SASE6 min read

Re-Introducing VMware SD-Access

VeloCloud Team
People with a cybernetic background

February 27, 2024: VMware, recently acquired by Broadcom, announced that we’re returning to the VeloCloud brand for our SD-WAN and SASE solutions. Learn more in our press release and blog, Back to the Future with VeloCloud, the Intelligent Overlay for the Software-Defined Edge.


Updated 8/29/2023

At VMware Explore Las Vegas last week, we unveiled a fresh perspective on our strategy for the edge. An integral part of that strategy is VMware SD-Access™, formerly called the VMware SD-WAN Client and now available. “Client” doesn’t truly express what this software can do. Yes, it can replace a VPN and connect users and systems directly with no backhaul over a high-performance, low latency fabric. But it will also will bring IoT devices and OT systems into a single pane of glass, the VMware Edge Cloud Orchestrator™, that will manage massive edge deployments for our customers.

This article, originally published in November 2022, introduced VMware SD-Access to the world. It’s a refresher on what VMware SD-Access can do, and lays the groundwork for more to come.

To learn more, read the press release from VMware Explore Las Vegas 2023 and our blog post, Manage the Software-Defined Edge with VMware Edge Cloud Orchestrator.


Today at VMware Explore Europe, we are announcing a new offering in our award-winning, market-leading SD-WAN platform. To answer the need for remote SD-WAN access without a hardware SD-WAN edge, VMware is introducing the software-based VMware SD-WAN Client, to be available soon.

The VMware SD-WAN Client will provide a simple, secure, and high-performance remote access service that follows the principles of zero trust to securely connect remote workers’ endpoints and mobile devices without hardware edges. The client will be part of VMware SD-WAN and share its benefits, including integrated AIOps for deep visibility into the end-user experience, Dynamic Multipath Optimization™ for fast and reliable connections, adherence to common strict security standards, and access to a worldwide network of SASE PoPs for a fast on-ramp to multi-cloud.

Employees are on the move

Companies were slowly moving toward acceptance of a hybrid work model before 2020. Then the pandemic sent millions of people around the world home to work—and it turns out that a lot of those people wanted to keep the option to work from home, a coffee shop, or even a vacation spot. Now in late 2022, 74% of U.S. companies are using or plan to implement a hybrid work model. 80% of high-performing organizations agree that the ability to activate a remote workforce will represent a competitive differentiator. Further, employees are traveling for business again at a rate of 445 million trips per year. In both cases, employees working remotely or on the road need high-performance and secure access to their enterprise apps and websites.

The problem is …

Legacy networks and remote access solutions, including VPNs, were designed for an era where most applications were in the data center and most users were in the office. The ability to work from anywhere is great for employees, but the potential security and connectivity issues are keeping enterprise IT up at night. The home network is now a key attack path into the enterprise. Employees expect the same speed and reliability in remote work that they were used to in the office. IT organizations need simplicity and extended visibility to allow them to support users working remotely.

Relying on legacy remote access approaches can lead to major challenges:

  • Network complexities and inefficiencies: Traditional VPN solutions require regional VPN concentrators. IT has the responsibility to ensure these devices are deployed to handle the scale of remote users and are highly available and up to date with software patches and hardware refreshes, adding cost and complexity to network operations.
  • Insufficient security: Organizations are under constant attack from those who want to ransom or steal information. Security checks in traditional VPN solutions are light. They allow access with just a password to all resources on the network, jeopardizing the security of organizations’ users and data. Becuase traditional VPN solutions are hard appliances, IT is challenged to keep them secure with the timely application of software patches.
  • Poor network conditions: Legacy VPNs focus on connectivity, but they do not have awareness of network conditions and as a result have no way to perform network optimization. Any variation in the network performance can directly impact user productivity.
  • Inconsistent user access: Legacy VPNs are designed to backhaul traffic to VPN concentrators that may at best be deployed in a few regional locations. For users who are remote or on the move the traffic is routed to the destination via these concentrators. Any added latency due to sub-optimal path selection impacts user experience.
  • Operational complexities and expense: The modern network of today is delivered as a cloud-first service over a wireless-first infrastructure. Device heterogeneity and device mobility, combined with high transaction and data volume, have made the network far more dynamic and operations significantly more complex at the edge.

