* [Blog](https://www.paloaltonetworks.com/blog)
* [SASE](https://www.paloaltonetworks.com/blog/sase/)
* [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/)
* Journey From Traditional ...

# Journey From Traditional Routed Network to SD-WAN

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsase%2Ftraditional-routed-network-to-sd-wan%2F)  
[](https://twitter.com/share?text=Journey+From+Traditional+Routed+Network+to+SD-WAN&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsase%2Ftraditional-routed-network-to-sd-wan%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsase%2Ftraditional-routed-network-to-sd-wan%2F&title=Journey+From+Traditional+Routed+Network+to+SD-WAN&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/sase/traditional-routed-network-to-sd-wan/&ts=markdown)  
\[\](mailto:?subject=Journey From Traditional Routed Network to SD-WAN)  
Link copied  
By [Anshuman Awasthi](https://www.paloaltonetworks.com/blog/author/anshuman-awasthi/?ts=markdown "Posts by Anshuman Awasthi")  
Apr 13, 2020  
5 minutes  
[Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)  
[network security](https://www.paloaltonetworks.com/blog/tag/network-security/?ts=markdown)  
[SD-WAN](https://www.paloaltonetworks.com/blog/tag/sd-wan/?ts=markdown)

My organization was one of the early adopters of SD-WAN (Software-Defined Wide Area Network). We had around 100+ retail locations with about 2000 users. Our business model was such that it requires downloading rich media content on our user machines to look at the products and review various offerings. To suffice the ever-increasing demand for high bandwidth and improve the reliability, we were looking for the available options. Our network traffic was using a traditional network technology with almost all the traffic was getting back-hauled, and we had many low-speed T1 connections. Although the MPLS (Multi-Protocol label switching) connections were reliable, they were costly factoring the bandwidth they were providing. If we just went ahead with circuit upgrades, it would have caused a steep increase in our operational cost. Still, also, there might be a challenge in upgrading the cabling infrastructure for the providers to accommodate the bandwidth increase.

Apart from the challenges listed above, we also discovered that we need to look for a solution for below technical issues:

* Purely routing based path selection -- Not able to use active/active load balancing while maintaining symmetry
* Operationally complex. No central configuration and policy management -- Complex CLI based configuration for QOS, tunnels, routing, and firewall.
* Lack of visibility into network and application performance while addressing user complaints.
* Reliance on MPLS transport to meet the required SLAs ? Not enough bandwidth.

In addition to these technical challenges, the real issue was encountering poor user experiences on a few occasions while they are navigating various network resources with a lot of rich media content. We looked at the few available options, and SD-WAN was offering a solution for many of our issues. Few key points that were looking promising were:

SD-WAN can address all the challenges while increasing available bandwidth for end users by combining the capacities of all transports and using all paths in active/active fashion

* Centralized management with zero-touch provisioning
* Increase overall bandwidth capacity by \>100% by using active/active paths
* Reduce cost by replacing router and MPLS circuits with commodity Internet with 100x more bandwidth
* Built-in Zone-Based Firewall.

The only challenge was how to build confidence in the new emerging technology and solve the puzzle of how we should adapt to it. The open-ended questions were:

* Do I need to make any design changes in my existing core network?
* How can I test and validate that it is working without making any significant changes in my production network?

To overcome these challenges, you will need a technology partner who not only has in-depth knowledge of his area but also willing to invest in understanding your network architecture and help you in making intelligent decisions to perform a successful Proof of concept (POC). We decided to install the appliance in learning mode and get some visibility before we make the device active. On a high level, we went ahead with the below-listed steps.

* Started with Analytics mode to understand the performance of critical corporate applications
* Enable Active/Active Load balancing with the router in place for the least changes in the existing environment with immediate benefits of SD-WAN.
* Gradually removed the traditional MPLS router upon license.

The biggest challenge was the non-availability of diverse media circuits at all the locations. To overcome this, we had to quickly adapt the combination of a direct internet (DIA) and a private network connection.

The pleasant surprise was it was straightforward to make the changes on a central portal and push it to the sites as all the appliances are centrally managed.

We were able to complete the project as planned and were able to achieve some added benefits that were not even scoped during the time of engagement. I want to list some of the main benefits that we noticed.

* The overall migration went very smoothly with little downtime that was planned during off-hours.
* Moved away from MPLS to dual direct internet circuits keeping around the same operational cost.
* The average internet bandwidth increased at all of our sites was significant.
* A dynamic and seamless path selection based on performance and full visibility into application performance has helped improve user experience
* Ability to manage and monitor the network and applications centrally via GUI has helped the IT support staff to save time and focus on business-critical functions than configuration/troubleshooting network problems
* Controlling policy granularly on a per-application basis has helped selectively break out trusted business-critical applications on the internet path.
* It is straightforward to manage the zone-based firewall and monitor network traffic.

I believe all these advantages and seamless migration makes SD-WAN selection a no-brainer for our enterprise. The future of SD-WAN looks even more promising with the available integrations of various SASE (Secure Access Service Edge) providers. This partnership will not only provide excellent network performance but will add unmatched security benefits.

Read [Palo Alto Networks Completes Acquisition of CloudGenix](https://www.paloaltonetworks.com/company/press/2020/palo-alto-networks-completes-acquisition-of-cloudgenix?ts=markdown).

*** ** * ** ***

## Related Blogs

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Day 2 Operations Simplified with the Power of AI](https://www.paloaltonetworks.com/blog/sase/day-2-operations-simplified-with-the-power-of-ai/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Securing your Branches with Zero Compromise](https://www.paloaltonetworks.com/blog/sase/securing-branches-zero-compromise/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Delivering Flexible Connectivity for Today's Branches](https://www.paloaltonetworks.com/blog/sase/delivering-flexible-connectivity-for-todays-branches/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Exceptional User Experience with Prisma SD-WAN's App-Defined Fabric](https://www.paloaltonetworks.com/blog/sase/exceptional-user-experience-with-prisma-sd-wan-app-defined-fabric/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Palo Alto Networks Wins Frost \& Sullivan Award for Secure SD-WAN](https://www.paloaltonetworks.com/blog/2022/08/frost-sullivan-award-for-secure-sd-wan/)

### [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Investors Bank Migrates to the Cloud, Optimizing the Customer Journey](https://www.paloaltonetworks.com/blog/sase/investors-bank-migrates-to-the-cloud-optimizing-the-customer-journey/)

### Subscribe to Sase Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language