How SD-WAN Realizes a New Cloud First Model? SD-WAN uses software and centralized management capabilities to intelligently direct traffic over the WAN. SD-WAN handles traffic based on priorities, QoS, and security requirements that meet your business needs. The traditional router-centric model distributes control functions across devices in the network, so routers simply route traffic based on TCP / IP addresses and ACLs.

Sending SaaS and IaaS traffic directly over the Internet provides the highest quality end-user experience for your application. However, not all traffic to the cloud and web traffic are created equally. Many cloud applications and their providers have native and robust security measures in place. Accessing these "trusted" applications directly from your branch over the Internet provides the security you need to protect your enterprise from threats. For example, Salesforce, Office365, ServiceNow, Box, Dropbox, and so on.

However, some other cloud apps and web traffic are not very reliable, unknown, or even suspicious, so more sophisticated traffic screening is needed.
Security policy example:

Reliable and known business SaaS traffic is sent directly over the Internet
"Home" applications such as Facebook, YouTube and Netflix send to cloud-based security services
Untrusted traffic, unknown or suspicious traffic such as peer-to-peer applications, traffic to and from overseas, is backhauled and scrutinized by on-premise next-generation firewalls, etc.
With the ability and intelligence to identify applications, you can route traffic over the WAN in an application-driven manner, rather than just using TCP / IP addresses and ACLs. This software-driven approach can deliver much better QoEx than the router-centric WAN model.

how sd wan works