E-Handbook: SD-branch devices promise network, security benefits Article 1 of 4

SD-branch devices offer needed integration for branch sites

IT organizations have long desired a branch office setup that collapses the various required functionalities of a branch network onto a single platform. Even more desirable is the ability to manage, control and integrate those functions, instead of having disparate processes for each individual function.

Branch connectivity evolved with the emergence of software-defined WAN (SD-WAN) and its centralized control that distributes configured policies throughout the network. While SD-WAN technology offers features that optimize WAN transport to branch locations -- thereby improving application performance -- it can lack adequate integration with network functions that are vital for branch security.

Most SD-WAN offerings still require branch locations to backhaul traffic to the corporate data center to undergo separate security measures. But this extra backhaul step is both time-consuming and inefficient, especially as more business increasingly rely on cloud and SaaS tools. As a result, organizations started asking for offerings that perform both network and security functions directly at the branch location, in the same device.

Enter software-defined branch (SD-branch). SD-branch integrates security functionalities that are traditionally hosted in the data center -- such as caching, URL filtering and firewalling -- in a device that is deployed at the branch location. SD-branch devices also tack on networking functions, such as SD-WAN, Wi-Fi, 4G/5G and routing, all with a single management and orchestration platform.

SD-branch is a maturing market, and its management and orchestration capabilities still have room for improvement. However, as businesses stress the importance of converged networking and security capabilities, SD-branch will remain a compelling option. Use this guide to explore the integration of SD-branch devices and the technology’s goal to build common orchestration between the LAN, wireless LAN, WAN and security.