Credit to Author: Trish Borrmann and Nirav Shah| Date: Fri, 15 Dec 2017 13:45:59 +0000
The compelling benefits of SD-WAN (software-defined wide area network) architectures are catching the attention of companies around the world. SD-WAN offers application-awareness combined with increased performance, flexibility, and simplicity when compared to fundamentally more expensive legacy WAN technologies.
Until recently, however, despite its inherent advantages, the inability to implement true enterprise-grade security across SD-WAN infrastructures has proven to be a significant shortcoming and gating factor. A recent Gartner publication, for example, highlighted the criticality of factoring supplemental security into SD-WAN projects. However, things are quickly changing for the better: More and more companies are turning to Fortinet to implement SD-WAN security and SD-WAN networking capabilities that surpasses the demands of even the most exacting CIO.
Indian Supermarket Chain
An example of a successful and secure SD-WAN implementation is found in its deployment by a major supermarket chain, with hundreds of locations throughout India. Looking to improve on the ROI from its legacy MPLS network, the company implemented Fortinet SD-WAN solutions to secure its infrastructure. Key features included the ability to perform Internet-based IPsec tunneling and support of multiple WAN links to provide path-aware intelligence, such as dynamic fail-over capabilities.
Application awareness was another unique element of the Fortinet solution for the supermarket chain: Fortinet’s cloud-based service delivers first-packet classifications and multi-path awareness intelligence to efficiently assign individually identified applications to specific WAN links for enhanced application performance. The Fortinet library of more than 3,000 supported applications is dynamically updated, and executes the real-time capture of all related IP addresses and port numbers. This information is utilized to support highly granular analysis and tuning across a company’s entire physical, cloud and hybrid infrastructure locations.
The FortiGate’s ability to scale and natively secure hybrid environments, coupled with the industry’s best IPSec VPN protection performance, ensured the seamless transition from the supermarket chain’s legacy MPLS infrastructure.
Latin-American Process Manufacturer
A Latin American company’s latest SD-WAN deployment showcases what is now possible through the optimal selection of key components: The company is one of the world’s largest chemical and petrochemical manufacturers. To support its dramatic growth, the company embarked on a major initiative to rearchitect its IT infrastructure, with a heavy focus on embracing cloud-based services and technologies, including SD-WAN.
After extensive research, the company selected components from the Fortinet Secure SD-WAN portfolio, including placing multiple FortiGate enterprise firewalls at distributed locations, a FortiManager for single-pane-of-glass centralized security, and the cloud-based FortiSandbox for advanced threat detection.
The initial goal of the project was to establish a limited SD-WAN deployment across a handful of the company’s smaller remote offices. However, the combination of performance, connectivity, and security demonstrated by the Fortinet solution during testing outpaced even its closest competitor. These elements, as well as TCO, became the catalyst for a significant expansion of scope for the project.
Fast forward several months and the first phases of the Fortinet-secured SD-WAN implementation have been successfully completed. As SD-WAN-ready security devices, their FortiGates have proven to be extremely easy to deploy, provide complete application visibility, and maintain SLAs. The FortiGate’s ability to deliver zero-touch provisioning is facilitated by the FortiDeploy service with FortiManager that can complete final configuration changes and provide ongoing management.
North-American Financial Services Firm
Further evidence of the effectiveness of SD-WAN deployments coupled with Fortinet solutions came with a recent announcement by Edward Jones – a leading North American investment firm – that it was partnering with Fortinet to create a high-performance, automated network architecture for access across its data centers and more than 13,000 offices in the United States and Canada. This is the industry’s largest SD-WAN solution worldwide.
Fortinet’s unique combination of industry-leading solutions coupled with integrated networking capabilities, such as routing and switching, were instrumental in reducing management complexity and the overall cost of the infrastructure rollout. With limited technical staff at each office location, the zero-touch deployment of the Fortinet branch solution consolidates a broad set of capabilities into a single FortiGate unit to enable a seamless rollout at each office.
Further, the automated policy deployment and logging capabilities of the FortiGate delivers significant assistance in complying with the rigorous regulatory requirements prevalent across the financial services sector. In addition to its standout dual-active VPN, IPS, and endpoint protection capabilities, attributes like reduced latency and higher throughput to boost overall speed of business were factors in the investment firm’s decision to utilize FortiGate.
Canadian District School Board
Yet another example of a highly successful, highly secure SD-WAN deployment is from the Upper Grand District School Board, located in central Ontario. The school board has 65 elementary schools, 11 high schools, 34,000 students, and covers over 1,500 square miles.
The FortiGate enterprise solution was selected for multiple reasons, including SSL inspection capabilities, throughput, and deployment flexibility. To complement their FortiGate deployments, the school board also uses Fortinet’s FortiManager and FortiAnalyzer solutions. The ability to centrally manage and push out templates across its SD-WAN infrastructure provides significant operational savings for the school board, and is a huge advantage when responding to security incidents.
Leveraging the Fortinet Security Fabric architecture also enables the rapid exchange of threat intelligence between Fortinet devices and other vendors’ products. The Fabric facilitates coordinated protection across the school board’s SD-WAN infrastructure without impacting performance or increasing management overhead.
Making Theoretical Benefits a Secure Reality
These examples are just a small sample of numerous successful Fortinet SD-WAN deployments. The release of the Fortinet Secure SD-WAN Solutions portfolio is enabling organizations around the world to securely realize the full benefits of what promises to be a global game-changing technology.
Read more about how Fortinet is driving the adoption of secure SD-WAN for distributed enterprise branches.
For more information, download our paper and learn about the top threats that enterprise security leaders are being forced to address and the security approaches to evalutate to protect against them.