We’ve unified Citrix solutions and our portfolio. Learn more.
We’ve unified Citrix solutions and our portfolio. Learn more.
Citrix SD-WAN increases the performance and reliability of traditional enterprise applications, SaaS applications and virtual desktops over any network while simplifying the branch network.
Businesses rely on branch offices or remote employees to serve customers, to be near partners and suppliers and to expand into new markets. As desktop virtualization increases and applications move to the cloud, IT managers face the challenge of providing applications reliably and without a performance penalty to branch and mobile users. Now enterprises can use Citrix SD-WAN to software define their WAN, rendering it more scalable, cost-effective and ready to connect to the cloud, while ensuring excellent application performance. At the same time, Citrix SD-WAN can help you to effectively and economically simplify the branch network with integrated routing, firewall, and WAN optimization capabilities.
Migrating apps to the cloud
Citrix SD-WAN contains an integrated database and deep packet inspection to identify applications, including individual SaaS applications, and intelligently steer traffic from the branch to the internet, cloud, or SaaS. SD-WAN provides the ability to route traffic from the branch to the internet via a secure web gateway, which provides cloud-based security including firewall, URL filtering, and usage accounting. SD- WAN builds secure and reliable connections to the cloud to provide a WAN-like experience similar to the data center. For a hybrid multi-cloud scenario, Citrix hosts SD-WAN appliances in Equinix and uses their cloud exchange to provide automatic traffic routing and failover to a multi-cloud environment.
WAN Virtualization for WAN Efficiency
Citrix SD-WAN creates a reliable WAN from diverse network links, including MPLS, broadband, and wireless, continuously measuring and monitoring each link for loss, latency, jitter and congestion. Link outages and errors are mitigated by Citrix SD-WAN’s ability to move traffic off poor performing links without impact to the applications, resulting in predictable and consistent performance. Mission critical applications are always routed across the paths with the fastest transit time, real-time application traffic can be duplicated to guarantee no loss and traffic from high bandwidth applications can be balanced across multiple links to provide high performance for large file transfers.
Application QoS for Assured Delivery
Citrix SD-WAN identifies applications through deep packet inspection technology that results in the industry’s best accuracy granularity. Application and application elements can be grouped into different categories with different priorities and bandwidths. With the granular application awareness combined with network intelligence, the platform can ensure that critical applications receive priority and are routed across the highest-quality link. Lower quality links are used for lower priority applications that can tolerate higher latency. The Citrix SD-WAN endpoints also communicate with each other on congestion conditions, allowing sending devices to adjust transmission rates to match network capacity.
Dynamic Routing for Branch Simplification
Citrix SD-WAN provides an alternative to the legacy branch router, enabling a simpler branch network with lower infrastructure and support costs. Multiple overlay routed networks can be software defined, with separate policies and security rules applied to each. With Dynamic Routing, Citrix SD-WAN can participate in your routing topology in overlay mode for easy network insertion or operate in edge mode for a streamlined branch network with assured application delivery.
Integrated Firewall for Complete Security
Citrix SD-WAN brings strong data protection to the network, from link layer security to a stateful firewall function. The firewall integrates with the application QoS to allow security policies to be centrally defined by application or application element, allowing you to limit or reject traffic by applications or application elements. Citrix SD-WAN also allows users to be segmented into different zones, allowing different policies to be applied per zone. Finally, Citrix SD-WAN provides strong encryption as data crosses public and private networks while easily integrating with cloud web gateways. Citrix SD-WAN can redirect internet traffic to a secure web gateway for next-generation firewall by creation of IPsec tunnels from the branch to Palo Alto’s Global Protect cloud service. This reduces the need to deploy firewalls at the branches.
Application and WAN Optimization usability and bandwidth efiiciency
Through features such as TCP flow control, data compression, de-duplication and protocol optimization, Citrix SD-WAN can improve the end-user experience as well as provide a reduction in WAN bandwidth expenses. And with video usage on the rise, Citrix SD-WAN can optimize video delivery within Citrix Virtual Apps and Desktops environments as well as for popular websites and internal video content repositories.
Management and Visibility for centralized policies
To ensure great user experiences, enterprise IT must be able to quickly and easily deploy new sites on the network, easily define network and application policides, and identify the sources of problems in application delivery. Citrix SD-WAN center allows centralized policy definition across all network services and zero touch deployment, radically simplifying the time and effort to turn up a new location on the WAN. Automatic bandwidth detection and adaptive bandwidth control simplifies the detection of WAN and provides detailed reporting on the true bandwidth available on each link over time. Through its integration with Citrix Application Delivery Management, Citrix SD-WAN monitors how well applications are being delivered to users in the branch.
