Fortinet black logo

SD-WAN / SD-Branch Architecture for MSSPs

Home FortiGate / FortiOS 7.2.0 SD-WAN / SD-Branch Architecture for MSSPs
7.2.0
7.2.0
7.0.0
6.4.0

Provisioning and management

Provisioning and management

Since all our SD-WAN nodes are fully-functional FortiGate devices, there are plenty of ways to configure and manage them. But an SD-WAN Solution cannot be complete without defining a central tool handling site provisioning, configuration management, network monitoring, and troubleshooting.

FortiManager is the natural choice for these tasks.

The main two entities used to describe your FortiGate device configuration on the FortiManager are:

  • A set of Provisioning Templates that cover different parts of the configuration, including the overlay network (IPsec/BGP), the SD-WAN configuration, and so on.

  • A Policy Package defines the Security Policy (Firewall Rules).

All your FortiGate devices are organized into Device Groups, with the right set of the Provisioning Templates and the right Policy Package assigned to each group.

You can interact with FortiManager using the GUI or using the comprehensive industry-standard JSON API. The latter allows you to automate the entire deployment workflow and opens a wide range of third-party integration possibilities (such as, external Orchestrators, OSS/BSS/ITSM systems, and so on).

When it comes to Monitoring and Troubleshooting, FortiManager offers several tools. Most notably, the SD-WAN Monitor is a single console overlooking the entire SD-WAN network, with the ability to detect health degradation and dig into specific sites for further investigation.

Finally, FortiManager is a multi-tenant platform. Administrative Domains (ADOMs) are used to create independent environments for different tenants, each with its own sets of Provisioning Templates, Policy Packages, and so on.

Previous
Next

Provisioning and management

Since all our SD-WAN nodes are fully-functional FortiGate devices, there are plenty of ways to configure and manage them. But an SD-WAN Solution cannot be complete without defining a central tool handling site provisioning, configuration management, network monitoring, and troubleshooting.

FortiManager is the natural choice for these tasks.

The main two entities used to describe your FortiGate device configuration on the FortiManager are:

  • A set of Provisioning Templates that cover different parts of the configuration, including the overlay network (IPsec/BGP), the SD-WAN configuration, and so on.

  • A Policy Package defines the Security Policy (Firewall Rules).

All your FortiGate devices are organized into Device Groups, with the right set of the Provisioning Templates and the right Policy Package assigned to each group.

You can interact with FortiManager using the GUI or using the comprehensive industry-standard JSON API. The latter allows you to automate the entire deployment workflow and opens a wide range of third-party integration possibilities (such as, external Orchestrators, OSS/BSS/ITSM systems, and so on).

When it comes to Monitoring and Troubleshooting, FortiManager offers several tools. Most notably, the SD-WAN Monitor is a single console overlooking the entire SD-WAN network, with the ability to detect health degradation and dig into specific sites for further investigation.

Finally, FortiManager is a multi-tenant platform. Administrative Domains (ADOMs) are used to create independent environments for different tenants, each with its own sets of Provisioning Templates, Policy Packages, and so on.

Previous
Next