Sangfor Secure SD-WAN

As businesses grow, managing WAN across multiple sites becomes increasingly complex and costly with traditional solutions like MPLS. SD-WAN addresses these challenges by decoupling control functions from physical networks, simplifying management and reducing costs. Sangfor Secure SD-WAN builds on this foundation by providing safe, efficient, and reliable connectivity between locations. The Athena NGFW device acts as the edge gatekeeper, allowing only authorized traffic and protecting data confidentiality, integrity, and availability.

Watch the Video
Watch the Video

Challenges at Network Edges

 

Resilience

Resilience

security

Security

Management

Management

Link failover leads to business interruption;
Poor link quality affects core business operations;
Limited bandwidth in WAN link for business; 
High cost when expanding MPLS or
using multiple links

Gaming and streaming media while at work;
Malicious files spread internally via the
network or USB drives;
Botnet detection and prevention;
Zero-day exploits originating from branches;
Ransomware/APT Attack

Onsite deployment and troubleshooting
by engineers;
Complex configuration;
No awareness of branch business activities

 

 

What Solution Do You Need

 

Resilience

Resilience

Security

Security

Management

Management

Automatic link failover;
Dynamic path selection;
Internet link with IPSec VPN to provide
a better experience at a lower cost

Application/URL filtering & Bandwidth 
Management to block unwanted access;
Stop known & unknown threats with Sangfor
Engine Zero, Neural-X, and Athena EPP;
IPS & Web Application Firewall to
protect clients and core systems

Lower link and management costs;
Zero-touch deployment;
Unified policy management;
Centralized traffic visibility;
Centralized security visibility;
Simplified security operation

Sangfor Secure SD-WAN High-Level Architecture

Solution Components

icon plus flip icon cross flip
Athena NGFW

Athena NGFW

Athena NGFW

Advanced Next-Generation Firewall that integrates with Athena EPP to share threat intelligence and enable one-click endpoint scans and threat mitigation.

icon plus flip icon cross flip
Central Manager

Central Manager

Central Manager

Centralized management platform providing unified network and security monitoring, device and security policy management, report generation, and more.

Secure SD-WAN Key Values

The Secure SD-WAN solution not only ensures safe connections but also enhances network security with features like IPS, Application Control, URL Filtering, APT Prevention, and Malware Inspection. The SOC Lite module continuously monitors for potential attacks and vulnerabilities, ensuring comprehensive protection against various threats.

Athena NGFW’s SOFAST engine sends redundant packets based on bandwidth availability and application needs to minimize packet loss and uses the FEC algorithm to rebuild lost packets. This reduces packet loss at the application level, ensuring an optimal access experience.

Integrating Athena NGFW with Athena EPP allows for the correlation of network and endpoint data, thereby improving the detection of security threats and attacks. Verified incidents can easily be mitigated with one click on the Athena NGFW console.

Centralized policy and report management simplifies the process of setting and overseeing network rules and generates easy-to-understand reports about network performance and security incidents, ensuring consistent and effective security measures across the network.

Seamlessly integrates with hybrid WAN architectures, allowing businesses to leverage multiple network connections, including MPLS, broadband, and LTE, to create a resilient and cost-effective network infrastructure.

The solution offers a cost-effective alternative to traditional WAN solutions by optimizing bandwidth usage and reducing reliance on expensive MPLS links. By consolidating network and security functions into a single platform, organizations can achieve significant cost savings while improving network performance and security.

Athena SWG Success Stories

See More

Discover the success stories of Sangfor customers across various industries, including enterprise, government, healthcare, and education.

Multinet Trust Exchange LLC
Customers

Multinet Trust Exchange LLC

Read Now
PT Toyota Astra Motor (TAM) logo
Customers

PT Toyota Astra Motor (TAM)

Read Now
Multinet Trust Exchange LLC

Multinet Trust Exchange LLC

Read Now
PT Toyota Astra Motor (TAM) logo

PT Toyota Astra Motor (TAM)

Read Now
See More

Videos

SD-WAN vs. Secure SD-WAN | Three Key Advanatges of Sangfor Secure SD-WAN

video-image
SD-WAN vs. Secure SD-WAN | Three Key Advanatges of Sangfor Secure SD-WAN
video-image
Sangfor SD-WAN Whiteboard Video

Frequently Asked Questions

 

An SD-WAN is a software-defined wide-area network that allows for the use of multiple WAN technologies, such as MPLS, Frame Relay, ATM, and Ethernet. The main benefit of enterprises using an SD-WAN solution is that it allows for the deployment of different protocols across the same physical infrastructure. This makes it easier to deploy new services and keep costs down.

Hackers often target branch offices to gain initial network access because they are typically less well protected than HQ. Once the branch is compromised, hackers can move laterally to the HQ environment via the MPLS or VPN links between the branch and HQ.

Sangfor Secure SD-WAN integrates advanced networking and security features in one solution, making it more comprehensive than traditional SD-WAN. Below is a detailed comparison:

FeaturesSangfor Secure SD-WANTraditional SD-WAN
1. Offerings
Central ManagementYESYES
CPESangfor Network Secure FirewallSD-WAN devices or Routers
SaaS AccessSangfor Access SecureNO
2. SD-WAN & Orchestration
SD-WAN Path Selection Based on SLA
(Latency, Jitter, Packet Loss, Application)		YESYES
SD-WAN Path FailoverYESYES
Link Load BalancingYESYES
Zero-Touch DeploymentYESYES
Centralized Policy ManagementYESYES
Centralized Traffic Visbility & ReportingYESYES
Centralized Config Backup & RestoreYESYES
3. Security Capabilities
Application Control & URL FilteringYESPARTIAL
Bandwidth ManagementYESYES
Intrusion Prevention SystemYESNO
APT, Malware InspectionYESNO
Security Operation & ResponseYESNO
Endpoint Security IntegrationYESNO
Security Service Team/MDRYESNO
4. WAN Optimization
FEC or Packet Dulplication for Noisy ChannelsYESNO
Deduplication, CachingNONO
SaaS Application OptimizationYESNO

Download Center

Sangfor SD WAN Brochure

3.09 MB

pdf