Security breaches are on the rise and SD-WAN can help.

Today applications are in the cloud; BYOD is ubiquitous; the use of cellular and broadband transport is common to augment MPLS or connect sites that MPLS cannot reach. These shifts have expanded the attack surface of the network, while simultaneously obscuring IT visibility. Enter VMware SD-WAN by VeloCloud, with a uniquely flexible architecture that meets your security needs, whether your business is on-premises-centric, cloud-centric, or a combination.

Security, Simplified

Pivotal security features required by a headless SD-WAN, or to secure cloud-destined traffic without hairpinning it through the data center, can leverage hosted security facilities, both for VPN termination, as well as for insertion of other services including firewalling and cloud-based-security (such as Zscaler). The VNF capabilities supported on the VMware SD-WAN Edge additionally allow security service insertion in the branch.


Flexible Architecture

SD-WAN accommodates the needs of even the most security sensitive business. It also returns to corporate IT the security, compliance and control it needs to be safe.


With SD-WAN, you gain unprecedented visibility into the use of data center or SaaS applications. It returns to corporate IT the security, compliance, and control it needs to be safe.

Service Insertion

SD-WAN applies network-wide security policies and inserts local, third-party and cloud security services wherever and whenever they are needed.

Deployment Models

The singular flexibility of SD-WAN allows the solution components – the SD-WAN node (single and multi-tenant for on-premises and cloud), VMware SD-WAN Orchestrator, VMware SD-WAN Controller – to be deployed in multiple different architectures, including the following.
Deployment Models - On Premises

All On-Premises

This architecture, where all components of the WAN are located on premises, addresses the needs of networks that have not yet migrated to the cloud and prefer traffic to flow to the data center.

Hosted SD-WAN Orchestrator

Hosted SD-WAN Orchestrator/Controller

Management and control (provisioning, configuration) is cloud-delivered, while data continues to flow on-premises between SD-WAN nodes that remain on-premises.

Hosted SD-WAN Orchestrator/Gateway

Hosted SD-WAN Orchestrator/Gateway

Management and control (provisioning, configuration) is cloud-delivered. Cloud Saas/IaaS traffic is directed to the cloud SD-WAN node, while data center traffic continues to flow directly to the data center node.

Related Resources

Secure Your Network for Cloud

Learn new approaches that strengthen and simplify your security posture.

Next-Gen Security for the Branch

Explore the use cases of next-generation enterprise WAN.

Ready to Get Started?