The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The evolving complexity of modern networks
The adoption of multicloud environments has presented numerous challenges for IT and network operations teams. With the shift to hybrid work models and multicloud application strategies, the network and overall IT experience has become more fragmented, less secure, and increasingly difficult to manage and scale. The proliferation of users and devices, hyper-distribution of applications, and expansion of infrastructure have resulted in IT teams struggling to effectively manage their WANs. The complex architectures that support critical applications present serious obstacles to consistent application delivery, cloud connectivity optimization, troubleshooting, and security in a highly distributed environment.
Furthermore, the scattered nature of multiple infrastructures extending from WAN to cloud through different provider workflows makes it difficult to gain comprehensive visibility into applications and infrastructure. This prevents failure resolution, risk management, and resource forecasting, leading to challenges in delivering seamless and secure access to business-critical applications across all clouds, in providing superior unified experiences, and in responding to business demands quickly.
As a result, IT and network operations teams must be able to pivot their networks to support distributed workforces while delivering secure and seamless access to business-critical applications across all clouds. They also need to gain valuable insights that enable them to respond to business demands more quickly. Achieving this requires a comprehensive solution that simplifies network management, provides real-time visibility into network performance and security, and adapts to changing network requirements.
Cisco Catalyst SD-WAN simplifies your network transformation
Cisco Catalyst™ SD-WAN connects any user to any application with integrated capabilities for multicloud, security, predictive automation, and enhanced network visibility — all on a Secure Access Service Edge (SASE)-enabled architecture. It helps ensure a predictable user experience for applications optimized for Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), and Platform-as-a-Service (PaaS) connections. Comprehensive on-premises and cloud-based security with a zero-trust approach protects against cyberthreats while enabling IT teams to accelerate the transition to a SASE architecture where and when it is needed. Analytics capabilities deliver the visibility and granular insights necessary to predict fault domains and automatically resolve issues before they impact users.
Cisco Catalyst SD-WAN simplifies network operations by providing granular network insights, automation, and predictivity that not only heighten network integrity but also deliver an optimal application experience. By liberating IT and network teams from complex network operations, Cisco Catalyst SD-WAN empowers them to maximize productivity and improve operational efficiency and resiliency, ultimately accelerating digital transformation and innovation.
Don’t struggle with your move to multicloud: Only Cisco delivers a flexible and secure SD-WAN to make modern applications, migrations, and transformations simple.
Benefits of Cisco Catalyst SD-WAN
Customers deploying Cisco Catalyst SD-WAN realized these benefits:
● 402% 5-year ROI
● 15.6 months to payback
● 39% lower total cost of operations
● 38% more efficient network management
● 167% more available bandwidth
● 71% more efficient help desk operations
● 38% savings in network infrastructure
● 94% reduction in unplanned downtime
● 77% reduction in network degradation
● $1.5 million additional revenue gained or protected
See more Cisco Catalyst SD-WAN benefits here.
Table 1. Benefits of Cisco Catalyst SD-WAN
Benefit |
Features |
Enhanced application experience |
● Dynamic path selection that automatically steers critical applications around network problems.
● Multiple hybrid active-active links for all scenarios.
● Micro-segmentation and identity-based policy management that drive consistent multidomain policy enforcement for a uniform user experience.
● Ability to monitor and validate the usability and performance of web applications, including SaaS and internally hosted apps, to optimize digital experiences for employees and internal systems.
● Path analytics for Microsoft 365 and Webex by Cisco to deliver greater visibility and a better user experience for Microsoft 365 applications.
|
Pervasive security |
● Distributed Security Enforcement (DSE) framework, which includes - Embedded security (Next Generation Firewall), fabric security, SD-WAN integration with cloud security, monitoring and visibility and certifications and compliance.
● With SD-Routing, traditional routing customers gain access to a comprehensive suite of security functionalities, including Zone-based firewall, AMP (Advanced Malware Protection), IPS (Intrusion Prevention System), and URL filtering through Catalyst SD-WAN Manager.
● On-premises security with NGFW, Advanced IPS, AMP with Sandboxing, URL-Filtering, TLS proxy, Unified logging and Identity Firewall support.
● Full integration with cloud-delivered Cisco Umbrella
® provides protection against security blind spots and cyberthreats and offers a single vendor integrated SASE solution. Flexibility and choice through the Modular SASE solution, which includes third-party SSE integration. Catalyst SD-WAN seamlessly integrates with a wider range of third-party SSE cloud security providers, including Zscaler,
Microsoft (Entra SSE), Netskope, Palo Alto, Cloudflare, and Skyhigh.
● The seamless integration of Cisco Catalyst SD-WAN with Cisco Secure Access accelerates the journey toward a SASE architecture. This integration enables customers to effectively incorporate cloud security throughout the SD-WAN fabric, protecting internet and SaaS traffic from branches.
● Catalyst SD-WAN seamlessly integrates with a wider range of third-party SSE cloud security providers, including Zscaler, Netskope, Palo Alto, Cloudflare, and Skyhigh.
● Zero-trust foundation with authentication, encryption, and segmentation.
● Integration with Cisco
® Identity Services Engine (ISE), enabling user identity verification, visibility into every device, and adaptive policy enforcement to secure access to every application.
● Industry leading Threat detection and response powered by the Talos engine.
● A centralized view of network security events with actionable threat data for security operations center teams through the Catalyst SD-WAN Manager Security dashboard.
