Fortinet black logo

SD-WAN Architecture for Enterprise

Home FortiGate / FortiOS 7.2.0 SD-WAN Architecture for Enterprise
7.2.0
7.2.0
7.0.0

Gateway components

Gateway components

In this design, each hub acts precisely as in the base design, and the hubs are independent of each other. The spokes connect to the dial-up IPsec endpoints of both hubs, over all available underlay transports. Effectively, each of the hubs defines its own set of point-to-multipoint overlays.

Each SD-WAN Gateway may provide one or multiple services:

  • Act as the IPsec dialup server for branch locations
  • Provide centralized routing information and orchestrate dynamic branch-to-branch communication (ADVPN)
  • Protect the datacenter resources and private workloads by utilizing FortiGate Next-Generation Firewall services
  • Provide remote internet breakout for branch locations

This section includes the following topics:

Previous
Next

Gateway components

In this design, each hub acts precisely as in the base design, and the hubs are independent of each other. The spokes connect to the dial-up IPsec endpoints of both hubs, over all available underlay transports. Effectively, each of the hubs defines its own set of point-to-multipoint overlays.

Each SD-WAN Gateway may provide one or multiple services:

  • Act as the IPsec dialup server for branch locations
  • Provide centralized routing information and orchestrate dynamic branch-to-branch communication (ADVPN)
  • Protect the datacenter resources and private workloads by utilizing FortiGate Next-Generation Firewall services
  • Provide remote internet breakout for branch locations

This section includes the following topics:

Previous
Next