Fortinet black logo

SD-WAN Architecture for Enterprise

Home FortiGate / FortiOS 7.0.0 SD-WAN Architecture for Enterprise
7.0.0
7.2.0
7.0.0

Reduce WAN OPEX with direct internet access

Reduce WAN OPEX with direct internet access

The traditional WAN model consisted of using expensive private circuits for all connectivity to business services. This model involved sending all packets to a central location where security inspection would take place, and policies would control traffic flow. As businesses move their workloads to SaaS and cloud, the need for more bandwidth and intelligent steering is required.

In the modern WAN edge model, it is now common for branch locations to share multiple WAN links of varying transport dependencies. Secure DIA (direct internet access) provides intelligent and secure steering of network traffic based on business requirements. Applications destined to a SaaS or cloud provider can be sent directly to the internet using a public internet connection without the need of backhauling to a central location. This allows for a much more efficient use of WAN bandwidth and improved user experience. Because FortiGate SD-WAN is also a Next-Generation Firewall, internet traffic can be locally inspected and controlled without needing to offload inspection to another location.

An important consideration for this use case is that edge locations may consist of many different WAN types. The FortiGate SD-WAN solution is transport agnostic, and can be mixed and matched with several different WAN types, including MPLS through Ethernet handoff, internet, and LTE.

Previous
Next

Reduce WAN OPEX with direct internet access

The traditional WAN model consisted of using expensive private circuits for all connectivity to business services. This model involved sending all packets to a central location where security inspection would take place, and policies would control traffic flow. As businesses move their workloads to SaaS and cloud, the need for more bandwidth and intelligent steering is required.

In the modern WAN edge model, it is now common for branch locations to share multiple WAN links of varying transport dependencies. Secure DIA (direct internet access) provides intelligent and secure steering of network traffic based on business requirements. Applications destined to a SaaS or cloud provider can be sent directly to the internet using a public internet connection without the need of backhauling to a central location. This allows for a much more efficient use of WAN bandwidth and improved user experience. Because FortiGate SD-WAN is also a Next-Generation Firewall, internet traffic can be locally inspected and controlled without needing to offload inspection to another location.

An important consideration for this use case is that edge locations may consist of many different WAN types. The FortiGate SD-WAN solution is transport agnostic, and can be mixed and matched with several different WAN types, including MPLS through Ethernet handoff, internet, and LTE.

Previous
Next