Fortinet black logo

SD-WAN Architecture for Enterprise

Home FortiGate / FortiOS 7.2.0 SD-WAN Architecture for Enterprise
7.2.0
7.2.0
7.0.0

Evolution to secure SD-branch solution

Evolution to secure SD-branch solution

The branch office itself, usually without on-site IT staff, needs to be monitored and protected. Today’s next-generation branch offices not only require the same functionality, but they also suffer from the same risks as the rest of the distributed network. Direct access to the internet and SaaS applications, for example, significantly expand the potential attack surface of the branch, as does the growing proliferation of IoT and BYOD devices, creating multiple network edges beyond the WAN edge. This explosion of edges, which all must be secured, is causing many organizations to struggle to implement adequate security throughout their distributed enterprises, including at the new branch. The complexity of managing these edges—including often complicated and overlapping point products and appliances—adds an additional challenge. As a result, organizations adopting SD-WAN are finding that they need to find a vendor that can more tightly integrate their SD-WAN security and management functionality into their branch networks.

Fortinet is delivering the industry’s first complete Secure SD-Branch solution to combat this challenge, enabling customers to converge security and network access, and extend the Fortinet Security Fabric to the branch. This new SD-branch solution is comprised of the following elements:

  • FortiGate Next-Generation Firewall: provides robust security, connectivity, and management across the branch environment. The FortiGate NGFW also includes the industry’s first purpose-built SD-WAN processor, combined with advanced network traffic management functionality, such as application steering to ensure high application performance on any WAN link. The FortiGate solution also includes advanced sensor functionality for increased device visibility and traffic anomaly detection without additional hardware.
  • FortiSwitch and FortiAP: provide consolidation of branch services through the convergence of security and network access with FortiLink. FortiSwitch and FortiAP integrate with FortiGate to extend SD-WAN’s benefits into the network access layer. This enables network administrators to create and enforce the same network security policies across the enterprise, including out to the network branch.

With the combination of the above technologies, a more comprehensive number of use cases are enabled:

Previous
Next

Evolution to secure SD-branch solution

The branch office itself, usually without on-site IT staff, needs to be monitored and protected. Today’s next-generation branch offices not only require the same functionality, but they also suffer from the same risks as the rest of the distributed network. Direct access to the internet and SaaS applications, for example, significantly expand the potential attack surface of the branch, as does the growing proliferation of IoT and BYOD devices, creating multiple network edges beyond the WAN edge. This explosion of edges, which all must be secured, is causing many organizations to struggle to implement adequate security throughout their distributed enterprises, including at the new branch. The complexity of managing these edges—including often complicated and overlapping point products and appliances—adds an additional challenge. As a result, organizations adopting SD-WAN are finding that they need to find a vendor that can more tightly integrate their SD-WAN security and management functionality into their branch networks.

Fortinet is delivering the industry’s first complete Secure SD-Branch solution to combat this challenge, enabling customers to converge security and network access, and extend the Fortinet Security Fabric to the branch. This new SD-branch solution is comprised of the following elements:

  • FortiGate Next-Generation Firewall: provides robust security, connectivity, and management across the branch environment. The FortiGate NGFW also includes the industry’s first purpose-built SD-WAN processor, combined with advanced network traffic management functionality, such as application steering to ensure high application performance on any WAN link. The FortiGate solution also includes advanced sensor functionality for increased device visibility and traffic anomaly detection without additional hardware.
  • FortiSwitch and FortiAP: provide consolidation of branch services through the convergence of security and network access with FortiLink. FortiSwitch and FortiAP integrate with FortiGate to extend SD-WAN’s benefits into the network access layer. This enables network administrators to create and enforce the same network security policies across the enterprise, including out to the network branch.

With the combination of the above technologies, a more comprehensive number of use cases are enabled:

Previous
Next