Up to now, VMware SD-WAN and VMware SASE have solved these issues using a hardware edge device for maximum performance. These appliances don’t travel well when the remote worker is not in a fixed location.

An easy choice for a complex, distributed landscape

The VMware SD-WAN Client will provide enterprise IT with an easy and secure remote access solution that boosts productivity by optimizing connections for speed and quality. It will provide robust security with connections that are encrypted end-to-end following a zero-trust model.   At the same time, integrated AIOps capabilities will ease the support burden for enterprise IT. 

The solution can be delivered from the cloud or deployed on premises. The cloud-managed service sets up in minutes. The VMware SD-WAN Client will replace expensive and inflexible VPN hardware infrastructure to deliver a high-performance private network fabric between servers, clouds, and remote workers’ desktop or mobile devices and without requiring hardware edges. It will also reduce overhead and maintenance costs while providing a better application experience for users working remotely or while travelling.

VMware SD-WAN Client will provide remote access and network path optimization to mobile devices and laptops working anywhere

Share the advantages of VMware SD-WAN

The VMware SD-WAN client will be fully integrated with VMware SD-WAN, an SD-WAN leader and the cornerstone of VMware SASE. VMware SD-WAN features policy-based, network-wide application performance, visibility, and control through a single pane of glass, the VMware SASE Orchestrator. Common business policies can be propagated and updated throughout the network with a single click. Network operations are simplified with smart defaults and artificial intelligence.

Benefits and features of the VMware SD-WAN Client

  • Uncompromised security: The solution will allow access to only those resources a user is entitled to, based on their identity and device posture. (For example, the system will check whether mandated antivirus software is installed.) Remote access tunnel is encrypted end-to-end and is based on the principles of zero trust.
  • Improved user experience: VMware SD-WAN Client will mitigate poor performance on the last-mile access network and ensure optimal connectivity to the nearest PoP, removing any dependency on hardware. This improves worker satisfaction and productivity through fast and reliable connections to applications.
  • Simplified operations including AIOps: VMware SD-WAN Client supports B2B private networks. No hardware is required for optimization from the users across a private network or the last mile to the nearest PoP. As a cloud-hosted solution, it is fast to set up as a VPN replacement and to establish peer-to-peer networks. Operations will get visibility into user experience because SASE AIOps is integrated with VMware SD-WAN. The solution will provide proactive insights when any deviation in normal user experience is detected and undertake corrective action through self-healing or operator-assisted remediation.
  • Built for mobility: VMware SD-WAN Client will be supported on end devices including mobile devices, laptops, desktops, and servers.
  • Easy to deploy: The VMware SD-WAN Client will not require centralized VPN concentrators that take time to set up. It’s easy to establish on-demand secure tunnels that can also build an autonomous, de-centralized network.

Common use cases for the VMware SD-WAN Client: VPN replacement and B2B private access

VPN replacement: Traditional VPN-based remote access solutions do not scale to address the number of remote users who need access to enterprise resources. VPN gateways become a choke point, increasing latency and frustrating remote workers.

The cloud-native, cloud-delivered VMware SD-WAN Client will take minutes to set up and is optimized to deliver a rich user experience while avoiding unnecessary backhaul.

VPN replacement with VMWare SD-WAN Client

Business-to-business private access: Secure and optimal connectivity is needed not only for the workforce inside the organization, but also for third parties such as business partners and contractors. VMware SD-WAN Client will offer a private network to connect with suppliers and business partners that is easy to set up and manage, scales up or down, and offers strong security based on zero-trust principles.

B2B private access implemented with VMware SD-WAN Client

The VMware SD-WAN Client will be able to cater to additional use cases including secure device-to-device communication in IoT, server-to-server communication in a distributed application architecture, and more.

To accelerate the development of the SD-WAN Client, VMware has acquired the team, products, and IP of Ananda Networks. The VMware SD-WAN client is expected to be GA in the spring of 2023.

Learn more