A hybrid WAN is a wide area network that sends traffic over two or more connection types. Hybrid WANs permit dynamic traffic engineering across both private and public domains, using a variety of connectivity options to make the best use of network resources. In its strictest sense, a hybrid WAN uses dedicated multiprotocol label switching (MPLS) circuits, plus carrier Ethernet, plus T3 links.
A hybrid approach allows network engineers to save money by maintaining dedicated lines for mission-critical traffic and sending lower-priority traffic over a less expensive circuit or connection. This approach is particularly attractive to enterprises with multiple branch offices. By routing such traffic over multiple links, network engineers can tap into adequate bandwidth as required and reduce the impact geographic distance has on application performance.
Security advantages a hybrid WAN can provide include:
- Support for IPSec and Secure Socket Layer termination.
- Support for security tokens and network firewalls to restrict traffic types, certain users or to segregate extranet partners.
- The ability to terminate all traffic sources from both office and remote users, including MPLS and virtual private LAN service.
Hybrid WAN is closely aligned with, but not identical to, software-defined WAN (SD-WAN). In this approach, programming dynamically routes traffic over available connections based on network policies and available bandwidth. Many hybrid WANs have an SDN component, although it is not required.