Outbound load-balancing/redundancy between ISPs

I have been doing some research into setting up redundant ISPs on the PANs (Palo Alto firewalls), and it seems that if we don't want to run BGP for that site, the best alternative seems to be PBF.  Am I on the right track with that?  Are there other alternatives?
LVL 17
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Aaron TomoskyDirector of Solutions ConsultingCommented:
PaloAlto can wan failover prett well, but you still have to pin flows to links, so no real load balancing. An sdwan solution like velocloud is made for this and you can keep your PA behind it for security services.

Disclaimer: my day job is at a premier velocloud implementation and support provider.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tiras25Author Commented:
Thanks Aaron.  So, is velocloud a HW implementation or a service?
Redundancy between ISP?
I never understood this term...
Do you have your own IP subnet? Yes...then redundancy between ISP makes sense...but BGP is the way to go....No...how would you user sessions on say public IP1 owned by ISP1 switch to public IP2 owned by ISP2

If you wish to utilize both links simultaneously for utilizing bandwidth kind of scenario then that's a different thing....then PBR/PBF should be used.

Please provide details what you wish to accomplish.

Thank you!
Tiras25Author Commented:
Have one assigned as a primary and another as a 2nd failover.  BGP normally for inbound traffic.  This is for outbound.  We aren't advertising or hosting anything.
Aaron TomoskyDirector of Solutions ConsultingCommented:
We offer the whole thing as a service along with support, but technically it's a hardware edge device, as well as a software license and SaaS component.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.