Fortinet black logo

Azure vWAN SD-WAN NGFW Deployment Guide

Home FortiGate Public Cloud 7.4.0 Azure vWAN SD-WAN NGFW Deployment Guide
7.4.0
7.4.0
7.2.0

Deployment overview

Deployment overview

Microsoft Azure supports virtual WAN (vWAN), and partners with third-party solution providers, such as Fortinet, to deploy network virtual appliances (NVAs) to a vWAN hub.

This document provides a brief overview of Microsoft Azure vWAN and how Fortinet FortiGate virtual machines can be used as NVAs in a vWAN hub. It also describes how to deploy Microsoft Azure vWAN and FortiGate NVAs and how to use FortiManager to configure an SD-WAN hub and spoke overlay between the FortiGate NVAs and branch FortiGates. The FortiGate NVAs are the hub, and the branch FortiGate(s) are the spokes in the SD-WAN network.

About this guide

This guide provides the design and steps for deploying a specific architecture. Readers should first evaluate their environment to determine whether the architecture and design outlined in this guide suits them. It is advised to review the Reference Architecture Guide(s) if readers are still in the process of selecting the right architecture.

This guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product administration guides, example guides, cookbooks, release notes, and other documents where appropriate.

This guide is part of the 4-D documentation series.

About the 4-D documentation series

Fortinet Secure SD-WAN documentation is categorized into four distinct documents: Define, Design, Deploy and Demo. Each document is designed for a specific purpose and builds on the other documents by providing you with a complete path from beginning to end.

The 4-D documentation series includes the following components:

  • Define: Conceptual guide to introduce the reader to common SD-WAN use cases and the Fortinet Secure SD-WAN solution
  • Design: Reference Architecture guide that provides an overview of the components and architectures to satisfy common uses
  • Deploy: Deployment Guides provide the step-by-step procedures for deploying the desired architecture
  • Demo: Github repository of the configuration and examples provided by documents
Note

The 4-D documentation series for Secure SD-WAN is available on the Fortinet Document Library at https://docs.fortinet.com/4d-resources/SD-WAN.

This document covers the step-by-step procedures required to create a new SD-WAN region with Microsoft Azure virtual wide area network (vWAN). The architecture, components, and technology referenced in this document are covered in the Cloud on-ramp section of the SD-WAN Architecture for Enterprise document.

For additional information and documentation about the topics covered in this document, see the Fortinet Document Library at https://docs.fortinet.com.

Intended audience

This guide is primarily created for a technical audience, including system architects and design engineers, who wants to deploy Microsoft Azure vWAN with Fortinet Secure SD-WAN in greenfield scenarios.

It is assumed that you have read the SD-WAN Architecture for Enterprise document and have identified the architecture that satisfies your use case and goals. This guide does not cover solution overviews and explanations of technologies and components.

For implementation, a working knowledge of FortiManager and FortiOS networking and policy configuration is ideal.

For comments and feedback about this document, visit Azure vWAN SD-WAN with Routing Intent on community.fortinet.com.

Previous
Next

More Links

For comments and feedback about this document, visit the Fortinet Community site. Login required.

Deployment overview

Microsoft Azure supports virtual WAN (vWAN), and partners with third-party solution providers, such as Fortinet, to deploy network virtual appliances (NVAs) to a vWAN hub.

This document provides a brief overview of Microsoft Azure vWAN and how Fortinet FortiGate virtual machines can be used as NVAs in a vWAN hub. It also describes how to deploy Microsoft Azure vWAN and FortiGate NVAs and how to use FortiManager to configure an SD-WAN hub and spoke overlay between the FortiGate NVAs and branch FortiGates. The FortiGate NVAs are the hub, and the branch FortiGate(s) are the spokes in the SD-WAN network.

About this guide

This guide provides the design and steps for deploying a specific architecture. Readers should first evaluate their environment to determine whether the architecture and design outlined in this guide suits them. It is advised to review the Reference Architecture Guide(s) if readers are still in the process of selecting the right architecture.

This guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product administration guides, example guides, cookbooks, release notes, and other documents where appropriate.

This guide is part of the 4-D documentation series.

About the 4-D documentation series

Fortinet Secure SD-WAN documentation is categorized into four distinct documents: Define, Design, Deploy and Demo. Each document is designed for a specific purpose and builds on the other documents by providing you with a complete path from beginning to end.

The 4-D documentation series includes the following components:

  • Define: Conceptual guide to introduce the reader to common SD-WAN use cases and the Fortinet Secure SD-WAN solution
  • Design: Reference Architecture guide that provides an overview of the components and architectures to satisfy common uses
  • Deploy: Deployment Guides provide the step-by-step procedures for deploying the desired architecture
  • Demo: Github repository of the configuration and examples provided by documents
Note

The 4-D documentation series for Secure SD-WAN is available on the Fortinet Document Library at https://docs.fortinet.com/4d-resources/SD-WAN.

This document covers the step-by-step procedures required to create a new SD-WAN region with Microsoft Azure virtual wide area network (vWAN). The architecture, components, and technology referenced in this document are covered in the Cloud on-ramp section of the SD-WAN Architecture for Enterprise document.

For additional information and documentation about the topics covered in this document, see the Fortinet Document Library at https://docs.fortinet.com.

Intended audience

This guide is primarily created for a technical audience, including system architects and design engineers, who wants to deploy Microsoft Azure vWAN with Fortinet Secure SD-WAN in greenfield scenarios.

It is assumed that you have read the SD-WAN Architecture for Enterprise document and have identified the architecture that satisfies your use case and goals. This guide does not cover solution overviews and explanations of technologies and components.

For implementation, a working knowledge of FortiManager and FortiOS networking and policy configuration is ideal.

For comments and feedback about this document, visit Azure vWAN SD-WAN with Routing Intent on community.fortinet.com.

Previous
Next