Why Citrix SD-WAN
| Appliance | 2100 | 1100 | |||||
|---|---|---|---|---|---|---|---|
| Model | 2100-0300-SE | 2100-0500-SE | 2100-01000-SE | 2100-2000-SE | 1100-200-SE | 1100-300-SE |
1100-500-SE |
| Total throughput3 | 600 Mbps | 1 Gbps | 2 Gbps |
4 Gbps | 400 Mbps | 600 Mbps |
1 Gbps |
| Max virtual paths (static/dynamic) | 256/32 |
64/32 | |||||
| Appliance | 410 |
210/210 LTE SE ( R1/R2/RC) |
||||||
|---|---|---|---|---|---|---|---|---|
| Model | 410-050-SE | 410-100-SE | 410-200-SE | 410-300-SE | 210-020-SE | 210-050-SE | 210-100-SE | 210-200-SE |
| Total throughput3 | 100 Mbps | 200 Mbps | 400 Mbps | 600 Mbps | 40 Mbps | 100 Mbps | 200 Mbps | 400 Mbps |
| Max virtual paths (static/dynamic) | 24/8 | 16/4 | ||||||
| Standard Edition virtual appliances | ||||||
|---|---|---|---|---|---|---|
| Appliance | VPX | |||||
| Model | VPX-020-SE | VPX-050-SE | VPX-100-SE | VPX-200-SE | VPX-500-SE | VPX-1000-SE |
| Total throughput3 | 40 Mbps | 100 Mbps | 200 Mbps | 400 Mbps | 1 Gbps | 2 Gbps |
| Maximum virtual paths | 8 | 16 | 16 | 16 | 16 | 16 |
| Hypervisor | Citrix Hypervisor, VMWare, HyperV, KVM | |||||
| Clouds1 | AWS, Azure | |||||
| Appliance | VPX | |||||
|---|---|---|---|---|---|---|
| Model | VPX-L-020-SE | VPX-L-050-SE | VPX-L-100-SE | VPX-L-200-SE | VPX-L-500-SE | VPX-L-1000-SE |
| Total throughput3 | 40 Mbps | 100 Mbps | 200 Mbps | 400 Mbps | 1 Gbps | 2 Gbps |
| Maximum virtual paths | 128 | 128 | 128 | 128 | 256 | 256 |
| Hypervisor | Citrix Hypervisor, VMWare, HyperV, KVM | |||||
| Clouds1 | AWS, Azure | |||||
| Software Features |
|
|---|---|
| Deployment | Inline Overlay, One-armed, Edge gateway, Cloud |
| Path assignment | Per packet, Packet load balancing, Packet duplication, By application |
| QoS | Scheduling, shaping, classification, remarking |
| Router | eBGP, iBGP, OSPF, Static, Multicast |
| Security | L4-7 application firewall, NAT, secure web gateway connectivity. FIPS compilant |
| Layer 2 | VLAN (802.1Q), Bridging, SVI |
| Tunnel Interfaces | GRE, IPSec, Citrix Virtual Path |
| Network Encryption | 128 bit AES, 256 bit AES, IPSec |
| Authentication | Local database, RADIUS, TACACS+ |
| Managebility | CLI, SNMP V3, DHCP Server/Relay/Client, DNS Forwarder, syslog, NetFlow, IPFIX, REST API |
| Configuration | Zero Touch Deployment service, GUI, customizable dashboards and templates, REST API |
1 Cloud server types are the minimum recommended server size to support the listed performance numbers for each model.
3 Total throughput refers to total amount of bandwidth that the appliance model is licensed for, both upstream and downstream, and is based on AES-128 encryption.
| Appliance | 1000 | |||
|---|---|---|---|---|
| Model | 1000-010-EE | 1000-020-EE | 1000-050-EE | 1000-100-EE |
| Total encrypted throughput3 | 20 Mbps |
40 Mbps |
100 Mbps |
200 Mbps |
| Maximum virtual paths |
16/8 | |||
| Optimized WAN capacity4.5 |
4 Mbps | 6 Mbps |
10 Mbps | 20 Mbps |
| Maximum HDX CCUs6 |
40 | 60 | 100 | 200 |
| Maximum Accelerated TCP sessions7 |
10,000 | |||
| Software Features |
|
|---|---|
| Deployment | Inline Overlay, One-armed, Edge gateway, Cloud |
| Path assignment | Per packet, Packet load balancing, Packet duplication, By application |
| QoS | Scheduling, shaping, classification, remarking |
| Router | eBGP, iBGP, OSPF, Static, Multicast |
| Security | L4-7 application firewall, NAT, secure web gateway connectivity. FIPS compilant |
| Layer 2 | VLAN (802.1Q), Bridging, SVI |
| Tunnel Interfaces | GRE, IPSec, Citrix Virtual Path |
| Network Encryption | 128 bit AES, 256 bit AES, IPSec |
| Authentication | Local database, RADIUS, TACACS+ |
| Managebility | SNMPV3, DHCP relay/agent/client, Syslog, Netflow, REST API |
| Configuration | Zero Touch Deployment service, GUI, Customizable templates, REST API |
3 Total throughput refers to total amount of bandwidth that the appliance model is licensed for, both upstream and downstream, and is based on AES-128 encryption.
