Fortinet black logo

SD-WAN Architecture for Enterprise

Home FortiGate / FortiOS 7.2.0 SD-WAN Architecture for Enterprise
7.2.0
7.2.0
7.0.0

Attack surface reduction with network segmentation

Attack surface reduction with network segmentation

This is an essential part when it comes to securing the LAN edge. Being able to divide the network into different segments helps reduce the attack surface instantly, and minimizes the potential spread of a security breach and lateral movements.

With network segmentation, each VLAN becomes its own realm. And by being considered another FortiGate interface, it can be used in the firewall policies to enable communications control. Moreover, leveraging the interface consideration, the FortiGate can also extend different levels of prioritization for different segments into the SD-WAN.

Taking this one step forward, the FortiSwitch enables microsegmentation to isolate every device, even within the same VLAN. No direct visibility among the devices is allowed, and all flows are forced through the FortiGate, where communications decisions can be made based on policy.

Previous
Next

Attack surface reduction with network segmentation

This is an essential part when it comes to securing the LAN edge. Being able to divide the network into different segments helps reduce the attack surface instantly, and minimizes the potential spread of a security breach and lateral movements.

With network segmentation, each VLAN becomes its own realm. And by being considered another FortiGate interface, it can be used in the firewall policies to enable communications control. Moreover, leveraging the interface consideration, the FortiGate can also extend different levels of prioritization for different segments into the SD-WAN.

Taking this one step forward, the FortiSwitch enables microsegmentation to isolate every device, even within the same VLAN. No direct visibility among the devices is allowed, and all flows are forced through the FortiGate, where communications decisions can be made based on policy.

Previous
Next