By Elisa Caredio

In my conversations with customers about digital transformation and the shift to SaaS and cloud, two questions tend to come up: “Do you have an integrated security solution?” and “How reliable or effective is it?”

Frankly, “security” is something we all search for in our daily lives, whether it’s in the context of our homes or the cars we drive. A desire for safety is innate and often points our buying decision toward products that provide the best security money can buy. Consider the lock on your home’s front door. Would you rather have a simple bolt or a multi-point locking system to keep you secure?

With the expanding threat surface, ensuring the safety of branch users and devices when using cloud-based applications has become paramount. A built-in firewall has become a core requirement for SD-WAN, and several SD-WAN solutions offer one. Buyers beware, though: Not all firewalls are created equal!

Before settling on a SD-WAN solution, do your research and choose the ones that have an integrated firewall tested by a reputable independent lab and with a solid reputation you can trust.

That’s not just my position, or that of Citrix, but also other trusted names in the industry. In fact, the Tolly Group recently released its top three SD-WAN security considerations, which Citrix SD-WAN meets and exceeds.

Not All Firewalls Are Created Equal

More than just pointing out a concern, at Citrix we are doing something about it. Unlike SD-WANs from most other vendors, Citrix SD-WAN’s built-in, stateful firewall is ICSA-certified. You can deploy Citrix SD-WAN with confidence knowing that your perimeter is secure. Our stateful firewall is an integral part of the SD-WAN software that runs on all the appliances in the SD-WAN portfolio.

With 25 years of security-testing experience, ICSA Labs directs a certification program aimed at testing the security efficacy of commercially available firewall products. To be certified, tested products must meet all their rigorous testing requirements.

Experts at the ICSA firewall lab carry out a set of functional tests based on stringent criteria designed to achieve a high standard of security assurance.

With Citrix SD-WAN’s integrated, application-aware, stateful firewall, you can restrict which zones an application can come from and go to; control whether to allow, reject, or drop this traffic; and apply policies to groups of applications, individual applications, or a subset of traffic within an application. As shown below, Citrix SD-WAN’s integrated firewall secures the branch perimeter while providing direct breakout for trusted traffic.


Extend Your Security Beyond Integrated Firewalls

With Citrix SD-WAN, you can secure your perimeter and steer trusted traffic to SaaS and IaaS clouds. Make our ICSA-certified integrated firewall your first line of protection for the WAN Edge, but don’t stop there. Leverage Citrix SD-WAN partnerships with industry-leading security vendors to layer additional security capabilities.

Citrix SD-WAN gives organizations the flexibility to augment their security protection in the cloud or on-prem by partnering with industry-leading security vendors such as Zscaler and Palo Alto Networks.