SDWAN appliances
Multiple WANs For Incoming Access
First, it protects from carrier failure, ensuring continuity of services. Additionally, incoming VPNs and SSL traffic can be distributed on all WANs which increases service speeds and reliability for external users. In terms of security, enabling L2TP VPN traffic for employees into the network secures their access allowing them to encrypt their traffic on public networks. Peplink uses L2TP VPNs, which can be enabled on all devices for simplified connectivity for remote workers.
Multiple WANs helps outbound security and reliability by distributing outgoing communications over all circuits. Further, you can use DNS services like WebTitan with Peplink's built in DNS proxy to prevent users from defining their own DNS provider and bypassing DNS based security. Peplink routers also have subscription free content blocking. When you combine that with a good default deny policy on the firewall, we can reduce unwanted outgoing traffic. Additionally, using multiple WANs makes it more difficult for an attacker to listen to your traffic as standard load balanced sessions are split among all available WANs reducing your attack surface. Adding bonding to your solution makes it even better.
Increases Reliability and Security While Reducing Costs
Bonding increases reliability and security while reducing costs by encrypting all WANs, splitting traffic over those WANs, and centralizing your security architecture. If you previously thought a VPN was secure, imagine a VPN that splits the data over several WANs. Basically, only a small piece of each 256bit AES encrypted packet flows through each WAN, that sounds secure to me.
For added security, when setting up remote sites, with Peplink SpeedFusion VPN, we set “deny all in / deny all out” as their default firewall rule. You might ask, “What about next gen firewall?” We can setup any firewall at your central site to be the default route for all internet-based traffic. Now you have a single, easy to monitor point of entry and exit. By centralizing your firewall, either at a corporate headquarters or in the cloud, you can easily manage total security in your organization.
Security and Reliability are accomplished by:
- Using Peplink routers with multiple WANs which will protect your business from WAN failures and add multiple outbound and inbound paths.
- Adding bonding which allows VPN traffic to be encrypted with 256bit AES and adds packet distribution over all available WANs.
- Bonding for session persistence over all WANs for unbreakable communications.
- When combined with centralized security, Bonding, allows remote sites to enforce a deny all in and out to minimize attack surface.
- Bonding with centralized security provides a single point of entry and exit which is easier to monitor and secure with a single appliance.
Typically, a multisite company might implement technologies like MPLS or P2P ethernet to achieve accessibility between sites. The issue with these solutions is communication and reliability are limited to a single carrier. That carrier is marking up the cost of the circuit exponentially. For the same price as a 5mbps MPLS, most companies can get a 30mbps commodity circuit. When you compare the costs of MPLS/Leased/P2P connections to the cost of quality internet, the cost of quality internet is significantly less.
Also, by opting for multiple internet connections, you have carrier redundancy and more power to control your costs. Additionally, centralizing security leaves you with one next gen appliance with one subscription, and a simplified network design. This allows for lower TCO and simplified management with increased reliability.
MPLS REPLACEMENT COST SAVINGS
- Lowering individual circuit costs by replacing managed circuits with commonly available ones.
- Using Peplink SpeedFusion VPN to create and manage your own site to site WAN network.
- Replacing MPLS/P2P and IPSec and their expensive hardware and service fees.
- Eliminating expensive service contracts.
- Reducing management overhead.
- Taking ownership of your network allowing you to leverage discounts from carriers for lower costs and increased speeds as new option are available.
- Adding bonding with centralized security. You’ll simplify hardware and reduce the cost of expensive firewall subscriptions.
Drop In Mode
Duis dignissim mi ut laoreet mollis. Nunc id tellus finibus, eleifend mi vel, maximus justo.
Maecenas mi tortor, pellentesque eleifend lectus.
Maecenas ultrices tellus sit amet sem placerat tempor. Maecenas eget arcu venenatis, sagittis felis sit amet, dictum nisl. Orci varius natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus.
Phasellus vitae vulputate elit. Fusce interdum justo quis libero ultricies laoreet.
- Quisque cursus et, porttitor risus.
- Nulla ipsum dolor lacus, suscipit adipiscing.
The SD-WAN Ecosystem
Balance Router Series
MAX Router Series
Transit Router Series
Next Gen Modular Routers
First Net Routers
Switch and APs
They complete the ecosystem!.
Manages the System