Fortinet black logo

SD-WAN / SD-Branch Architecture for MSSPs

Home FortiGate / FortiOS 7.2.0 SD-WAN / SD-Branch Architecture for MSSPs
7.2.0
7.2.0
7.0.0
6.4.0

Blueprint 3: customer premises

Blueprint 3: customer premises

Another popular choice is simply to deploy the Hub(s) on Customer premises, such as at a Customer's central office or a datacenter.

The traffic flow in this blueprint is quite different from Blueprint 1: MSSP premises, multitenant and Blueprint 2: MSSP premises, no multitenancy. Majority of the traffic is likely to be either Spoke-to-Hub (branch sites accessing workloads hosted in the datacenter, RIA through centralized breakout owned by the Customer, and so on) or DIA on the Spokes. Spoke-to-Spoke traffic is only occasional (for example, a voice call between two branches) or even (nearly) non-existent.

As can be seen, MSSP is not part of the overlay network in this case. (Both control plane and data plane are located at Customer premises.) It can still provide the management plane as a service, as we will see in the Management section.

This blueprint is sometimes called an Enterprise flavor.

Previous
Next

Blueprint 3: customer premises

Another popular choice is simply to deploy the Hub(s) on Customer premises, such as at a Customer's central office or a datacenter.

The traffic flow in this blueprint is quite different from Blueprint 1: MSSP premises, multitenant and Blueprint 2: MSSP premises, no multitenancy. Majority of the traffic is likely to be either Spoke-to-Hub (branch sites accessing workloads hosted in the datacenter, RIA through centralized breakout owned by the Customer, and so on) or DIA on the Spokes. Spoke-to-Spoke traffic is only occasional (for example, a voice call between two branches) or even (nearly) non-existent.

As can be seen, MSSP is not part of the overlay network in this case. (Both control plane and data plane are located at Customer premises.) It can still provide the management plane as a service, as we will see in the Management section.

This blueprint is sometimes called an Enterprise flavor.

Previous
Next