SD-WAN enhancements are coming in XG Firewall v18
Credit to Author: scottgrebesophos| Date: Fri, 20 Dec 2019 20:30:55 +0000
XG Firewall v18 is almost here! Not only will the latest firmware release provide a significant boost in visibility, protection and performance with our new Xstream Architecture, it will also deliver enhancements to our integrated SD-WAN capabilities designed specifically for distributed organizations with remote and branch locations.
If you haven’t signed up for the XG Firewall v18 Early Access Program (EAP), it’s not too late to join. We’ve just released the EAP 3 build with more exciting features, including several for those interested in making the switch from MPLS to SD-WAN.
Overcoming challenges with SD-WAN
As more business applications and services move to the cloud, organizations are looking for ways to reduce the cost of one of their biggest IT expenditures: their wide area network (WAN) or internet connectivity.
This need has helped create a tremendous amount of buzz around SD-WAN, and rightly so, given the benefits it can provide for savings and simplification. However, as organizations transition their WAN infrastructure to lower-cost public internet connections like cable, DSL and 3G/4G, they also need to deal with the added challenges that come those internet connections, including potential compromises on uptime, reliability and quality of service. This usually entails having multiple service providers, connections and routes between any two points.
As a result, the need for SD-WAN features and capabilities that enable organizations to flexibly route their most important application traffic has become critically important.
Key SD-WAN features in v18
SD-WAN policy-based routing enhancements
Policy-based routing gains additional SD-WAN flexibility and even more granular control. If you have multiple internet connections, routing can now be defined through either the primary or backup gateway WAN connection and can be configured for replay direction.
Additionally, routing decisions are now decoupled from firewall rules and merged with SD-WAN policy-based routes, enabling more powerful and flexible configuration options in policy routes.
SD-WAN application routing
Optimized application routing and path selection is often an important consideration when implementing SD-WAN.
XG Firewall v18 adds user and group application-based traffic selection criteria to XG Firewall’s SD-WAN routing configuration to ensure business-critical applications are routed over optimal WAN links.
Synchronized SD-WAN
Synchronized SD-WAN, a new Sophos Synchronized Security feature, offers additional benefits with SD-WAN application routing. It leverages the added clarity and reliability of application identification that comes with the sharing of Synchronized Application Control information between Sophos-managed endpoints and XG Firewall.
Synchronized Application Control can positively identify 100% of all networked applications, including evasive, encrypted, obscure and custom applications. Now, these previously unidentified applications can also be added to SD-WAN routing policies, offering a level of application routing control and reliability that other firewalls can’t match.
For those of you who’ve been testing EAP 1 or EAP 2 firmware, thanks for providing feedback and be sure to check out the latest EAP 3 build.
If you’re new to SD-WAN and want to learn more about how XG Firewall integrates this technology and the benefits you’ll experience, see our SD-WAN page on the Sophos website.