Secure, Global SD-WAN as a Service

SD-WAN or software-defined wide area network is a new way to manage and optimize a wide area network (WAN). It was created to overcome the high bandwidth costs and the rigidity of MPLS services. It does that by incorporating Internet transports (such as Cable, DSL, Fiber and 4G) into the WAN and forming a virtual overlay across all transports.

The SD-WAN measures the real-time transport quality (latency and packet loss) and uses Policy-based Routing (PbR) to route application-specific traffic over the most appropriate transport.

Secure, global SD-WAN, delivered as a service, provides the core benefits of SD-WAN while enabling secure direct internet access, SLA-backed connectivity, and seamless extension of the WAN to cloud datacenters and mobile users.

Traditional, Appliance-based SD-WAN Challenges

By introducing Internet transports into MPLS WAN, Software-defined WAN can expand WAN capacity and offload Internet-bound traffic at the branch. Yet, traditional SD-WAN fails to address network security requirements of accessing Internet and cloud resources and the need to continue and rely on MPLS for latency sensitive apps. Below are the main challenges left unaddressed by traditional solutions.

The Cato Solution:

Secure, Global SD-WAN as a Service

Cato is providing a fully converged global SD-WAN with built-in network security, delivered as a cloud service. SD-WAN edge device is the enabling network infrastructure. Core capabilities, such as policy-based routing and transport agnostic overlay, are extended to address key problems with traditional SD-WAN.


No global latency controls persists MPLS dependency

One of its main benefits is MPLS cost reduction. But since SD-WAN uses the public Internet where latency is unpredictable, enterprises need to maintain some MPLS capacity to support latency-sensitive applications.

Replace, not just augment, MPLS

Cato provides its own global, affordable, SLA-backed backbone. With Cato, customers can move to a combination of a high-quality Internet last mile and the Cato Cloud to augment and ultimately replace MPLS. The Cato Cloud is strategically deployed to accelerate access to key cloud application like Amazon AWS, Microsoft Azure and Office 365.

Secure Internet Access

No integrated network security capabilities

SD-WAN directs WAN traffic across encrypted Internet tunnels. This provides the most basic security needed to send traffic over a public network. However, accessing websites and cloud applications directly from a remote office and not backhauling to a datacenter, requires a network security stack to protect users against phishing, malware, and other threats. This security stack often includes a next generation firewall (NGFW), URL filtering, anti-malware, IPS and more. Other solutions must partner with network security vendors for this functionality, complicating and fragmenting network and security policy management.

Cloud-based network security everywhere

Cato provides a full enterprise-grade, network security stack built directly into its global backbone. There is no need to backhaul traffic to specific choke points or introduce 3rd party security products service chained together. All network and security policies are configured within Cato’s cloud-based management application.

Cloud and Mobile Support

No support for cloud infrastructure and mobile users

Software-defined wide area network solutions were designed to reduce spend on MPLS connectivity between physical locations. For legacy WAN architectures, cloud data center integration was an afterthought and mobile support was not a consideration. Yet, cloud and mobility represent a big part of how business gets done today.

Seamless support for cloud infrastructure and mobile users

Cato was designed to easily connect all enterprise resources into the WAN, including physical locations, cloud resources, and fixed and mobile users. With Cato, networking and security capabilities are available everywhere and to all resources without the need to introduce point solutions.

The Cato Solution:

Secure, Global SD-WAN as a Service

Cato’s secure and global SD-WAN enables customers to eliminate multiple point products and the cost, complexity and risk associated with maintaining them. With Cato, WAN transformation will not merely end in MPLS cost avoidance, but present a full roadmap for streamlining the networking and security infrastructure of the organization.


Customer Case-study

Alewijnse Reduces MPLS Costs

Alewijnse is distributed globally across Europe, Middle East and Asia. We were looking to simplify and improve our network and security infrastructure, reduce the cost of MPLS and be more flexible and fast in adding temporary project locations to our WAN. Multiple providers were considered to address these needs, but Cato enabled us to meet all of them with a single platform.

In the first phase we connected three of our offices in the Netherlands, Romania, Vietnam with our datacenter. We successfully replaced our MPLS last-mile links with Internet links while maintaining the quality of our high definition video conferencing system and our Citrix platform for 2D and 3D CAD across the company.

Read the Full Story


MPLS, SD-WANs, and the Promise of SD-WAN as a Service

Businesses networks have changed a lot over the past 10 years, but MPLS has done little to keep up. MPLS circuits still take too long to receive; bandwidth is still too expensive. SD-WAN appliances address many of those problems while creating security and predictability issues. With all of these changes happening, CIO and their teams are being forced to reconsider their network architectures…

Get the Whitepaper


How to Re-evaluate Your MPLS Service Provider

Read how you can cut costs, sustain the service levels your business needs, improve overall agility and flexibility, and get enterprise-grade security, by just offloading your MPLS.

Get the eBook