Palo Alto Networks expands SD-WAN capabilities with Layer 7, Prisma security integration and new appliances

The company is asserting that these new enhancements to the CloudGenix SD-WAN solution they acquired earlier this year make it the first true next-generation SD-WAN offering in the industry.

Anand Oswal, Senior Vice President of Product Management and Engineering, Firewall as a Platform at Palo Alto Networks

Palo Alto Networks has announced what they are terming the industry’s first Next-Generation SD-WAN solution, which is an upgrade of the CloudGenix SD-WAN solution they acquired in April. The enhancements include new application layer visibility, which uses Layer 7 rather than Layer 3 packet-based policies. They deliver on the integration with Prisma Access cloud-delivered security that was promised at the time of acquisition. They add machine learning abilities that simplify network operations. And they add new appliances, a small model aimed at the ROBO/SOHO market, and a new top of the line model that has double the performance of the existing flagship model.

“What we have announced is the second generation of our SD-WAN,” said Anand Oswal, Senior Vice President of Product Management and Engineering, Firewall as a Platform at Palo Alto Networks. “The solution which we acquired from CloudGenix was already in GA, but this gets it to the next level, with the industry’s first next-generation SD-WAN.”

So what makes this enhanced offering next generation? Oswal said that next-generation WAN consists of three things.

“The first is that it is application-defined, and in Layer 7 instead of Layer 3,” he indicated. “When we bought CloudGenix, a good part of that was there, but we have augmented it significantly since, and have created cloud-based policies to improve the next generation experience, because the first generation of SD-WAN were not designed for issues like reducing the cost of MPLS.”

The second element is the addition of machine learning and analytics capabilities to simplify network operations and improve capacity planning, eliminating up to 99% of WAN and application access trouble tickets.

“We have accelerated the autonomous and AI operations in our SD-WAN solution, to significantly reduce the need for manual operational tasks,” Oswal said. This includes capabilities like automatically identifying common root cause events when there are multiple event alarms, to reduce time to problem resolution. The new analytics features make capacity planning simpler by allowing operators to easily understand what WAN connections they are using, when they are using them, and what applications are driving that use.

Oswal said the third next-gen feature is the CloudGenix SD-WAN’s new integration with Prisma Access, Palo Alto Networks’ secure access service edge (SASE) platform, which greatly boosts security. The new CloudGenix CloudBlades platform lets customers secure intra- and inter-branch traffic as well as traffic from the branch to any applications hosted in public or private clouds, without upgrading hardware or software.

“No one else does this today,” he stressed. “Enterprise customers in the past had multiple hubs integrated to service providers, which was complex and complicated. Providing it as a cloud delivered service simplifies it. We can now provide networking and best in class security as cloud delivered services seamlessly. I don’t believe anyone in the industry has that capability today.”

Oswal believes this isn’t something that competitors can easily replicate.

“This is not an easy and straightforward process,” he said. “Moving from Layer 3 to Layer 7 doesn’t happen overnight. I don’t think anyone else is going to provide cloud delivered networking and security delivered as a service quickly.”

There are four components to the announcements. Two of them were the integration with Prisma and the new machine learning capabilities. The other two, however, are new appliances

“The CloudGenix ION 1000 is a very small form factor appliance for the small retail market and SOHO use cases,” Oswal stated. It’s aimed at large distributed environments of enterprises, but also at some true small businesses. It’s also a fit for home office environments although Palo Alto Networks isn’t marketing it explicitly as a COVID-related solution. The ION 1000 is fanless, small and quiet enough to be placed in a work environment when no equipment room is available, including home offices.

The other new appliance, the CloudGenix ION 9000 is the largest CloudGenix SD-WAN appliance to date, delivering twice the performance of the current flagship device. It is targeted at large branches and campus locations, even though those aren’t exactly hot properties at the present time.

“Nobody is in most of those campus environments today, but at some point that market will expand again,” Oswal said. “We believe many organizations who buy it now will be future-proofing, preparing for when employees return to those environments.”

Leave a Reply

Your email address will not be published. Required fields are marked *