Citrix SD-WAN delivers the reliable, high-performance user experience your distributed workforce needs to do their best work anywhere. With Citrix SD-WAN, you can simplify your hybrid multi-cloud initiatives by optimizing applications and automating connectivity. Easily deploy robust security capabilities where you need them. And choose from the broadest choice in security with a uniﬁed security service, on-box advanced security, and integration with third-party best-of-breed ﬁrewalls.
A single cloud-based user interface makes it simple to manage your WAN, conﬁgure security policies, and monitor and prioritize applications. Citrix SD-WAN gives you the most ﬂexibility with a range of physical and virtual form factors, you can deploy SD-WAN in public clouds, datacenters, branches and home ofﬁces.
Citrix SD-WAN includes an industry-leading application control engine with deep packet inspection enabling detection, classification, and acceleration of over 4,500 SaaS, cloud, and virtual applications and sub applications. With Citrix SD-WAN, you can deliver the best application experience through real-time, packet-based path selection and bi-directional QoS.
Data is delivered on a per packet basis. Packet-based forwarding reorders packets to mitigate changing WAN conditions in order to best steer trafﬁc. Packet duplication, or racing, ensures high application performance for real-time applications such as voice by duplicating a session’s trafﬁc across multiple paths. This means that no packets are lost and, as the ﬁrst of the duplicate pair to arrive is used, each packet takes the lowest latency route. This allows for optimal application performance for just a small cost in bandwidth.
Dual-ended QoS measures latency, packet loss and jitter at both the sending end and destination. Administrators conﬁgure QoS globally from a single source and senders only send at the peers advertised receive rate. Unidirectional local measurements are shared with peer devices in the network. All sites get their fair share of bandwidth preventing oversubscription and wasted utilization.
Citrix SD-WAN integrates Microsoft APIs and follows Microsoft’s Ofﬁce 365 connectivity principles to optimize trafﬁc and send it directly to Microsoft cloud front doors. SD-WAN steers Teams audio-video traffic to Azure for enhanced reliability and performance or directly to the closest Ofﬁce 365 front door. Untrusted trafﬁc can be steered to a datacenter security stack or cloud-based secure web gateway for enforcement.
Citrix SD-WAN improves the application experience while reducing bandwidth expenses with features such as TCP optimization, compression, data de-duplication, and protocol optimization.
By deploying SD-WAN virtual instances in Microsoft Azure, AWS and Google Cloud Platform clouds with SD-WAN appliances on-premises, customers get link bonding, packet-based real-time path selection, QoS, and resiliency in case of congestion or power outages with zero interruption on user experience. On AWS, SD-WAN eases connectivity to VPCs with AWS Transit Gateway Connect integration, extends hybrid-cloud to on-premises with Outposts, modernizes the WAN for the cloud, provides real-time monitoring and insights, and leverages a massive global footprint and native access to a broad and deep set of traditional and emerging IT resources.
Enterprise-grade private network (middle mile) for SaaS provides optimized high-performance connections from the local last mile networks to a network of geographically distributed PoPs that peer with SaaS clouds via dedicated paths.
Citrix SD-WAN acts as an 802.1x Wi-Fi secure access point boosting bandwidth and ensuring resiliency by leveraging broadband and combining it with LTE ideal for at-home workers. USB and dongle LTE options give your network fast performance and reliability. It’s certiﬁed for operation on Verizon’s 4G/LTE network along with a host of others.
Citrix SD-WAN Orchestrator, the cloud-hosted management tool, enables customers and partners to centrally manage and monitor the WAN for security, control and visibility across the entire network with an intent-based approach. Quickly and easily deploy new sites on the network remotely with zero touch deployment. Simplify the time and effort to set up new locations with automated setup of cloud services, security policies, and applications with profiles, templates and cloning.
A built-in ICSA certified stateful firewall and automatically connect to your choice of several cloud security platforms, including Zscaler, Palo Alto Networks Prisma Access or host NGFW VNFs like Palo Alto Networks VM-Series directly on the SD-WAN branch appliance.
Holistic edge security — designed to protect the WAN edge —is available on the Citrix SD-WAN branch appliance so you can leverage direct internet paths.
Integrated edge security features including signature-based IDS and IPS; web filtering; SSL inspection; and malware protection for HTTP, FTP and SMTP bring:
The Citrix SD-WAN hardware appliances support the different Citrix SD-WAN editions, common hardware components, and virtual appliance information. The various Citrix SD-WAN hardware platforms offer a wide range of features, virtual paths, and throughput. Citrix SD-WAN software supports all Citrix SD-WAN hardware platforms. Citrix SD-WAN VPX (virtual form factor) is available as a virtual instance in major cloud marketplaces (Azure, AWS, Google Cloud Platform) and as bring your own license.
|Total Encrypted Throughput1
(License Term 1 or 3 Yr)
|8 Gbps to 12 Gbps (4 Gbps to 6 Gbps)
||4 Gbps to 6 Gbps (2 Gbps to 3 Gbps)||600 Mbps to 4 Gbps (300 Mbps to 2 Gbps)||400 Mbps to 1 Gbps (200 Mbps to 500 Mbps)||100 Mbps to 600 Mbps (50 Mbps to 300 Mbps)||40 Mbps to 400 Mbps (20 Mbps to 200 Mbps)||40 Mbps to 3 Gbps (20 Mbps to 1.5 Gbps)||40 Mbps to 3 Gbps (20 Mbps to 1.5 Gbps)|
|Max Virtual Paths (Static/Dynamic)||1000/32||550/32||256/32||64/32||16/4||8/4||16 (8 for 20 Mbps License)||256|
|Third-party Firewall (VNF)2||Palo Alto Next Gen Firewall or Check Point Firewall|
|Citrix Cloud Direct||100 Mbps||10 Mbps to 20 Mbps|
|Total Encrypted Throughput1
(Licence Term 1 or 3 Yr)
|6 Gbps or 8 Gbps
(3 Gbps or 4 Gbps)
|600 Mbps or 1 Gbps or 2 Gbps
(300 Mbps or 500 Mbps or 1 Gbps)
|400 Mbps or 600 Mbps or 1 Gbps
(200 Mbps or 300 Mbps or 500 Mbps)
|Max Virtual Paths (Static/Dynamic)||1000/32||256/32||64/32|
|Optimized Application Capacity10, 19||500 Mbps||50 Mbps (300 Mbps License)
100 Mbps (Other Licenses)
|10 Mbps (200 Mbps License)
20 Mbps (300 Mbps License)
50 Mbps (500 Mbps License)
|Max HDX CCUs11||750||300||100 (200 Mbps License) or
300 (Other Licenses)
|Max Accelerated TCP Sessions12