The SD-WAN solutions market is growing annually with values of 31% (IDC) up to 54% (PS Market Research), Fortinet being one of the leaders. Cybersecurity features make FortiGate Secure SD-WAN one of the most sought after products, with Fortinet solutions jumping over 300% last year!

More and more companies are investing in FortiGate Secure SD-WAN because:

  • it meets the current cybersecurity needs of companies;
  • it simplifies the management of complex distributed networks;
  • ensures guaranteed performance;
  • generates real operational cost reductions.

 

Cybersecurity provided natively with FortiGate Secure SD-WAN 

The fact that FortiGate Secure SD-WAN solutions integrate Next-Generation-Firewall (NGFW) features is a major competitive advantage for Fortinet. And that’s because many SD-WAN solution manufacturers do not integrate the same cybersecurity experience into solutions. But for almost three-quarters of companies, network protection is a priority. However, attempts by cybersecurity departments to cover the “deficit” by reusing existing solutions fail in many cases. The reasons: these applications are isolated, difficult to integrate, and cannot handle the complexity of SD-WAN developments. As a result, they only increase the complexity of the management process and decrease the visibility on the network.

NGFW features natively integrated into FortiGate Secure SD-WAN cover the essential requirements of most organizations, providing inspection, detection, and protection against threats. Thus, the Fortinet solution contains tools for:

  • Encrypted traffic inspection to detect hidden threats, identifying over 5,000 applications via SSL inspection, without decreasing the performance of the SD-WAN network. At the same time, FortiGate is the only Secure SD-WAN solution with dedicated ASIC acceleration circuits (according to TIC v.3.0).
  • Web traffic filtering, thus eliminating the need for additional Secure Web Gateway equipment;
  • Complete protection against threats, including anti-malware tools, intrusion prevention system (IPS) and sandbox;
  • Secure VPN tunnels, with high scalability and high throughput, which guarantee traffic confidentiality;
  • Specific tools for monitoring compliance with security and privacy standards and norms in a number of economic sectors;
  • Last but not least, FortiGate Secure SD-WAN contains predefined security policies, thus simplifying the implementation of the solution.

 

SD-WAN with simplified management

 

Fortinet Secure SD-WAN can be managed centrally through FortiManager, a console available in both on-premises and Cloud versions. FortiManager provides remote control of multiple locations and provides advanced analysis functionality, ensuring the optimization of business processes. Fortinet tools deliver real-time information about network availability, performance, application traffic, and historical data. Related telemetry data provides visibility into application and network performance and enables IT departments to proactively identify potential issues.

At the same time, to help organizations simplify the manual configuration of older versions of network equipment, Fortinet has included in the Fabric Management Center a component with the role of orchestrator. With it, companies can simplify the network development process and create centralized automation using intuitive workflows. Fortinet management tools support large SD-WAN implementations of up to 100,000 FortiGate devices.

Last but not least, Fabric Management Center is designed to speed up the implementation process, reducing time to a few minutes. Zero-touch deployment capabilities, for example, allow FortiGate equipment to be connected at any point of work and automatically configured by FortiManager over a broadband connection at no additional cost. Moreover, an already developed SD-WAN configuration can be used as a model for accelerating remote deployments. According to NSS Labs, the Fortinet solution allows you to set up and connect a location online in less than six minutes.

 

Usage scenarios for FortiGate Secure SD-WAN

 

Fortigate Secure SD-WAN pentru o securitate cibernetică superioară

 

The range of Fortinet products is varied and covers a wide range of working scenarios. The Datanet recommendation for creating an optimal SD-WAN architecture is to equip workstations and branches with FortiGate 60E equipment. For headquarters, the proposal includes products from the FortiGate 100E or 600E series, as well as FortiManager and FortiAnalyzer solutions. Recommended products stand out for their performance, scalability, and accessibility. They allow the creation of flexible topographies, which can be adapted to the requirements of any company.

The SD-WAN architecture configuration recommended by Datanet is not intended to replace old hardware/software solutions, but to ensure increased performance and superior security. For example, by using FortiGate 60E at work points, they will still be able to connect via existing MPLS WAN to headquarters. They will also be able to do this using an IPsec tunnel over a broadband connection. This broadband access can also be used for direct connection to the Internet and Cloud applications, without “transiting” the headquarters. In this scenario, an advantage of FortiGate solutions is that they can distinguish between the security and performance requirements of each application, dynamically and automatically managing the data packets that access the corporate WAN or multi-Cloud environments. Another major benefit is the natively integrated NGFW functionalities, which increase the security level of the network and reduce the operational effort.

FortiGate equipment installed at headquarters (100E to 600E) provides access to the Fabric Management Center console. This ensures network visibility, end-to-end detection, “Zero Touch Provisioning” features, etc. In parallel, the following solutions are installed at headquarters:

  • FortiManager: management of the entire network from a single console, centralized policy/device management, orchestration, and process automation;
  • FortiAnalyzer: detailed information about network performance and threats detected, end-to-end visibility, data correlation.

FortiManager and FortiAnalyzer are available both as virtual solutions and as physical equipment, in several versions.

 

Datanet can help you achieve consistent savings

An IDC survey shows that SD-WAN solutions can save up to 20-39% of connectivity costs. The “secret” is the ability of the SD-WAN to create optimal “combinations” of connections, based on the ranking of applications and their performance requirements. The savings are ensured both by lowering the costs with MPLS connections and by reducing the operational effort.

On the other hand, Fortinet’s internal measurements indicate a 50% lower TCO for FortiGate Secure SD-WAN than networks that use separate network management and security solutions.

If you want to achieve such savings, as well as better cybersecurity of the SD-WAN network with the help of Fortinet solutions, our specialists are at your disposal. Datanet Systems is an integrator with solid experience in critical infrastructure and security solutions and with certified multi-vendor skills. The package of services includes the analysis of the customer’s technical requirements and the recommendation of an optimal architecture, the design of the technical solution, its installation, commissioning, configuration, and verification.

Our specialists can help you make the most of the SD-WAN architecture by making customizations that include:

  • Defining security policies adapted to the company’s requirements;
  • Creating specific automations (via REST API, connectors, scripts, etc.);
  • Configuring monitoring and reporting tools on company requirements;
  • Integration with other Fortinet solutions and equipment or from other manufacturers.

At the same time, Datanet offers technical assistance services for the operation of the SD-WAN network, ethnic post-implementation support, to overcome any operational problems. In addition, it also offers fast service with national coverage and multiple Service Level Agreement (SLA) options available. Including continuous remote monitoring and repair of malfunctions within 4 hours of occurrence).

Contact us at sales@datanets.ro to find out how you can materialize the benefits and gains presented in your company.