Secure SD-WAN

For scalable, efficient, and secure networks.

SD-WAN: Secure, automated site networking

Networking company locations and integrating modern cloud applications into IT infrastructure continue to present major challenges for businesses. To ensure that applications are delivered with the required quality while maintaining the highest level of network security, your qualified IT personnel no longer need to configure, network, and maintain each location individually. This process is prone to errors, time-consuming, and hardly feasible given the shortage of skilled workers.

In today's digital world, SD-WAN offers secure and reliable network solutions for companies of all sizes.

Choose LANCOM SD-WAN now: The solution for secure and automated site networking!

What is SD-WAN?

A software-defined wide area network (SD-WAN) is a virtual network infrastructure that replaces traditional, static, and manually configured networks. In light of increasing digitalization, which demands higher bandwidths, optimal network availability, data security, and fast time-to-service, SD-WAN offers significant advantages for networking distributed company locations. These benefits include the automation of previously manual configurations, as well as the reduction of costs and the need for on-site deployments.

SD-WAN utilizes simple, Internet-based wide area networks (WAN) to quickly deliver digital applications. A cloud-oriented SD-WAN solution makes the network infrastructure more scalable, efficient, and secure. As a result, SD-WAN enables centralized management, making it ideal for company networks with multiple locations. Large enterprises can easily connect their office networks, while business-critical applications are managed and networked with high availability and security.

Icon: cloud with connection lines

This is what SD-WAN can look like

Branch networking with SD-WAN

By automating network configuration and management, SD-WAN greatly simplifies the setup and operation of complex networks. Secure site networking and communication between different locations, such as the head office and branch offices, are ensured through encrypted VPN tunnels. These tunnels are established between the SD-WAN Central Site Gateway at the head office and the SD-WAN Gateway at each individual site.

Additionally, with the “Local Internet Breakout” feature, internet traffic is efficiently managed by routing non-critical data locally and more quickly via the internet. This particularly enhances the performance of cloud applications such as AWS, Google Cloud, and Azure.

Advantages of SD-WAN

Reduced costs &
efficiency

  • Highly integrated “one box“ solutions and an extensive portfolio offer versatile and efficient complete offerings for various requirements.
  • Expensive MPLS lines are replaced or supplemented by cost-effective Internet access (DSL, fibre-optic, cable, LTE, 5G).
  • Expensive field service deployments and costly individual device configurations are eliminated thanks to zero-touch commissioning.

Speed &
availability

  • The parallel use of several internet lines available at the location (DSL, fiber optics, cable, MPLS line etc.) increases the available bandwidth as required.

  • The continuous internet connection is ensured with internet access via LTE or 5G as a backup option.

Management &
automation

  • Centralized management & 24/7 monitoring provide permanent monitoring and ensure greater security.
  • Automatic rollouts facilitate the provision of new locations with zero-touch deployment.
  • Remote troubleshooting ensures delay-free operation and enables fast, location-independent troubleshooting.

Security &
reliability

  • With Advanced Routing and Forwarding, networks are securely separated from each other.
  • LANCOM High Scalability VPN (HSVPN) enables multiple networks to be bundled in one VPN tunnel and reduces the number of VPN tunnels required with Secure Tunnelling.
  • End-to-end encryption ensures secure and protected data traffic.

Why SD-WAN from LANCOM?

With the SD-WAN solution from LANCOM, you receive everything from a single source – ranging from hardware to a secure and trustworthy cloud that adheres to the highest data protection standards. The SD-WAN solution, "Engineered in Germany," guarantees full compliance with NIS2 and GDPR regulations. LANCOM ensures that your data is protected at all times through a strict anti-backdoor policy, preventing unauthorized access – a key advantage for your digital sovereignty!

LANCOM’s clever one-box solutions, which offer an exceptional variety of interfaces, provide you with a flexible connection to the internet while simplifying your network architecture. The SD-WAN solution from LANCOM gives you full control over your IT infrastructure – without compromising security or performance.

What advantages does SD-WAN offer and why should you introduce SD-WAN in your company? We give you 8 good reasons for using SD-WAN and show you what a secure software-defined wide area network can look like.

