What is SD-WAN?

Definition, Characteristics & Integration

A definition of SD-WAN

SD-WAN or software defined WAN, is a technology based on the broader concept of SDN (software defined networking). It allows enterprises and organizations to configure policies to distribute the network traffic. The central site of any SD-WAN solution has total control of their offices or sites and the traffic which flows through the network, via a Controller. The mentioned Controller can also enable edge devices at the offices or sites to be configured with zero touch provisioning. Another huge advantage that SD-WAN offers is the possibility to create a virtual overlay of the transport network used to carry the data traffic.


In the early 2000’s MPLS gradually became the network technology used by large enterprises and organizations because it was a network infrastructure provided by the carriers that offered important advantages. However, before the end of the first decade, these same large enterprises and organizations wanted and needed to change their traditional MPLS infrastructure for various reasons. Internet lines (especially xDSL lines) were becoming somewhat more reliable and could definitely beat MPLS on the ever increasing bandwidth requirements, deployment time and price. Organizations began to study the possibility of using standard Internet lines, but they still needed to evolve sufficiently for these types of user to be able to transition from MPLS lines to Internet lines. That’s when the roots of SD-WAN were laid.

How did SD-WAN start

As it was clear that traditional enterprise networks (MPLS, …) were not going to be totally valid in the near future, research and investigations began on how the network could change and be adapted to enterprise and organization communication requirements. One of these research projects was the clean slate project developed at Stanford University. Eventually, the researchers at Stanford University came to the conclusion that the network had to be dedicated to transporting data, whilst the management of the network had to be controlled in one single central site.
With this overall idea of separating the data and control planes, the Stanford University researchers’ developments, were later to become the base of what we know today as SD-WAN. Once the project investigations concluded, it was clear that SD-WAN was to be the next network technology for enterprises and organizations.

Teldat & SD-WAN


SD-WAN is now a mature market in which Teldat has participated from the beginning. As a result Teldat has been rated by different analysts and for many years as an important player in the SD-WAN market. With all this, Teldat has obtained vital experience and specific competitive advantages.

Through this continued contact with the markets, Teldat has learned the most important SD-WAN aspects that Customers look for and value. Upon this cumulative knowledge, Teldat has evolved its SD-WAN offering, in order to provide to any client, a high-level, unique, modular SD-WAN solution and strategy, shaping what is one of the best price-performance and cost optimized SD-WAN solutions available on the market, which other SD-WAN suppliers are not able to provide.

The following bullets mention the most important points that any SD-WAN solution should include. These bullet points also detail key aspects that make Teldat’s SD-WAN solution different from the rest:

Security built on a bottom-up strategy, covering several different scenarios.

A vast product portfolio of edge routers complying with any type of network transport independence

Teldat’s Wizard / GUI is orientated towards a business purpose.

Virtualization, tackled with our specific SDE solution.

Teldat’s long history of working with legacy networks is applied into legacy networking integration within SD-WAN.

A flexible deployment strategy allowing a phased implementation of any SD-WAN solution.


Security within SD-WAN is of vital importance because in most of the scenarios SD-WAN uses open public networks on the Internet. There will therefore be sites handling critical business information, often on cloud applications and services, web browsing, as well as the access of visitors to the network, with their specific traffic coming from different points on the cloud or web. Moreover, if go to the basic concept of SD-WAN, we know that there are two planes; control plane and data plane. Both need to be protected.
Teldat has a security solution that combines, device security overlay security and cloud security. A summary of our security solution system and its different levels can be seen below.

Firstly, there is the device security is based on a Level 7 firewall with LAN and WAN isolation using VRFs. Then there is the overlay security which covers confidentiality, integrity and authentication which are all covered via IPSEC and segments isolating different domains and network zones. Teldat provides centralized tools for configuring end-to-end segmentation on SD-WAN solutions.

Moving on to Cloud security, this is split into three sections. There is a cost effective solution called be.SAFE SMART, using the best security options to cover various malware threats. This solution offers web filtering, malware protection, analytics /productivity feedback, configuration of cybersecurity policies and CPE agnostics based on DNS resolution.

