Software-defined WAN (SD-WAN) adds a layer of software intelligence to your WAN infrastructure.
SD-WAN routes deliver zero-impact failover with performance SLAs for multiple gateways, enabling you to optimize your WAN infrastructure. See SD-WAN routing behavior.
You can route traffic based on applications, users and groups, and network criteria, such as the incoming interface, source and destination networks, and services. You can implement Service Level Agreements (SLA) for gateway performance.
SD-WAN on Sophos Firewall and Sophos Central
SD-WAN routes on Sophos Firewall enable you to implement routing decisions based on the criteria you specify. To route traffic through more than two gateways and apply SLAs, you can select an SD-WAN profile in the SD-WAN route.
To connect your head office and branch offices in a hub-and-spoke, multiple-hub-spoke, or full mesh network with SD-WAN IPsec tunnels, you can configure SD-WAN connection groups on Sophos Central.
Route traffic based on applications and users from Sophos Firewall. Select an SD-WAN profile to route through multiple gateways using SLAs.
SD-WAN connection groups
Connect the head office and all your branch offices through automatically created IPsec tunnels using firewall connection groups from Sophos Central.
Leveraging SD-WAN routes
You can optimize MPLS, ISP, LTE links, and IPsec tunnel (XFRM) interfaces with zero-impact failover using SD-WAN profiles. Additionally, you can configure routes based on network criteria and business requirements.
Enforce zero-impact failover across multiple gateways based on SLAs for jitter, latency, and packet loss in the SD-WAN profile you select.
User and application-based routes
Match traffic based on users and groups, application objects, and network criteria in the SD-WAN route.
SD-WAN monitoring and logging
You can monitor the performance of gateways used in SD-WAN profiles and routes and see detailed SD-WAN logs.