Skip to content Skip to navigation Skip to footer

What Is SD-WAN Architecture?

SD-WAN Architecture Definition

SD-WAN architecture is a way of building a simplified wide area network between sites and applications that can reside anywhere while leveraging any type of connectivity (i.e. broadband, LTE/5G, MPLS). The architecture is application-driven that enables a faster, reliable and secure access to applications. 

Where Can You Deploy SD-WAN Architecture?

There are three basic locations where you can deploy SD-WAN architecture:

  • On-premises
  • In the cloud or a multi-cloud environment
  • Using a cloud plus backbone architecture


SD-WAN architecture starts on-premises with a physical hardware device—it is usually a hardware appliance but it can also be virtual. Network administrators and operators can centrally manage and access the hardware devices. In this configuration, SD-WAN architecture connects remote locations, data centers, and possibly Software-as-a-Service (SaaS) applications.

Cloud-or Multi-cloud enabled

When an organization uses Infrastructure-as-a-Service (IaaS) to host applications in the cloud, such as with AWS, Google Cloud Platform (GCP), or Microsoft Azure, they need cloud-enabled SD-WAN architecture. This is accomplished using a virtual machine that gets installed in the provider's (i.e., AWS, Azure, GCP, etc.) cloud infrastructure.

On the other hand, if a company uses more than one cloud service, it will need a multi-cloud setup. The organization may, for example, have apps hosted on both GCP and Microsoft Azure. To optimize the networks connected to these apps, they would need SD-WAN architecture in each cloud environment.

Cloud-enabled Plus Backbone

With cloud plus backbone architecture, the cloud company—such as AWS, GCP, or Azure—have set up their own direct data highways between their data centers. When an organization subscribes to a cloud plus backbone service, they get fast, private connections between apps hosted in cloud environments that may be hundreds or thousands of miles apart.

What Are the Types of SD-WAN Architecture Deployment?

The types of SD-WAN architecture deployments include:

  1. DIY (Do It Yourself): This involves the organization’s in-house IT team setting up and managing all the various components.
  2. Managed SD-WAN architecture: In this deployment type, a service provider handles the implementation and management, providing an out-of-the-box solution, as well as security and application management.
  3. Co-managed SD-WAN architecture: This gives organizations the ability to control certain elements of the SD-WAN architecture, such as security policies and application-routing preferences, and everything else to a service provider.

What Are the SD-WAN Form Factors?

The form factors for SD-WAN architecture include:

  • Physical appliance: This is a physical device installed on-premises at branch offices and data centers.
  • Virtual: This is a virtual machine installed on universal customer premises equipment (uCPE) or servers at branch offices. 
  • Cloud: Cloud SD-WAN is operated using software installed in a cloud environment.

Learn How a Public School in Niagara Leveraged AI-Driven SD-WAN Architecture

How Fortinet Can Help

Fortinet helps organizations secure their networks with fast, flexible, and scalable secure SD-WAN solutionsFortinet next-generation firewall solutions consolidate SD-WAN with NGFWs and advanced routing. This ensures superior quality of experience at scale, simplified WAN architecture, the convergence of network and security, and enhanced efficiency through deep analytics, automation, and self-healing.

The Fortinet Secure SD-WAN approach offers built-in security and high-speed networking capabilities. This ensures enterprises obtain the required cloud application access and performance, plus advanced security that does not hamper speed. 

SD-WAN Explained: Find out more about SD-WAN benefits.