Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
PhoneBoy
Admin
Admin
Jump to solution

Keep Your Networking Peers Happy With Secure SD-WAN September 2024: Video, Slides, and Q&A

How do you measure packet loss or jitter per ISP? I think this can only be done per destination/target IP address.

That’s correct. You should see it in the demo, but we can configure a monitored target/destination per steering object. So different use cases/rules/applications can monitor separate targets that are relevant to that service.

Can SD-Wan be used with on-prem SMS managed gateways?

Yes it can. SD-WAN rules will be managed in the Infinity Portal being demo’d, but you will setup an object sync from your on-prem management server to the Infinity Portal.

Will Maestro support SDWAN?

Yes - This is on the near-term roadmap. Let us know if you're interested in EA.

Is SD-WAN available only in appliances or in Open Servers as well?

SD-WAN is available on Appliances, Open Servers and CGNS (Some Solutions) running R81.20 or above. Quantum Spark appliances are supported with R81.10.05.

Are dynamic routing protocols supported yet?

Dynamic Routing Protocols are supported on the Overlay starting R81.20 JHF 79.

What about SD-WAN dynamic routing support for Spark?

In R81.10.15 SD-WAN VPN Overlay is supported for Spark using dynamic routing.

Do the default jitter and packet loss settings work for most broadband links? If not, how would you recommend it be tuned for a lossy link?

We observe that predefined values work well in some scenarios and in others custom steering objects meet the needs. It depends on your Internet + MPLS connection. The predefined objects give you an idea what to configure. We recommend that the values set will be driven by the application in use and not by the line lossiness.

Is Infinity Events included with SD-WAN license?

Infinity Events is a dedicated license option.

How we can use both links with SASE? Is it supported today the VPN overlay to SASE?

Yes. For example, you can have a gateway with two external interfaces, each interface connecting to a dedicated Harmony SASE node using route-based VPNs. This achieves resilience. On the Internet connections, you can run SD-WAN Local Breakout for applications and SD-WAN VPN Overlay to other Quantum Gateways.

If one of my branch offices have only 1 ISP should we order SD-WAN for this site?

Yes, you can use SD-WAN VPN Overlay when having just one external interface. This can be useful, for instance, with VPN Overlay with another gateway having multiple interfaces.

Is there load balancing according to quality aspects?

Let's assume that an MPLS has no more free bandwidth, then all traffic is redirected to the WAN. in R81.20 JHF take 84 we provide capabilities to aggregate according to available bandwidth.

Is it necessary to configure any Advanced Routing (BGP/OSPF) on the gateway when using the SD-WAN feature?

This is not required.

What is the Quantum SD-WAN SK?

sk180605

Does Quantum SDWAN support GRE tunnels as well, or only IPsec VPN tunnels?

GRE tunnels are not supported. If this is a requirement, please contact your local office with the specific use case(s).

There is a load sharing option for regular IPsec tunnels with link redundacy as well, between sites. No need for SDWAN for this?

The steering rules and load balancing options are more robust with Quantum SD-WAN.

Do you see customers deploying SD-WAN specifically for ISP redundancy and not using the currently available ISP redundancy options?

Yes

What is the performance impact of enabling SD-WAN on the gateway?

Not significant. Note that Application Steering requires App Control and possibly HTTPS Inspection, which have their own impact.

What about the previous session about SD-WAN for Quantum Spark appliances?

Recording is available here.

1 Solution

Accepted Solutions
AmirArama
Employee
Employee

Hi Andy,

already supported since R81.20 JHF 79 on GAIA, and R81.10.15 on Spark

View solution in original post

5 Replies
the_rock
Legend
Legend

Just curious, any plans to support route based tunnels with sd-wan?

Andy

0 Kudos
AmirArama
Employee
Employee

Hi Andy,

already supported since R81.20 JHF 79 on GAIA, and R81.10.15 on Spark

the_rock
Legend
Legend

K, great, thanks for confirming.

Andy

Kevin_Stanton
Contributor

Hi I have some branches that have very poor internet access here in the UK, we have used multiple ADSL/FTTC type physical  links in the past into EFM type links however they are gone now. How many copper links will the sparc devices or any other device support to aggrigate multiple copper links to give bandwidth to the branch.

Amit_Navon
Employee
Employee

We have live systems with even 3 ISPs, You can aggregate multiple links, but in my view a better monitoring and fast link swap can bring value as well. contact me over email we can see what is the optimal WAN setup per your applications.

amitna@checkpoint.com

Amit Navon

Product Manager

SD-WAN

Check Point Software Technologies

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events