Whitepaper: 8 good reasons for an SD-WAN


Satisfied customers & awards

LANCOM still top VPN provider in 2024

For the eighth time in a row, LANCOM has been named champion in the Virtual Private Network (VPN) category in the “Professional User Rating Security Solutions” by analyst firm techconsult!

LANCOM SD-WAN in practice at ATU

The automotive service provider ATU reports on the switch from expensive MPLS lines to the agile LANCOM SD-WAN:

Read ATU-reference

Outstanding user ratings from IP-Insider

Trust the excellent rating of other users at the IP-Insider Readers' Choice Awards 2023: LANCOM Systems receives GOLD in the Network Infrastructure category!


Centralized control with the LANCOM Management Cloud

Automated network management

The LANCOM Management Cloud serves as the central management platform, provisioning and managing the entire infrastructure across all network segments (WAN, LAN, Wi-Fi, security). Simply define the target scenario via a graphical user interface – manual configuration of individual devices is no longer required.

The LMC delivers advanced SD-WAN capabilities such as Dynamic Path Selection, High Scalability VPN, Load Balancing, and Dynamic Routing Protocols, which enhance the scalability and efficiency of wide-area networks for medium-sized and large companies.

Whether deployed in the public cloud or as a private cloud for large enterprise networks and service providers, the LANCOM Management Cloud ensures maximum agility, flexibility, quality, and security for your network.

Powerful SD-WAN portfolio

LANCOM SD-WAN solutions offer a comprehensive product portfolio for secure, location-independent working, automated site networking, and top-tier security technologies – developed and hosted in Germany. The routers and SD-WAN gateways provide the most extensive portfolio on the market as one-box solutions, supporting connections via fiber-optics, xDSL, Gigabit Ethernet, Supervectoring, LTE, LTE-Advanced, and 5G. All devices come “SD-WAN-ready,” are deployed using zero-touch deployment, and are fully configured automatically – even for DSL connections.

Strengthen your digital sovereignty today with backdoor-free, BSI-certified products. Make a conscious choice for a trustworthy SD-WAN “engineered in Germany” – for lower costs, less stress, and more time to focus on your core business!

SD-WAN Management

LANCOM Management Cloud for a centralized, automated network management

SD-WAN Connectivity

LANCOM routers & SD-WAN gateways for high performance and reliability at all sites

SD-WAN Security

LANCOM R&S®Unified Fire­walls for maximum network security and protection

SD-WAN features at a glance

Policy Based Routing

Allow, redirect or block applications according to their security policy

Control over which applications are allowed or blocked in company networks is crucial. This can be easily managed in the modern SD-WAN network: Policy-based routing can be…

Control over which applications are allowed or blocked in company networks is crucial. This can be easily managed in the modern SD-WAN network: Policy-based routing can be used to redirect or block applications, for example. For trustworthy applications, it is also advisable to prioritize the individual locations using a Local Internet Breakout. This reduces the load on the connection to the control center and improves the overall performance of the network.

Application Monitoring

Log and analyze applications and users

Nowadays, it is crucial to know which applications are being used in the network in order to be able to operate effective application management. A modern SD-WAN continuously monitors which users are using which applications and to…

Nowadays, it is crucial to know which applications are being used in the network in order to be able to operate effective application management. A modern SD-WAN continuously monitors which users are using which applications and to what extent (top users / top applications). Historical logging and graphical analyzes provide a comprehensive overview that serves as the basis for well-founded network decisions.

Load Balancing

Use multiple Internet accesses with dynamic load balancing

Active / Active mode, in which several Internet accesses at one location are used in parallel and distributed by load balancing, increases the available total bandwidth and…

Active / Active mode, in which several Internet accesses at one location are used in parallel and distributed by load balancing, increases the available total bandwidth and enables dynamic load distribution. This mode supports the flexible and simultaneous use of all wired connections - be it Ethernet, fibre optic, DSL / cable via external modem or even mobile telephony.

Whitepaper: Load Balancing

Dynamic Path Selection

Select the best line for the best connection quality

With Dynamic Path Selection, business-critical applications in an SD-WAN are always routed via the best available line. This feature continuously monitors all WAN connections with regard to load, packet loss, latency and jitter (Path Quality…

With Dynamic Path Selection, business-critical applications in an SD-WAN are always routed via the best available line. This feature continuously monitors all WAN connections with regard to load, packet loss, latency and jitter (Path Quality Monitoring), and dynamically selects the optimum line for certain applications based on the current connection quality. The Dynamic Path Selection algorithm decides on the line with the best performance. If several lines fulfill the defined guidelines, load balancing takes place in a round-robin process. As a result, users in extensive SD-WAN infrastructures with multiple WAN connections in active/active mode benefit from maximum performance and reliability.

