Fortinet black logo

Version:

23.1.17

Table of Contents

Architecture Guide

23.1.17
23.1.17
Download PDF
Copy Link

Common FortiSASE use cases

With FortiSASE, remote users (agent-based, agentless, and site-based) form secure connections to the Internet, data center, and cloud by accessing global FortiSASE security points of presence (PoPs), which enforce an organization’s security policies regardless of remote users' locations. Following are examples of common use cases for FortiSASE:

FortiSASE component

Use case

Description

Secure Internet access

Agent-based remote user Internet access

Secure access to the Internet using FortiClient agent

Agentless remote user Internet access

Secure access to the Internet using FortiSASE secure web gateway

Site-based remote user Internet access

Secure access to the Internet using Thin Edge FortiExtender device as FortiSASE LAN extension

Secure private access

Zero trust network access (ZTNA) private access

Access to private company-hosted TCP-based applications behind the FortiGate ZTNA application gateway for various ZTNA use cases. This access method allows for a direct (shortest) path to private resources.

SD-WAN private access

Access to private company-hosted applications behind the FortiGate SD-WAN hub-and-spoke network. This access method extends private access for TCP- and UDP-based applications and offers data center redundancy.

Next generation firewall (NGFW) private access

Access to private company-hosted applications behind the FortiGate NGFW. This use case extends private access for UDP-based applications and agentless remote users.

Secure SaaS access

FortiCASB SaaS access

Access to SaaS applications using FortiCASB Cloud/API

SIA and SPA

Site-based remote users using FortiGate SD-WAN as a secure edge

Secure access to the Internet using FortiGate as FortiSASE LAN extension

Following is an example architecture of FortiSASE that incorporates all mentioned use cases:

Audience

Midlevel network and security architects in companies of all sizes and verticals should find this guide helpful.

About this guide

The guide is meant to provide high level insight into FortiSASE architectures for different secure access service edge use cases. You are meant to use this guide in conjunction with other technical documentation for each component that the guide lists. Where relevant, the guide lists links to the administrative guides and other technical reference guides. See More information.

Common FortiSASE use cases

With FortiSASE, remote users (agent-based, agentless, and site-based) form secure connections to the Internet, data center, and cloud by accessing global FortiSASE security points of presence (PoPs), which enforce an organization’s security policies regardless of remote users' locations. Following are examples of common use cases for FortiSASE:

FortiSASE component

Use case

Description

Secure Internet access

Agent-based remote user Internet access

Secure access to the Internet using FortiClient agent

Agentless remote user Internet access

Secure access to the Internet using FortiSASE secure web gateway

Site-based remote user Internet access

Secure access to the Internet using Thin Edge FortiExtender device as FortiSASE LAN extension

Secure private access

Zero trust network access (ZTNA) private access

Access to private company-hosted TCP-based applications behind the FortiGate ZTNA application gateway for various ZTNA use cases. This access method allows for a direct (shortest) path to private resources.

SD-WAN private access

Access to private company-hosted applications behind the FortiGate SD-WAN hub-and-spoke network. This access method extends private access for TCP- and UDP-based applications and offers data center redundancy.

Next generation firewall (NGFW) private access

Access to private company-hosted applications behind the FortiGate NGFW. This use case extends private access for UDP-based applications and agentless remote users.

Secure SaaS access

FortiCASB SaaS access

Access to SaaS applications using FortiCASB Cloud/API

SIA and SPA

Site-based remote users using FortiGate SD-WAN as a secure edge

Secure access to the Internet using FortiGate as FortiSASE LAN extension

Following is an example architecture of FortiSASE that incorporates all mentioned use cases:

Audience

Midlevel network and security architects in companies of all sizes and verticals should find this guide helpful.

About this guide

The guide is meant to provide high level insight into FortiSASE architectures for different secure access service edge use cases. You are meant to use this guide in conjunction with other technical documentation for each component that the guide lists. Where relevant, the guide lists links to the administrative guides and other technical reference guides. See More information.