Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Azure vWAN SD-WAN NGFW Deployment Guide

    Home FortiGate Public Cloud 7.2.0 Azure vWAN SD-WAN NGFW Deployment Guide
    7.2.0
    7.6.0
    7.4.0
    7.2.0

    Microsoft Azure vWAN and NVA overview

    Microsoft Azure vWAN and NVA overview

    Microsoft Azure virtual WAN (vWAN) architecture brings together networking, security, and routing functionality to allow branches and endpoints to connect to virtual networks (VNets) located in Azure. The Azure vWAN uses a hub and spoke architecture, where virtual WAN hubs within the vWAN are connected in full mesh, creating the backbone for a global transit network for any-to-any connectivity. Branches and endpoints form the spokes, connecting to the vWAN hub for connectivity. The default vWAN caters to different types of spokes that can connect to the vWAN hub by using different methods, such as ExpressRoute, site-to-site VPN, and point-to-site VPN. Point-to-site VPN is only possible through IPsec with ports 4500/500.

    For more information, see What is Azure Virtual WAN?

    Microsoft also partners with third-party solution providers, such as Fortinet, to deploy network virtual appliances (NVAs) to a vWAN hub.

    In this way, Microsoft customers can deploy FortiGate NVAs to provide SD-WAN connectivity and NGFW security across regions. The FortiGate NVAs running in the vWAN hub can inspect all North-South, East-West, and internet-bound traffic. At the same time, the FortiGate NVAs offer SD-WAN connectivity for performance and redundancy.

    For more information about Microsoft support for NVAs, see Security Provided by NVA firewalls.

    Previous
    Next

    Microsoft Azure vWAN and NVA overview

    Microsoft Azure vWAN and NVA overview

    Microsoft Azure virtual WAN (vWAN) architecture brings together networking, security, and routing functionality to allow branches and endpoints to connect to virtual networks (VNets) located in Azure. The Azure vWAN uses a hub and spoke architecture, where virtual WAN hubs within the vWAN are connected in full mesh, creating the backbone for a global transit network for any-to-any connectivity. Branches and endpoints form the spokes, connecting to the vWAN hub for connectivity. The default vWAN caters to different types of spokes that can connect to the vWAN hub by using different methods, such as ExpressRoute, site-to-site VPN, and point-to-site VPN. Point-to-site VPN is only possible through IPsec with ports 4500/500.

    For more information, see What is Azure Virtual WAN?

    Microsoft also partners with third-party solution providers, such as Fortinet, to deploy network virtual appliances (NVAs) to a vWAN hub.

    In this way, Microsoft customers can deploy FortiGate NVAs to provide SD-WAN connectivity and NGFW security across regions. The FortiGate NVAs running in the vWAN hub can inspect all North-South, East-West, and internet-bound traffic. At the same time, the FortiGate NVAs offer SD-WAN connectivity for performance and redundancy.

    For more information about Microsoft support for NVAs, see Security Provided by NVA firewalls.

    Previous
    Next