Business & Technology

FortiGate-VM and Fortinet Secure SD-WAN Run Natively in Azure Virtual WAN to Simplify Secure Cloud On-ramp

By Ali Bidabadi | November 17, 2021

Today, we are pleased to announce that Fortinet has become the first vendor to offer customers a converged next-generation firewall and secure SD-WAN solution that can be deployed and run natively inside Azure Virtual WAN. Achieved via the integration of FortiGate-VM, this offering expands our already broad coverage of cloud on-ramp and security use cases and further simplifies management and deployment of secure SD-WAN solutions across hybrid and multi-cloud environments. FortiGate-VM offers the same industry-leading next-generation firewall, Secure SD-WAN, and IPS capabilities as those found in our award-winning FortiGate appliances. And, as part of the Fortinet Security Fabric, our broad, integrated, and automated cybersecurity mesh platform, customers get the benefit of consistent policies and visibility across their hybrid and multi-cloud environments.

Addressing Cloud On-ramp and Multi-cloud Security Challenges

Microsoft introduced the Azure Virtual WAN as a networking service that brings networking, security, and routing together to provide a single operational interface. However, to securely on-ramp into, between, and within the cloud, customers require next-generation firewall functionality with end-to-end SD-WAN capabilities. With this integration, customers can use a Managed Application to deploy FortiGate-VM into the Azure Virtual WAN hub, where the FortiGate will be deployed and configured automatically to peer via BGP with the Virtual WAN hub router, extending next-generation firewall and secure SD-WAN capabilities to the cloud. To further simplify the process, FortiGate-VM can be deployed directly from Azure Marketplace, or can be deployed from the virtual hub via the Azure portal.

Customers can use the one-touch configurations from the Azure Virtual WAN portal to enable security policies and routing for North-South, East-West traffic, and internet-bound traffic. This allows them to apply FortiGate-VM’s extensive security services including IPS, application control, and SSL, as well as SD-WAN services such as application steering, to Virtual WAN traffic. And for the first time from any vendor, customers will be able to weave security services into the Virtual WAN infrastructure. The solution is scalable, load balanced and configured for active-active highly resilient deployments. This means customers can extend their Fortinet Security Fabric into their Virtual WAN in a scalable and automated fashion.

FortiGate-VM and Fortinet Secure SD-WAN Natively Integrate with Azure Virtual WAN

Customers have traditionally deployed Azure Virtual WAN to provide connectivity between their on-prem data centers, branch offices and Azure virtual networks. A customer might start with a vWAN hub and FortiGate-VM NGFW in a single Azure region and connect a few branch offices or multi-cloud deployments to the FortiGate via SD-WAN. They add a few business-critical applications in Virtual Networks connected to the Virtual WAN hub. FortiGate-VM can serve as the security provider for all traffic including VNET to VNET, Branch to VNET and VNET to internet traffic – scanning both N/S and E/W traffic for security concerns.

Customers can then expand to other Azure regions and connect their global branch offices via ExpressRoute or IPSec tunnels. This can be done seamlessly, with all routing and NGFW configurations managed under a single pane of glass with FortiManager and Azure Virtual WAN. The diagram below illustrates how FortiGate-VM integrated with Azure Virtual WAN enables various cloud on-ramp and cross-region security inspection use cases.

With the integration of Fortinet’s FortiGate-VM with Azure Virtual WAN, customers ranging from small manufacturing companies to large retail chains with stores around the globe can now connect all of their branches, configure routing and protect business-critical network traffic, and enjoy the benefits of Fortinet’s best-in-class Secure SD-WAN and NGFW solution.

While this is a substantial step forward with our collaboration with Azure Virtual WAN, Fortinet is committed to addressing customers’ security and connectivity challenges across all their cloud environments. Multi-cloud customers should be happy to know that Fortinet also offers the broadest native cloud security with tight integrations on major cloud platforms in addition to Azure, including AWSGoogle Cloud and others, and is supported by a large number of Fortinet Fabric-Ready ecosystem partners and integrations. This further enables customers to integrate, automate, and orchestrate securely between all major public cloud platforms, network edges, and data centers. 

Learn how Fortinet’s adaptive cloud security solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.