* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com.au/blog/corporate/)
* [Products and Services](https://www.paloaltonetworks.com.au/blog/category/products-and-services/)
* The Right Way to Secure S...

# The Right Way to Secure SD-WAN

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2018%2F05%2Fsp-right-way-secure-sd-wan%2F)  
[](https://twitter.com/share?text=The+Right+Way+to+Secure+SD-WAN&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2018%2F05%2Fsp-right-way-secure-sd-wan%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2018%2F05%2Fsp-right-way-secure-sd-wan%2F&title=The+Right+Way+to+Secure+SD-WAN&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/2018/05/sp-right-way-secure-sd-wan/&ts=markdown)  
\[\](mailto:?subject=The Right Way to Secure SD-WAN)  
Link copied  
By [Stuart Borgman](https://www.paloaltonetworks.com/blog/author/stuart-borgman/?ts=markdown "Posts by Stuart Borgman")  
May 01, 2018  
5 minutes  
[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)  
[Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)  
[network operator](https://www.paloaltonetworks.com/blog/tag/network-operator/?ts=markdown)  
[SD-WAN](https://www.paloaltonetworks.com/blog/tag/sd-wan/?ts=markdown)

What are network operators trying to achieve through security in SD-WAN deployments? [Palo Alto Networks](https://www.paloaltonetworks.com/products/security-operating-platform) and a number of SD-WAN vendors addressed this question in the 2018 [MPLS + SDN + NFV World Congress](https://www.uppersideconferences.com/mpls-sdn-nfv/) in Paris.

Security has never been more important to network operators and their customers. Software-defined networking, or SDN, is creating new security challenges as the network becomes tightly coupled to the service applications.

Palo Alto Networks is helping our service provider customers secure their SDN services, and during the conference, I had the opportunity to join an SD-WAN security panel session. The session was hosted by [Amir Zmora](https://www.linkedin.com/in/zmora) from YouNow, Inc., and involved a number of different SD-WAN vendors. The key question Amir posed: how did the panel view security integrated into SD-WAN and whether security should be provided by SD-WAN vendors or by a security company (best-of-breed vs. security native to the SD-WAN vendor)?

In general, the panel agreed that combining best-of-breed security and SD-WAN vendor platforms is the right approach. I work for a best-of-breed security vendor, so I was a strong supporter of this opinion. However, the next question needs to be: why?

To answer this question, I believe you need to step back from the products and ask the more fundamental question: what are you trying to achieve through security in your SD-WAN deployment?

Think about the current cybersecurity threat landscape, which continues to change at a rapid pace. Cyberattacks are widespread and always in the headlines. These threats take on many forms with varying levels of sophistication. A successful cyberattack requires planning, which involves gathering of intelligence and the selection or creation of a [playbook](https://www.paloaltonetworks.com/blog/2017/12/unit42-introducing-the-adversary-playbook-first-up-oilrig/) to execute the attack.

The attacker will want to silently execute the attack, typically infecting the target without being noticed. Attacks will have multiple phases: exploiting vulnerabilities in an application or operating system, followed by malware execution, then establishment of command-and-control channels, and then achieving the objective, such as stealing data or malicious damage. New attacks are continually emerging -- some new and some simply evolved versions of previously observed attacks. Our threat intelligence team, [Unit 42,](https://www.paloaltonetworks.com/resources/unit-42.html) continually analyzes cybersecurity threats and shares the latest threat intelligence information.

Once data is stolen, it's often impossible to fully recover. Copies are easily made and distributed. Traditional theft is different -- a physical item can be recovered and returned to the rightful owner. It is therefore important to define a security posture aligned with your objective. If you want to protect your data, your posture has to focus on prevention.

A true prevention posture must be able to stop the threats within the advisory playbook from being executed. Threats can take many forms and are not always obvious to those being attacked. A legitimate application could have been compromised. Malware could be hidden inside a spreadsheet that was distributed. A website may have been compromised. Each step within the playbook could seem innocuous but may show a sophisticated attack when pieced together. A good analogy is a jigsaw puzzle: only when you have all the pieces joined together can you see the real picture.

The security posture and underlying technology needs to provide the visibility required to detect an attack. It needs to be able to identify the applications, ensure they are behaving correctly and validate that they have not been compromised. Ideally, it should be able to whitelist those applications that are required and restrict the rest. It needs to be able to detect and prevent access to websites associated to malicious activity. It also needs to be able to inspect the content and ensure it does not contain any malware.

The more difficult challenge to operating a prevention security posture is dealing with the previously unknown, or "zero-day," exploit or malware. This requires a greater level of sophistication. To solve this problem requires the compute power of the cloud, which is playing an increasingly important role in detection and rapid analysis of new threats.

Let's return to the original question of security in SD-WAN and how it should be provided. If a customer is buying a secure service, the customer's objective is to prevent a security violation. Building and designing the correct security posture should be the primary objective. This means they need to be able to protect against both known and unknown threats. Selection criteria should be based on security requirements and whether it has the correct design and elements. Just because a device comes pre-installed with security does not mean it delivers the required security posture. Recovering from data loss can be very expensive, and this should not be forgotten when designing your security posture.

Our [Security Operating Platform](https://www.paloaltonetworks.com/products/security-operating-platform) automates the prevention of successful cyberattacks\*.\* The platform has the flexibility to be deployed in an open SDN or SD-WAN architecture, allowing its customers to build a secure, best-of-breed SD-WAN. Palo Alto Networks Security Operating Platform is used by [mobile network operators](https://www.paloaltonetworks.com/solutions/industries/service-providers/mobile-network-operators), [managed security service providers](https://www.paloaltonetworks.com/solutions/industries/service-providers/mssp) and cable MSOs for their infrastructure, IT, data center and security applications.

[Read more about Palo Alto Networks through Managed Security Services partners.](https://www.paloaltonetworks.com/resources/techbriefs/security-platform-for-managed-security-service-providers)

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown)

[#### Palo Alto Networks: 5x Leader in the Gartner Magic Quadrant for SD-WAN](https://www.paloaltonetworks.com.au/blog/2024/10/5x-leader-in-the-gartner-magic-quadrant-for-sd-wan/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown)

[#### Delivering Agility and Performance with Prisma SD-WAN Innovations](https://www.paloaltonetworks.com.au/blog/sase/delivering-agility-and-performance-with-prisma-sd-wan-innovations/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Day 2 Operations Simplified with the Power of AI](https://www.paloaltonetworks.com.au/blog/sase/day-2-operations-simplified-with-the-power-of-ai/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown)

[#### Prisma SD-WAN Wins CRN's 2023 SD-WAN Tech Innovation Award](https://www.paloaltonetworks.com.au/blog/sase/prisma-sd-wan-wins-crn-2023-sd-wan-tech-innovation-award/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Securing your Branches with Zero Compromise](https://www.paloaltonetworks.com.au/blog/sase/securing-branches-zero-compromise/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Exceptional User Experience with Prisma SD-WAN's App-Defined Fabric](https://www.paloaltonetworks.com.au/blog/sase/exceptional-user-experience-with-prisma-sd-wan-app-defined-fabric/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language