Protect resources at the WAN Edge

Take a comprehensive security approach that supports zero trust—without sacrificing performance

49% of all corporate data is stored in the cloud1. As your workloads move to the cloud, backhauling this traffic to your data centers can hurt the user experience. To secure the new attack surface brought on by local internet breakout, you need a consolidated SD-WAN solution with strong security at the WAN Edge. With a fully-integrated edge security stack to enable adoption of local internet breakout and protect branch to branch propagation of threats. So you can protect your organization without inhibiting network performance for a better cloud and SaaS experience.

Protect users and apps with cloud-delivered security

It’s important to protect your users and apps against threats that may breach internet or cloud connections. In addition to the fully-integrated edge security stack, Citrix SD-WAN offers a unified cloud-delivered security and network service called Citrix Secure Internet Access. Now, you can confidently provide direct internet access (DIA) with protection that extends beyond the branch to remote and mobile users. Alternatively, you can keep your preferred security vendor’s cloud-based network security service and allow Citrix SD-WAN to automate the connectivity to leading cloud-based secure web gateways for your branches. Because Citrix SD-WAN Orchestrator handles all provisioning, your network is just a few clicks away from being connected to local security enforcement points. This provides strong SD-WAN security for your users, apps, and data at the branch, without compromising the SaaS experience.

Simplify with comprehensive, integrated WAN Edge security

83% of businesses say their organizational and IT complexity is increasing the risk of security breaches2. While local breakout simplifies application access across your branches, it also opens your network to threats by exposing it to the internet. To protect your network without increasing complexity, you need a comprehensive, multi-layer security strategy that doesn’t require adding infrastructure in every branch. Citrix SD-WAN increases your security posture with ICSA-certified built-in stateful firewall that allows you to centrally define application-centric policies that limit or reject traffic by applications and zones. You can also add a fully-integrated security stack with web filtering, IDS/IPS and malware protection to guard against threats without compromising performance. With a cloud-based single pane of glass, you can simplify deployment, management and monitoring without having to configure multiple products from multiple vendors.

Ensure security compliance

No breach is inexpensive, but when you have specific data compliance requirements from HIPAA, PCI-DSS, and GDPR, a breach could cost you millions–in fact, the average cost of a healthcare data breach is $429 per record3Achieve simplified compliance on a single Citrix SD-WAN branch platform with an integrated SD-WAN edge security stack that includes intrusion prevention systems (IPS) functionality to periodically scan your data for threats. And because Citrix SD-WAN is an SDN/NFV-ready platform, your SecOps team can choose whether to implement the edge security stack or run industry-leading, third-party, next-gen virtual firewalls in a single WAN Edge appliance.

Get more information


Shifting Security to the Edge with Citrix SD-WAN

Get the brief


Citrix SD-WAN and Zscaler

Read the solution brief


Citrix SD-WAN and Check Point: Secure, cloud-delivered SD-WAN

Read the solution brief

Let’s get started