Version:


Table of Contents

7.2.0
Download PDF
Copy Link

Introduction

Executive summary

One of the great strengths of the Fortinet LAN Edge Solution is the tight integration of everything with FortiLink. With FortiLink, FortiSwitch units and FortiAP units are extensions of the FortiGate device. The entire network can be treated as a single unit with a single management system, and security can be applied consistently everywhere—in other words, Security-Driven Networking.

LAN edge equipment leverages Security-Driven Networking to extend the Fortinet Security Fabric throughout the LAN, converging security and network access into an integrated platform. This convergence increases security while reducing complexity, lowering cost, and improving performance at the LAN edge.

Security-driven networking is compelling and simplifies the network overall, but the integrated whole can be confusing. Everything you want and need in your network is in the FortiGate device, and all that integration that makes it so powerful can make it hard to decide where to start. With great power may come great confusion.

Security designs are generally specific to the deployment, but they can also be developed and improved over time. Indeed, that is generally the recommended approach. This deployment guide is focused on the network skeleton and the default firewall policies so that the baseline network can be up and running as quickly as possible.

Intended audience

This guide is intended for an audience who is interested in deploying Fortinet’s secure LAN Edge Solution in a new environment or replacing their equipment in an existing environment. Readers are expected to have a firm understanding of networking, wireless and security concepts. Interested audiences may include the following:

  • Network, wireless, and security architects

  • Network, wireless, and security engineers

About this guide

The deployment guide serves the purpose of going through the design and deployment steps involved in deploying a specific architecture. Readers should first evaluate their environment to determine whether the architecture and design outlined in this guide is suitable for them. It is advisable to review the Reference Architecture Guide(s) if readers are still in the process of selecting the right architecture.

This deployment guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product admin guides, example guides, cookbooks, release notes and other documents where appropriate.

Introduction

Executive summary

One of the great strengths of the Fortinet LAN Edge Solution is the tight integration of everything with FortiLink. With FortiLink, FortiSwitch units and FortiAP units are extensions of the FortiGate device. The entire network can be treated as a single unit with a single management system, and security can be applied consistently everywhere—in other words, Security-Driven Networking.

LAN edge equipment leverages Security-Driven Networking to extend the Fortinet Security Fabric throughout the LAN, converging security and network access into an integrated platform. This convergence increases security while reducing complexity, lowering cost, and improving performance at the LAN edge.

Security-driven networking is compelling and simplifies the network overall, but the integrated whole can be confusing. Everything you want and need in your network is in the FortiGate device, and all that integration that makes it so powerful can make it hard to decide where to start. With great power may come great confusion.

Security designs are generally specific to the deployment, but they can also be developed and improved over time. Indeed, that is generally the recommended approach. This deployment guide is focused on the network skeleton and the default firewall policies so that the baseline network can be up and running as quickly as possible.

Intended audience

This guide is intended for an audience who is interested in deploying Fortinet’s secure LAN Edge Solution in a new environment or replacing their equipment in an existing environment. Readers are expected to have a firm understanding of networking, wireless and security concepts. Interested audiences may include the following:

  • Network, wireless, and security architects

  • Network, wireless, and security engineers

About this guide

The deployment guide serves the purpose of going through the design and deployment steps involved in deploying a specific architecture. Readers should first evaluate their environment to determine whether the architecture and design outlined in this guide is suitable for them. It is advisable to review the Reference Architecture Guide(s) if readers are still in the process of selecting the right architecture.

This deployment guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product admin guides, example guides, cookbooks, release notes and other documents where appropriate.