A Look Behind the SD-WAN Scenes: How Do Cloud Security Integrations Work?


The rapid rise in SD-WAN deployments this decade shouldn’t be surprising. It’s the logical result of growing reliance on SaaS and IaaS solutions. Gartner has predicted $3.7 trillion in IT spending for 2018, with enterprise software seeing the highest year-over-year growth rate (9.5 percent) of any domain, thanks in larger part to increased investments in SaaS.

Traditional WANs cannot deliver the expected performance levels or user experiences for these cloud apps. Relying on their hub-and-spoke architectures to handle SaaS/IaaS traffic is like attempting to make a cross-country trip using only local roads: There are some security benefits, but the overall journey will likely be unacceptably long and, by extension, very costly.

As additional services like firewalls are applied to Internet traffic, all the double hops through the WAN provide necessary protections – sort of like speed bumps in highly congested areas – but also degrade end-user satisfaction. Fortunately, essential SD-WAN benefits like centralized management can be combined with WAN security integrations that ensure safe direct connections between remote branch offices (RBOs) and SaaS/IaaS instances.

SD-WAN Security Integrations: A Safer On-Ramp for Cloud Traffic

Let’s look at a few of the security integrations available in Talari Networks solutions to better understand how today’s SD-WAN leaders balance performance and protection:


With the addition of Zscaler, a Talari SD-WAN enables secure Internet breakouts without the need for overly complicated on-site infrastructure at each RBO. Instead of wrangling with the cost and complexity of managing a lot of hardware for every branch, you get to shift key security workloads to the Zscaler cloud. Nodes can transparently forward their traffic via IPsec tunnels that are simpler, faster and easier on bandwidth utilization. The connector to Zscaler is built right into the SD-WAN platform. Once it’s set up, ports and protocols can be inspected, including SSL.

Palo Alto Networks (PAN)

Next-generation firewall (NGFW) services from PAN help strengthen and streamline SD-WAN security. The PAN NGFW can be configured within a virtual or physical deployment, depending on the particular requirements of the WAN in question. For example, the NGFW might be set up out-of-path with the SD-WAN virtual appliance. The NGFW serves as the default gateway and can permit or deny traffic in accordance with predefined policies. Meanwhile, the Talari appliance utilizes both MPLS and commodity Internet links to transmit conduit traffic across the network.

Security Integrations in Context: Curbing the Threat from Sophisticated Cyberattacks

In practice, these and other SD-WAN security enhancements deliver much-needed protections for RBOs, which have traditionally lacked adequate resources for effective defense. Plus, integrations greatly mitigate the risks associated with direct Internet access at branches, contributing to reduced likelihood of expensive breaches and debilitating cyberattacks.

Learn more about Talari’s failsafe SD-WAN solutions with a demo, and be sure to take a look at our cloud connectivity eBook as well:

Categories: Uncategorized