Then, an advanced security solution called be.SAFE Premium that gives another series of extra security issues for an SD-WAN solution, acting as a NGFW. Especially for systems that have direct public cloud access for branches and remote locations. This offers centralized solutions with IDS/IPS capacity, antivirus, antispam, sandboxing, etc. based on Check Point technology and fully integrated within the Teldat management portal.

Additionally, Teldat uses its in-house Network Traffic Analytics application with AI called Visualizer, for security. It offers a unique and cost-effective solution for SD-WAN security, enabling a proactive system to detect and stop security threats.

Network Transport Independence

Independence of the network transport system and the SD-WAN edge router devices / architecture is one of the basic features that defines SD-WAN. This ensures that the data plane and control plane are completely separated and that end-users are able to use whatever network transport connectivity best suits their requirements.
Teldat has traditionally developed WAN edge routers for many years. Accordingly our product portfolio includes a vast amount of devices built for different types interfaces and network connectivity. From legacy networks (MPLS, Serial, E1/T1, G.SHDSL, PRI…) to fiber, as well as 5G, LTE-A Pro/4G and even 3G, allowing our clients to have on their SD-WAN systems, not only fixed line connectivity but also independent cellular access, whether it’s for back-up or main line.
Indeed, for many years our wan routers have been deployed in large enterprises/organizations, and medium sized companies via important carriers in different parts of the globe. Hence Teldat has the MPLS knowledge, that other SD-WAN suppliers do not have. This gives us a strong competitive advantage over other market players, enabling our current or new clients to receive a simple and easy migration, from MPLS to SD-WAN.

Moreover, although network transport is totally independent, Teldat has the overlay connectivity and data center development within important carriers, which can make the migration process from MPLS to SD-WAN even smoother.

Business Purpose


An SD-WAN system needs to be business orientated. It needs to allow the end-user easy deployment, from the initial configuration to more complex scenario configurations, minimizing the amount of supplier-specific software knowledge required. Only if this is available will an SD-WAN solution be business orientated, and this can only be achieved with a sophisticated and powerful Wizard / GUI.

Teldat does have a business orientated Wizard / GUI tool. It permits clients, end-users, managed service providers or system integrators to set up what they require. A business orientated Wizard / GUI avoids our clients dealing with knowledge barriers that increase configuration errors. Teldat’s Wizard / GUI eliminates complex protocols for basic scenarios within the SD-WAN environment. Our clients are able to easily see and understand their configurations, because our overall business orientated configuration philosophy is that every client has different needs and requirements.

The markets recognize this as a competitive advantage to select their SD-WAN solution. The fact is that the majority of our competitors cannot offer this type SD-WAN Wizard / GUI and hence their solution is not as business orientated as Teldat’s.
Teldat’s SD-WAN Wizard / GUI allows to configure:

  • Network Wide Settings: define the basic overlay parameters and different added services, such as Visualizer server.
  • Data Centers: define Data Center SD-WAN edges to concentrate VPN traffic from office or site devices.
  • Access Providers: Selects different types of WAN networks and the WAN providers.
  • Services: define internal and cloud traffic destinations and servers.
  • User/Device Groups: Origin of the traffic, LAN groups, planned addressing deployment, that can be self-managed via the SD-WAN Controller.
  • Applications: apply traffic selector rules to establish priority orders for traffic routing.
  • SLA’s: define policy actions with SLA enforcement to empower the application steering with the monitored network parameters.
  • Policies: apply traffic policy actions, with drop, overlay / underlay, as well as SLA enforcement that can have fallback to overlay or underlay.
  • Application categories: apply one traffic policy to a set of applications.
  • Branch templates: for branch SD-WAN edge to forward traffic to specific Data Center edge devices. They include configuration menus for WAN access, segments, application categories and routing policies.


Network virtualization is a characteristic of SD-WAN solutions, which proves to be more relevant in data centers and large organizations’ central sites. The objective of virtualization is to be able to optimize costs by applying the best software solutions possible that solve an enterprise’s data center or a service provider’s data center problems and to run this software on independent hardware. This is what is known as a “software-defined data center” or a SDDC.


