Fortinet black logo

SD-WAN Deployment for MSSPs

Home FortiGate / FortiOS 6.4.0 SD-WAN Deployment for MSSPs
6.4.0
7.2.0
7.0.0
6.4.0

Automation

Automation

FortiManager (FMG) provides a comprehensive REST API that allows complete automation of the deployment. Every action described in this document can be automated with an API call made using an automation framework of your choice, such as Ansible, Python, and so on.

As a result, it is possible to deploy our entire Secure SD-WAN Solution in a fully automated, unattended manner. With a fully automated deployment, there is no need to log in to FMG.

While a detailed walkthrough is outside the scope of this document, it is useful to highlight some of the benefits of an automated deployment:

  • Infrastructure as Code (IaC). All templates and other FMG objects can be imported from external repository by using automation. This lets you quickly replicate the environment from scratch, for example, to maintain consistency between staging and production environments.
  • Model Device creation can be automated as well, including filling in the right Meta Field values per site, assigning the right set of Templates, and performing any other required configuration. For example, Model Device creation can be triggered by an external Onboarding Portal, to which the remote site operator connects, in order to fill in the necessary details of the new FGT device (such as its Serial Number).
  • For Managed Secure Service Providers (MSSPs), custom Onboarding Portals provide a valuable opportunity to speak their end-customer’s language: the UI of those Portals can be designed with consideration to a particular end-customer’s business, using the relevant language, rather than generic SD-WAN terminology.
  • Needless to say, automation saves time, minimizes human mistakes, and becomes indispensable in large-scale deployments.
Previous
Next

Automation

FortiManager (FMG) provides a comprehensive REST API that allows complete automation of the deployment. Every action described in this document can be automated with an API call made using an automation framework of your choice, such as Ansible, Python, and so on.

As a result, it is possible to deploy our entire Secure SD-WAN Solution in a fully automated, unattended manner. With a fully automated deployment, there is no need to log in to FMG.

While a detailed walkthrough is outside the scope of this document, it is useful to highlight some of the benefits of an automated deployment:

  • Infrastructure as Code (IaC). All templates and other FMG objects can be imported from external repository by using automation. This lets you quickly replicate the environment from scratch, for example, to maintain consistency between staging and production environments.
  • Model Device creation can be automated as well, including filling in the right Meta Field values per site, assigning the right set of Templates, and performing any other required configuration. For example, Model Device creation can be triggered by an external Onboarding Portal, to which the remote site operator connects, in order to fill in the necessary details of the new FGT device (such as its Serial Number).
  • For Managed Secure Service Providers (MSSPs), custom Onboarding Portals provide a valuable opportunity to speak their end-customer’s language: the UI of those Portals can be designed with consideration to a particular end-customer’s business, using the relevant language, rather than generic SD-WAN terminology.
  • Needless to say, automation saves time, minimizes human mistakes, and becomes indispensable in large-scale deployments.
Previous
Next