| Appliance | 800 | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Model | 800-002 | 800-006 | 800-010 | ||||||
| Optimized WAN capacity8,9 | 2 Mbps |
6 Mbps |
10 Mbps |
||||||
| QoS/unaccelerated bandwidth limit | 50 Mbps |
||||||||
| Maximum HDX CCus10 | 20 | 60 | 100 | ||||||
| Maximum Accelerated TCP sessions11 | 10,000 | ||||||||
| Concurrent Citrix SD-WAN client plug-ins | |||||||||
| Video caching | |||||||||
| WCCP clustering | |||||||||
| Networking Cloud Connector | |||||||||
| Group mode |
|||||||||
| WANOP Edition virtual appliances |
|||||||
|---|---|---|---|---|---|---|---|
| Appliance | VPX | ||||||
| Model | VPX 2-WO | VPX 6-WO |
VPX 10-WO |
VPX 20-WO |
VPX 50-WO |
VPX 100-WO |
VPX 200-WO |
| Optimized WAN capacity16,17 |
2 Mbps | 6 Mbps | 10 Mbps | 20 Mbps |
50 Mbps | 100 Mbps | 200 Mbps |
| QoS/unaccelerated bandwidth limit | 15 Mbps | 50 Mbps | 75 Mbps | 150 Mbps | 250 Mbps | 250 Mbps | 300 Mbps |
| Maximum HDX CCUs18 |
20 | 60 | 100 | 200 | 300 | 400 | 500 |
| Total TCP sessions19 | 5,000 | 5,000 | 5,000 | 10,000 | 10,000 | 20,000 | 30,000 |
| Concurrent Citrix SD-WAN client plug-ins |
20 | 60 | 100 | 200 | 300 | 400 | 500 |
| Video caching | |||||||
| WCCP clustering | |||||||
| Networking Cloud Connector20 |
|||||||
| Group mode |
|||||||
| Hypervisor | XenServer 5.5 - 6.2 , Hyper-V 2008R2SP1 - 2012 , ESX/ESXi 4.1-6.0 | ||||||
| Processor | Dual core (quad core recommended) Intel VTx or AMD-V 64-bit x86 | ||||||
| Memory | 6 GB | 8 GB | 16 GB | ||||
| Virtual CPU | 1 x Citrix Hypervisor & 2 x Vmware vSphere (>2.33GHz) |
2-4 x Citrix Hypervisor,Hyper-V & VMware vSphere (>2.33GHz) | 2-4 x Citrix Hypervisor, Hyper-V & VMWare vSphere (~3.0GHz) |
||||
| Hard drive22 |
100 GB |
100 GB | 250 GB |
250 GB |
250 GB |
500 GB |
500 GB |
| Network interface | 2 virtual NIC's | ||||||
| Component Name |
Version/Model | Language | NSC | EOS | EOM | EOL |
| Receiver for Blackberry** | All | Multiple | 24-Sept-15 | 29-Feb-16 | 29-Feb-16 | 29-Feb-16 |
4, 8, 16 Only outbound WAN traffic is counted against the licensed bandwidth (Mbps or Gbps purchased). QoS and / or unaccelerated traffic do not count against the licensed bandwidth. Unaccelerated and QoS traffic can, however, impact the total amount of outbound accelerated traffic.
5, 9, 17 Some protocols (for example ICA) can limit the processing capacity of the appliance before the licensed bandwidth is reached.
14 User count is based upon a medium level workload as defined by Login VSI and Citrix Virtual Apps and Desktops / Citrix Virtual Apps advanced encryption security. User count is limited by link bandwidth and TCP session counts. No user count is enforced. Published numbers are for guidance purposes only.
15 TCP session count will be reduced by active HDX sessions. No session count is enforced. Published numbers are for guidance purposes.
16 Only outbound WAN traffic is counted against the licensed bandwidth (Mbps or Gbps purchased). QoS and / or unaccelerated traffic do not count against the licensed bandwidth. Unaccelerated and QoS traffic can, however, impact the total amount of outbound accelerated traffic.
17 Some protocols (for example ICA) can limit the processing capacity of the appliance before the licensed bandwidth is reached.
18 User count is based upon a medium level workload as defined by Login VSI and Citrix Virtual Apps and Desktops / Citrix Virtual Apps advanced encryption security. User count is limited by link bandwidth and TCP session counts. No user count is enforced. Published numbers are for guidance purposes only.
19 TCP session count will be reduced by active HDX sessions. No session count is enforced. Published numbers are for guidance purposes.
20 For Citrix SD-WAN appliances, the Networking Cloud Connector is delivered as a separate software appliance.
21 The VPX images are qualified to run on Intel processors only.
22 For best performance, use solid state drives or high IOPs storage devices.
26210-LTE-RC: EMC Certifications include CCC, NAL, SRRC – FCC (Part 15 Class A), CE, CITC, EAC, ENACOM, IFT 210-LTE-R2: EMC certifications include – FCC (Part 15 Class A), CE, Anatel, BIS, BSMI, CITC, EAC, ICASA, MIC, NTC, RAA, RCM