Teldat has been working on software defined data centers for enterprises and service providers for some time with our SDE product range.Although the power of our SDDC solution is in our software, OpenSDx or OSDx, developed on Linux, we use a high quality x86 hardware to make sure that the whole solution is effective and efficient.

Our SDDC solution offers the possibility of supporting different access or overlay networks for the data plane from the remote offices / sites to the data center. It also integrates with the Teldat SD-WAN Controller. The ability to use both Internet and MPLS, allows the user greater flexibility and an easier migration from a totally MPLS system.





The WAN is a mission critical infrastructure for any enterprise’s or organization’s connectivity. Therefore, when converting from legacy infrastructure to SD-WAN, the integration process between both types of networks is of vital importance, in order to ensure a smooth transition, without bottlenecks that can cause huge disruptions.

Teldat has a vast experience in working with legacy networks, and one of its competitive advantages is the ability to integrate both legacy and SD-WAN for clients. Firstly, because any switch from legacy to SD-WAN is not automatic. It’s a gradual process. In most cases, especially in large clients and/or complex networks, the transition from legacy to SD-WAN, needs to be carried out in different phases over time.

This vast legacy experience means that our SD-WAN solutions cannot only be integrated with MPLS, but with a very large number of legacy networks and protocols such as Serial, E1/T1, G.703, while many more can be deployed during the transition process.

Another of Teldat’s competitive advantages is the ability to set up hybrid networks so that legacy networks and SD-WAN can work in the same client as a fixed solution, until the client requires to change it. Often clients want to establish certain scenarios that require such cloud connectivity for specific applications for example, to be on SD-WAN, whilst they may require specific data to continue using legacy network connectivity. It’s Teldat’s deep knowledge of legacy networks that will enable this type of solution to work correctly.

Moreover, another of Teldat’s competitive advantages derived from its legacy know-how, is the ability to establish advanced configurations within SD-WAN, for example using CLI extension programming. An overall SD-WAN solution can replicate and integrate a legacy network. Teldat has successfully carried this out in complex market segments, such as the financial sector, allowing us to integrate and adapt our SD-WAN solution, to our clients’ needs and requirements.

Flexible Deployment


Potential SD-WAN users, analyzing the possibility of adopting an SD-WAN solution, often face two typical situations, which dissuade them from deploying SD-WAN and consequently avoiding them to realize the benefits of such solutions. The first blocking scenario occurs when the Customer is not given an integration solution that adapts to their requirements; the second negative scenario occurs when the Customer is obliged by the supplier or service provider, to take on board in one shot the full SD-WAN solution. However, Teldat solves all these issues, totally opening up SD-WAN solution to all types of companies and organizations.

Teldat is virtually the only SD-WAN developer that offers the ability to take SD-WAN on, not only with advanced integration possibilities, but also with an SD-WAN solution totally geared towards flexible deployment. Teldat’s SD-WAN can be applied gradually with a phased implementation strategy.

Teldat’s solution comprises two modules, BASE and CONTROLLER, as well as an additional software solution tool for network performance monitoring and diagnostic analysis.

Firstly, our SD-WAN BASE module, which is the backbone of Teldat’s SD-WAN solution. It allows the perfect, yet simple integration of the network devices at site level and the ability to manage the entire network in a standard and automated format.

Secondly, Teldat’s SD-WAN CONTROLLER module, the heart of the Teldat SD-WAN solution, enables one click device configuration deployment and with its Level 7 application recognition, Teldat’s Controller module prioritizes network traffic.

Additionally, Teldat’s VISUALIZER tool, can be deployed on SD-WAN solutions to offer a fast, efficient, in-depth monitoring and diagnosis of networks.

Read our SD-WAN Posts

How SD-WAN can be traced back to the Clean Slate project

What kind of Internet would we design today if we were to start from scratch using what we now know?…

SD-WAN: finding a balance

For the past few years, we’ve been hearing the word SD-WAN a lot. In my daily work with customers, Partners and Carriers from…

SD-WAN Edge Routers and their importance in SDN environments

Today we are experiencing a revolution based on networking solutions that improve network optimization and are able to combine…

Making the Net Work


For more information about our SD-WAN solution simply contact us.

Our team of specialists will respond immediately.