Solutions > SD-WAN

Realize the full benefits of SD-WAN

Zscaler provides everything you need to deliver SD-WAN security

Are you deploying cloud applications and services like Microsoft 365?

If so, the traditional approaches to routing and securing internet traffic are no longer relevant. Delivering a fast user experience and properly supporting cloud apps, requires direct-to-internet connections.

Hub-and-spoke architectures challenges:
  • Backhauling over MPLS is expensive
  • Introduces latency
  • Negatively impacts user experience
Hub-and-spoke network diagram

UTM/NGFW appliance sprawl

Software-Defined Wide Area Networking (SD-WAN) makes it easy to establish local internet breakouts. But, the traditional approach to secure branch locations with UTM or NGFW appliances or their VNFs creates challenges:

UTM/Firewall Appliance Sprawl
  • Dramatically raises deployment costs
  • Creates unmanageable appliance sprawl
  • Compromises branch security
  • SSL inspection significantly impacts performance
  • Inflexible to changing capacity needs
UTM sprawl network diagram

SD-WAN reduces complexity and optimizes branch traffic routing

SD-WAN uses software-defined policies to select the best path to route traffic to the internet, cloud applications, and the data center.


But, these local breakouts need to be secured without complicating your network.

Zscaler cloud with check mark

Makes it easy to establish local internet breakouts

Zscaler cloud with check mark

Simplifies how traffic is routed in the branch

Zscaler cloud with check mark

Enables rapid deployment of new applications and services

Zscaler cloud with check mark

Empowers organizations to manage policies across a large number of locations

Zscaler Features SD-WAN Diagram

Reduce Cost and Complexity

Zscaler secures direct-to-internet connections and delivers a fast user experience — without backhauling and without the cost and complexity of duplicating the appliance security stack at each location. With Zscaler and SD-WAN you can reduce MPLS costs and provide a fast and secure user experience.

Cloud-based to simplify branch operations and improve control

Zscaler enables you to define and immediately enforce security and access policy changes across all locations from a single console. Activate security services across all locations in minutes, with just a few clicks. And with Zscaler, prioritize your critical business applications, like Office 365, over YouTube and streaming media.

Policy screen shot
  1. Allow HTTP/HTTPS traffic only on guest Wi-Fi 
  2. Allow FTP for IT users only  
  3. Block all P2P apps except Skype for Bus 
  4. Allow access to dynamic IPs based upon FQDN

No security compromises

Zscaler delivers the entire security stack as a cloud service, so there’s no compromising on security. Zscaler provides elastically scalable and secured access for all internet traffic across all ports and protocols, including SSL. With Zscaler, policies follow the user to provide identical protection wherever they connect.

Zscaler Riverbed Integration Screen Shot
80% icon

of enterprise branch office traffic is now destined for the internet

Suggested Resources


Zscaler and SD-WAN


Breakout with SD-WAN Without Compromising Security

Industry Report

2023 Gartner Magic Quadrant for Security Service Edge

Zscaler Securely Enables Local internet Breakouts for SD-WAN

Zscaler partners with the leading SD-WAN providers to simplify branch operations and securely connect your branches to the internet.