cl-nz logo
Story image

Video: How secure is your SD-WAN architecture?

06 Jul 2020

As SD-WAN (software-defined wireless access network) is taking the world of networking by storm, it is about time that we all understood what it is all about.

Ingram Micro technology solutions architect Andy Hill gave us the lowdown on what SD-WAN is and how Fortinet’s secure SD-WAN offerings can keep an organisation's network running at peak performance.

See the full video below.

What is SD-WAN

Traditional WAN has many limitations. Hill points to a Gartner study that reveals that 70% of customers find it slow and expensive and, as companies begin their digital transformation journeys, they will be using more than 60 SaaS applications meaning increased strain on bandwidth.

In the survey, 78% of respondents stated that security was a top concern, which makes it surprising that 90% of WAN solution vendors don’t have a built-in next-gen firewall.

With traditional WAN using proprietary hardware, it often limits the control and visibility that users have into the system that their entire organisation relies on.

Traditional WAN has its purpose, Hill explains, but with SaaS, IaaS and public cloud, it may not be the most appropriate choice for many.

SD-WAN separates the hardware from the control mechanism which means increased visibility into how applications are using bandwidth and more control over how traffic is steered to get the best response for the needs of each application.

This means better performance at a lower cost, even using a commercially available internet connection.

The software-defined option is also transport-agnostic, meaning that it doesn’t matter if the underlying infrastructure is MPLS, broadband, or LTE – it can manage the use of links in intelligent ways in real-time.

It is also application-aware right to the edge so applications can be recognised and decisions made based on what the network and applications’ needs are in real-time. 

With a firewall integrated into the networking management software, it is also constantly aware and proactive with the all-important network security.

If a company is looking to transition from MPLS to broadband and don’t want to lose connection quality, especially with voice and video, SD-WAN provides that capability as well as making any needed changes simple and centrally managed.

Fortinet SD-WAN

Hill walks through the evolution of Fortinet’s SD-WAN offering, starting with FortiOS 5.4, that offered the basics of load balancing, app steering and traffic shaping; up to the current 6.2 offering that includes a range of vital capabilities such as: 

  • forwarded error correction to reduce retransmission and retries, 
  • expanded SLA strategies with templates for simple deployment, 
  • enhanced analytics, and 
  • the proprietary system-on-a-chip that ensures no wasted power and provides an accelerated SD-WAN experience.

With visibility for more than 5000 applications, Fortinet’s solution has in-built knowledge to inform decisions about where to steer traffic, all fully automated. 

High level monitoring that is easy to understand gives a clear understanding of where bandwidth is being used and, for those who need it, there is the ability to get more granular with deeper analytics.

Perhaps most vitally, this is all built with an integrated next-gen firewall and additional security services such as web filtering, intrusion prevention, anti-malware, and cloud sandboxing all in one product.

This eliminates the need to navigate to multiple control centres or platforms to gain control, visibility and security for the network.

To highlight the high calibre of Fortinet’s SD-WAN solution, Hill refers to an independent comparison by NSS Labs.

In a real world simulation of enterprise traffic, NSS looked at packet delay, latency jitter and packet loss as well as simulating poor conditions.

Fortinet was one of three recommended products and came in at number one for total cost of ownership, including cost to implement. 

For those interested in what Fortinet SD-WAN can do, the company offers an assessment programme. 

An expert will help you install a purpose built Fortigate firewall into your environment with a specific firmware version that provides a transparent model that monitors in/out traffic so you can understand what applications are using and the network’s security posture. 

In the video below, Andy Hill goes into much more technical detail about how Fortinet achieves all of this networking magic.

If you have questions or are interested in getting more information about how to create secure SD-WAN architecture for your organisation, feel free to get in touch with Ingram Micro’s Andy Hill