FortiSASE seamlessly aligns with the “new era, new technologies” mindset. With scenarios outside’s WAN perimeter, branches directly connected to the cloud, or heightened security requirements, the traditional “hub and spoke” IT infrastructure is increasingly outpaced by reality.

That’s why, a fresh strategy is required to combine network and security functionalities with WAN capabilities, supporting dynamic and secure internet access for a workforce operating “from anywhere.” This gave rise to SASE (Secure Access Service Edge), an architecture that combines network and security functionalities into a unified cloud service. Conceptually, SASE extends network and security capabilities beyond their customary boundaries.

This enables employees to work remotely, relying on features like Firewall as a Service (FWaaS), Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), and a range of threat detection functions.

 

What FortiSASE brings to the table?

 

The SASE market is still in its infancy, with leading vendors being companies that boast extensive experience in both networking and cybersecurity. Fortinet seamlessly fits into this landscape, as according to Gartner, the vendor stands out for its advanced networking and cybersecurity capabilities delivered through the FortiGate equipment series. Additionally, Fortinet offers a compelling cost-effectiveness ratio and boasts a robust partner ecosystem, capable of integrating the multifaceted functionalities provided by SASE.

As early as 2019, when Gartner introduced the SASE concept, Fortinet swiftly rolled out its own Secure Access Service Edge architecture, known as FortiSASE. This solution not only elevates security measures but also enhances the user experience for remote workers. It plays a pivotal role in fortifying the workforce’s security, closing security loopholes, and streamlining operational processes.

FortiSASE delivers cutting-edge features, including AI-driven secure web gateway (SWG), Zero-Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), Firewall-as-a-Service (FWaaS), and secure SD-WAN – all seamlessly integrated into a single operating system and managed from a unified console.

 

How to develop a SASE architecture based on Fortinet’s technology

 

Fortinet enables the development of a SASE architecture using technology from a single vendor. SASE in general, and FortiSASE in particular, require integration skills for multiple solutions, and a partner like Datanet Systems possesses the necessary expertise for such projects.

To design a SASE architecture using Fortinet technology, connectivity is the first step. Organizations are required to implement FortiGate physical or virtual devices, both in the data center and at branch locations. Additionally, FortiClient should be installed on remote users’ devices to securely connect them to the network.

An essential component is the SD-WAN functionality within FortiGate, which allows for the configuration of the required Quality of Service (QoS) level for each application based on priority and criticality. Fortinet SD-WAN Orchestrator plays a key role in this by providing a holistic view of the entire SD-WAN network, including visibility at both hub and branch levels, as well as virtual networks at branch points. This allows administrators to understand the network structure and make appropriate configurations. Fortinet SD-WAN Orchestrator even allows for the creation of a “full mesh” network, aiding in traffic routing optimization and ensuring link-level redundancy within the network.

In terms of security and management, Fortinet offers a high level of convergence. FortiGate devices provide advanced security with multiple functionalities such as antivirus, data loss prevention (DLP), DNS filtering, intrusion prevention system (IPS), sandboxing, SSL inspection, web filtering, and many more. FortiManager assists in managing all network elements to efficiently and uniformly apply policies and configurations from a single point, maintaining a centralized approach. It also establishes VPN tunnels and SD-WAN policies that are propagated to FortiGate devices.

For comprehensive log analysis from devices, FortiAnalyzer is available. Other integrated products in the project include FortiSIEM for data aggregation and automation of response and remediation actions, FortiAuthenticator for securing resource access with multi-factor authentication, and FortiDeploy for operational simplification through Zero-Touch deployment.

 

What justifies a SASE projects?

 

FortiSASE integrates all these components and provides a comprehensive set of functionalities, all operating on a unified operating system and managed through a single interface. The benefits offered by FortiSASE include:

• Enhancing protection for remote users and thwarting advanced attacks targeting them.
• Securing access to any type of IT resource (web, cloud, on-premises) regardless of location or device.
• Optimizing the application delivery model and improving the user experience.
• Unified visibility and control across all locations, including the central office, branches, and remote users.
• A straightforward licensing model based on the number of users, in an OpEx (Operational Expenditure) model without substantial initial investments.

 

SASE through Datanet Systems

 

Thanks to its capabilities as an integrator and unique experience in networking and security projects, Datanet Systems possesses a superior understanding of SASE architecture. As a Fortinet technology provider, the company has already successfully completed numerous SD-WAN projects, the baseline technology for any SASE architecture. In fact, Gartner analysts estimate that by 2026, 60% of new SD-WAN implementations will be part of SASE projects.

Datanet Systems’ service package includes analyzing the client’s technical requirements, recommending an optimal SASE architecture, designing the technical solution, installing, commissioning, configuring, and integrating all components, as well as knowledge transfer to the client. Additionally, Datanet offers technical support services for the operation of the SASE architecture or any of its components, as well as post-implementation technical support. These services are available nationwide with multiple Service Level Agreement (SLA) options, including remote or on-site assistance.

For more information about SASE and FortiSASE, please contact us at sales@datanets.ro .