Question: 1/50
An enterprise is planning an SD-WAN rollout across 60 branches. The security team requires that all internet-bound traffic be inspected by Palo Alto Networks security services, but the network team wants local breakout for Microsoft 365 to reduce latency. Which design best meets both requirements?
Backhaul all internet traffic to the data center so a single firewall stack inspects everything
Use SD-WAN to steer Microsoft 365 traffic directly to the internet while sending all other internet traffic to a centralized security stack or cloud security service
Enable ECMP on branch routers and rely on the ISP to select the best egress path for each application
Use only static routes so each branch always uses MPLS for SaaS and broadband for general web browsing