Fortinet black logo

The LAN Edge with FortiSwitches and FortiAPs

24.1.0
Copy Link
Copy Doc ID e51dbc69-aa60-11ee-8673-fa163e15d75b:946395
Download PDF

The LAN Edge with FortiSwitches and FortiAPs

The LAN Edge is the border between end user devices and the LAN, where clients receive authorization and access to network resources. Fortinet has an extensive line of LAN access gear which can be deployed and used independently as any traditional networking gear.

However, when Fortinet LAN Edge equipment is under the direct control of a FortiGate, it converges networking and security into a secure, simple to manage architecture that extends FortiGate NGFW function to every switch port and access point via a fabric tunneling protocol we call FortiLink. All network traffic, regardless of where is comes from, can have a full security stack inspection applied to it.

FortiAPs

FortiAPs are high performance purpose-built Wi-Fi 6 access points. They are three radio models, which means they can service both Wi-Fi bands while the third radio serves as a monitor, tracking RF conditions and scanning for neighbor and rogue APs.

FortiAP U-series are premium APs that add two additional features to the above. For Bridge Mode SSIDs, typical of remote deployments, where traffic is bridged directly to the network instead of tunneled to the FortiGate, UTP (Unified Threat Protection) enforcement can be applied directly on the AP. UTP includes options such as Web Filtering, Ani-Virus scanning and others. Additionally, one of the client-serving radios is band selectable so that the AP can have service 2.4 GHz and 5 GHz, or both radios can be set to 5 GHz.

FortiSwitches

FortiSwitches are feature rich yet cost-effective Ethernet switches. FortiSwitches behave similarly to FortiAPs, in that they have the option of forming a fabric with a FortiGate and so extend NGFW functionality throughout the LAN and to the LAN Edge.

The LAN Edge with FortiSwitches and FortiAPs

The LAN Edge is the border between end user devices and the LAN, where clients receive authorization and access to network resources. Fortinet has an extensive line of LAN access gear which can be deployed and used independently as any traditional networking gear.

However, when Fortinet LAN Edge equipment is under the direct control of a FortiGate, it converges networking and security into a secure, simple to manage architecture that extends FortiGate NGFW function to every switch port and access point via a fabric tunneling protocol we call FortiLink. All network traffic, regardless of where is comes from, can have a full security stack inspection applied to it.

FortiAPs

FortiAPs are high performance purpose-built Wi-Fi 6 access points. They are three radio models, which means they can service both Wi-Fi bands while the third radio serves as a monitor, tracking RF conditions and scanning for neighbor and rogue APs.

FortiAP U-series are premium APs that add two additional features to the above. For Bridge Mode SSIDs, typical of remote deployments, where traffic is bridged directly to the network instead of tunneled to the FortiGate, UTP (Unified Threat Protection) enforcement can be applied directly on the AP. UTP includes options such as Web Filtering, Ani-Virus scanning and others. Additionally, one of the client-serving radios is band selectable so that the AP can have service 2.4 GHz and 5 GHz, or both radios can be set to 5 GHz.

FortiSwitches

FortiSwitches are feature rich yet cost-effective Ethernet switches. FortiSwitches behave similarly to FortiAPs, in that they have the option of forming a fabric with a FortiGate and so extend NGFW functionality throughout the LAN and to the LAN Edge.