Techpaper: Dynamic Path Selection

Advanced Routing & Forwarding

Isolate and restrict communication channels of different user groups

ARF, or Advanced Routing and Forwarding, is a technology that makes it possible to set up separate communication channels for different user groups (such as accounting,…

ARF, or Advanced Routing and Forwarding, is a technology that makes it possible to set up separate communication channels for different user groups (such as accounting, development and management) via a central gateway. Each communication channel or IP context is isolated so that different participants can be given access to certain IP contexts as required, while other areas remain blocked.

High Scalability VPN (HSVPN)

Bundle multiple networks in one VPN tunnel

HSVPN significantly improves the scalability and efficiency of an SD-WAN architecture, especially in times of growing digitalization, increasing application diversity and rising data volumes. Instead of using a separate VPN tunnel for each…

HSVPN significantly improves the scalability and efficiency of an SD-WAN architecture, especially in times of growing digitalization, increasing application diversity and rising data volumes. Instead of using a separate VPN tunnel for each application, HSVPN enables any number of networks to be bundled into a single VPN tunnel (secure tunnelling), which is transported to the remote site. The individual networks remain secure and strictly separated from each other. The advantage is a reduction in the number of VPN tunnels required and faster recovery times in the event of a failover.

Techpaper: LANCOM High Scalability VPN (HSVPN)

Advanced Mesh VPN

Avoid bottlenecks with direct communication between branches

In classic, star-shaped VPN site networks, where all branches are only connected via the head office and not directly to each other, the internet line at the head office often…

In classic, star-shaped VPN site networks, where all branches are only connected via the head office and not directly to each other, the internet line at the head office often becomes a bottleneck for all communication. With Advanced Mesh VPN, the branch offices can communicate directly with each other, which reduces traffic at the head office and increases performance. The VPN tunnels are set up dynamically when data is transferred between the branches and are also dynamically dismantled again when communication is no longer taking place.

Techpaper: Advanced Mesh VPN

Control & data plane

Strictly separate management and data connections

A key security feature of modern SD-WAN infrastructures is the strict separation between management (control plane) and data connections (data plane). While the data connections, such as VPN tunnels, are established directly…

A key security feature of modern SD-WAN infrastructures is the strict separation between management (control plane) and data connections (data plane). While the data connections, such as VPN tunnels, are established directly between the VPN gateways, each network component communicates with an orchestrator via a separate management connection. This means that the user data remains invisible to the management system and the management and monitoring of the network components takes place independently of the data connections. This process is carried out fully automatically and without prior manual configuration of the devices (zero-touch provisioning) by establishing a secure connection from the device to the management system. By moving the control plane to a central cloud, the advantage is an always accessible, location-independent, centralized and web-based administration interface for all devices and applications at all locations.

Firewall-Features

Secured from A to Z: UTM security features for Unified Firewalls

The digitalized present and sophisticated cyber attacks require new standards in network security. Application control, blocking, attack detection and prevention are…

The digitalized present and sophisticated cyber attacks require new standards in network security. Application control, blocking, attack detection and prevention are essential for secure IT networks. Integrated into the powerful firewall operating system LCOS FX, these and other UTM security features “engineered in Germany“ offer a considerable security advantage. The feature set of LANCOM R&S®Unified Firewalls and LANCOM vFirewalls is regularly expanded to protect professional networks against new types of risks.

Mora about the firewall features

Downloads


Responsible networking with NIS2

Digital networking is enriching companies around the world and constantly evolving working life. However, network and information security must not be ignored. This is why the EU NIS2 directive now defines and prescribes this more precisely in order to increase cyber security overall and adapt it to current developments. Find out what this means and whether the new requirements affect your company.
 

More about NIS2


More about


We answer your questions

Your direct line to us

Most questions can be resolved best in direct contact.

We look forward to answering your questions and requests by phone or via the contact form.

Inside Sales International Team
+49 (0)2405 49936 122