5 minute read
LOOK BEFORE YOU LEAP
LOOK BEFORE YOU LEAP
PARTRICK GRILLO, SENIOR DIRECTOR, SOLUTIONS MARKETING AT FORTINET, ON SOME OF THE KEY CONSIDERATIONS TO KEEP IN MIND BEFORE CHOOSING AN SD-WAN SOLUTION.
Advertisement
What are the key SD-WAN trends to watch for?
The biggest trend must be about the full integration of networking, SD-WAN, with advanced security functionality – NextGeneration Firewall (NGFW). Fortinet is providing a full-featured SD-WAN and NGFW solution powered by the new SOC4 security processor to accelerate and enhance cloud and WAN connectivity. The FortiGate 60F Next-Generation Firewall consolidates SD-WAN, advanced routing, and advanced security capabilities into a single appliance, coupled with zero-touch provisioning that enables network leaders to deploy Secure SD-WAN quickly and easily.
This is another major trend, zerotouch provisioning, which significantly simplifies the rollout of the SD-WAN network, especially as most remote sites do not have any technical staff.
What should IT executives keep in mind while evaluating SD-WAN solutions?
It can be challenging to make an “apples to apples” comparison of different SDWAN solutions. Security capabilities are undoubtedly one key point to look at – is security native to the solution or through a third-party/cloud capability?
Look for a solution with multiple security features, including integrated NGFW, an IPSec VPN solution that can span across and between various locations, IPS, web-filtering, and highspeed SSL inspection performance.
Another critical consideration is if the SD-WAN solution can provide segmentation at the remote site. In retail, for example, segmentation at the remote site is necessary for PCI-DSS compliance.
A third is the level of integration of the SD-WAN solution with the existing security infrastructure.
There are some other features to evaluate to ensure your SD-WAN solution provides a balance of quality, security, and value:
Provisioning prowess: Ease the burden on time-strapped IT teams with a solution that automates device provisioning. Better yet, look for a centralised controller that can quickly provision branches and scale easily with zero-touch deployment. Deployment made easy: Accelerate deployment with a solution that offers single-pane-of-glass deployment, management, and monitoring for all components of SD-WAN, including networking, traffic management, and security components and policies. Bandwidth relief: Forget about planning weeks or months in advance to deploy additional multiprotocol label switching (MPLS) bandwidth for a traditional WAN. With the right SD-WAN solution, organisations can quickly take advantage of widely available business broadband offerings to increase available bandwidth and ensure optimal network and application performance. Peak performance: Make businesscritical applications a priority with the help of application steering. The right application-aware SD-WAN solution can support a broad range of applications, thereby improving cloud application performance and enabling branches to directly communicate to the Internet, especially when using latency-sensitive applications such as voice and video. Great reliability: By gathering granular WAN path information, an SD-WAN solution can automatically failover to the best available WAN link. This path awareness intelligence ensures reliable network connectivity for greater business continuity. Comprehensive policy management: An SD-WAN solution with a management console can ensure IT teams manage and maintain universal policies on everything from security to application filtering across thousands of devices and applications, even across multiple locations. Flexible connection options: SD-WAN allows traffic to be routed efficiently over multiple channels, including not only existing MPLS circuits but also the public Internet via LTE and broadband. The result is a more efficient approach to managing WAN connectivity and overhead by leveraging more flexible and often lower-cost broadband options.
Direct cloud access: Digital innovation is driving more services to the cloud. Unfortunately, conventional network architectures can’t support today’s sophisticated workloads and disruptive applications. The good news: SD-WAN provides direct access to critical cloud applications for users located far from headquarters. Friendly user interface: By managing SDWAN from a simple user interface, such as a single pane of glass management and orchestration console, IT teams can drastically reduce management costs, simplify configuration, and accelerate deployment cycles.
Do you expect basic SD-WAN functionalities to be integrated with network security products?
The integration of SD-WAN into network security solutions such as a firewall can’t be about “basic” SD-WAN functionalities. It must be full function SD-WAN capabilities as well as nextgeneration firewall functionality. There cannot be any compromise on either side of the equation.
Unlike nearly every other SD-WAN solution on the market, the capabilities of Fortinet’s Secure SD-WAN solution combine advanced networking and traffic management with natively
integrated advanced security functionality. Better yet, both of these critical functions—networking and security—can be orchestrated through a single management interface, thereby significantly reducing administrative overhead, while alerting administrators to issues they may not have noticed otherwise.
The deep interoperability between security and network functions is the hallmark of the next generation of security known as Security-Driven Networking. By weaving these traditionally separate systems into a single solution, organisations can achieve the visibility and control necessary to truly secure their entire infrastructure.
Is your SD-WAN solution optimised for cloud connectivity?
In short, yes. Cloud applications can be given priority over other applications such as email and web browsing. Since the Fortinet Secure SD-WAN solution is based on the FortiGate NGFW, it is fully integrated into the Fortinet Security Fabric cybersecurity platform, including dynamic cloud security. This integration support end to end connectivity and visibility.
For organisations that need continual access to their business-critical apps and services on the cloud, Fortinet’s Secure SD-WAN solutions are the perfect alternative to outdated branch router strategies. They not only enable cloud access for high-performing applications used in branch locations, but they also facilitate video conferencing and unified communications – this is especially critical as businesses look to enhance their teleworker strategies. And security and networking are integrated into a single system, ensuring that security is automatically included in every connectivity decision, no matter how often changes need to be made.
Are you offering analytics to troubleshoot network performance issues?
The Fortinet Secure SD-WAN solution is fully supported by Fortinet’s management and analytics platforms, FortiManager and FortiAnalyzer.
Fortinet’s Fabric Management Center combines FortiManager and FortiAnalyzer for effective network operations, making agile network management a reality for Fortinet customers across NGFW, SD-WAN, and IPS, as well as other projects for the organisation. This combined solution enables three key use cases: centralised management, network automation and Security Fabric analytics.
How is Fortinet helping to break the barriers between networking and security teams in enterprises?
Fortinet has been a leading proponent of the integration of network and security since its inception. FortiOS, the most widely deployed security operating system in the world, has a rich mix of networking and security features and allows the FortiGate NGFW to function as a fully integrated network device. Fortinet’s cybersecurity platform, the Fortinet Security Fabric has security-driven networking as one of its key pillars. The philosophy behind security-driven networking is on both the technologies as well as breaking down the silos between the teams but demonstrating the value of the integration.