● Integration with third-party SIEM and SOAR vendors, including Splunk, Microsoft Sentinel and Live Action, enhances monitoring and visibility, offering actionable insights into network and security events.
|
Optimized for multicloud |
● Enables SD-WAN to extend to major public cloud, cloud interconnect, and colocation providers with Cloud OnRamp.
● Automatically selects the fastest, most reliable path for real-time optimized performance with Webex, Microsoft 365, Salesforce, other major SaaS applications, and custom applications.
● Automates workflow integration for AWS, Microsoft Azure, and Google Cloud.
● Regionalized internet access using colocation facilities enables organizations to quickly spin up new services and provide consistent policy for employees, partners, and guests across the WAN.
● Provides end-to-end encryption of traffic from branch to cloud through the Software-Defined Cloud Interconnect (SDCI) or middle-mile backbone of AWS, Equinix, Google Cloud, Microsoft Azure, or Megaport.
|
Visibility and predictivity |
● Provides native integration with Cisco Catalyst SD-WAN Analytics, Predictive Path Recommendations, and Cisco ThousandEyes.
● Correlates raw telemetry sources, establishes historical benchmarks, and provides operational insights, thereby transforming network operations from a reactive to a highly predictive model.
● Monitors network and application performance proactively, while validating implemented policies with business requirements to avoid performance issues before they impact users.
● Enables the unified application experience your end users have come to expect, regardless of their location and associated network environment.
● Establishes a perpetual optimization cycle that achieves overall CapEx and OpEx efficiency. Predictive analytics enable organizations to plan optimal capacity, thereby driving CapEx efficiency. OpEx efficiency is achieved by proactively preventing user-impacting issues, automating resolution, and reducing overall troubleshooting cycles.
|
Operational simplicity |
● Highly visualized interface and intuitive user experience with Cisco Catalyst SD-WAN Manager for simplified configuration, management, operation, and monitoring across the SD-WAN fabric.
● Preconfigured templates that automate and expedite the deployment of most common use cases.
● Guided step-by-step configuration designed to intelligently expedite onboarding of new devices.
● Full integration of unified communications, multicloud, and security into SD-WAN.
● Scalable and simplified SD-WAN deployment across regions for Managed Services Providers (MSPs) and global enterprises with Multi-Region Fabric.
● Multitenant edge that enables MSPs to host multiple enterprise customers securely on a single physical or virtual SD-WAN platform for multiple use cases.
● Choice of automated solution delivery with Cisco overseeing the entire lifecycle deployment and management of the SD-WAN fabric.
● Experience seamless interconnectivity and simplified management of both Meraki and Catalyst SD-WAN fabrics from a single dashboard. Whether dealing with similar sites that demand efficient scaling for secure networking or locations requiring precise WAN configurations, this interconnectivity gives enterprises the power to select a mix-and-match, best-fit Meraki and Catalyst SD-WAN solution for all their disparate locations, optimizing performance and streamlining operations.
● Experience simplified and streamlined license management with the new Catalyst SD-WAN licensing experience. Enjoy enhanced features including platform-based licensing, improved UX2.0 license assignment workflow, default license assignment, and SD-Routing license management. This revamp ensures a more efficient and user-friendly approach to managing licenses, saving you time and reducing complexity.
● Accelerate SD-WAN deployments with the UX2.0 Configuration Catalog. Access a Cisco-hosted library of validated network intents to streamline configuration and reduce deployment time. Customize pre-built templates to match your specific network requirements without starting from scratch.
|
The most widely deployed SD-WAN
Cisco Catalyst SD-WAN is the most widely deployed solution among the Fortune 2000, with 70% of Fortune 100 companies having implemented it. Cisco boasts over 48,000 SD-WAN deployments, which is more than double that of our closest competitor. The top five industries for SD-WAN/SASE deployments are retail, manufacturing, professional services, financial services, and government.
● Thousands of production sites in every major industry
● Rich analytics with benchmarking data across the industry
● In addition, our commitment to industry sectors in our SD-WAN portfolio is evident in our industry-focused certifications:
◦ FIPS-140-2, Nextunnel (FIPS compliant SSL daemon version of Meraki® management tunnel)
◦ FedRAMP certification of Meraki
◦ SD-Branch (full stack) for public sector
◦ Cisco SD-WAN for Government (FedRAMP)
◦ MEF SD-WAN 3.0 (service provider): https://www.mef.net/certify/certifications-for-technologies/technology-registry/?orgid=001U0000007OcrIIAS.
◦ FIPS-140-2: https://www.cisco.com/c/en/us/solutions/industries/government/global-government-certifications/fips-140.html.
◦ PCI-DSS: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2984.
◦ CAIQ Attestation: https://cloudsecurityalliance.org/star/registry/cisco-systems/services/cisco-sd-wan/.
◦ Common Criteria: https://www.commoncriteriaportal.org/products/.
Flexible and scalable SD-WAN architecture for network transformation
How do you deploy Cisco Catalyst SD-WAN?
● Hardware appliance
● On-premises deployed software (virtual) appliance
● Off-premises deployed software/virtual appliance
● Hosted in a public IaaS cloud
● Hosted in a third-party exchange or co-location vendor
● Integrated into CSP/MSP offering
Consider Cisco Catalyst SD-WAN for simplified, predictive and secure SD-WAN connectivity and flexible deployment scenarios: https://cisco.com/go/sdwan.
Learn more about SD-WAN security: https://cisco.com/go/sdwansecurity.
Consider Cisco SD-WAN (Meraki) for simplified IT operations: https://meraki.cisco.com/products/security-sd-wan/.