Customer Stories

Building Network Efficiency at Hundreds of Locations Worldwide with Fortinet Secure SD-WAN

By Courtney Radke | August 19, 2021

Streamlined communications are key to efficiency. But for one large business focused on feeding the world, connecting and operating a myriad of locations is a core IT challenge. The company produces and sells packaged foods across five continents via millions of points of sale and hundreds of corporate locations, ranging from large campuses to small offices to manufacturing facilities and distribution centers. 

Previously, the company relied on a hub-and-spoke wide-area network (WAN) architecture that used a combination of two managed IP MPLS VPN links and broadband, one MPLS and two broadband, or one broadband and 4G depending on location. All local traffic was funneled through the regional data centers for inspection by a corporate firewall.

The WAN was expensive, and network performance in many locations was slow enough to inhibit end-user productivity. Business units were requesting security policy changes to accelerate connectivity to the company’s large—and perpetually growing—portfolio of web-based applications. Moreover, each location experienced extremely slow failover between its MPLS links in the event of a problem. The food producer needed a different solution. 

As the IT team researched possibilities, they discovered that software-defined WAN (SD-WAN) could solve multiple challenges at once; network performance, high costs for global MPLS links, and network complexity. Due diligence revealed that a solution focused on security-driven networking, such as Fortinet Secure SD-WAN, could provide even bigger benefits.

An All-New WAN

The company transitioned to a new WAN infrastructure, in which each large corporate location has one local MPLS link with two broadband connections for redundancy and performance, while each sales office has three broadband or 4G LTE links. Fortinet Secure SD-WAN appliances connect each location’s local-area network (LAN) with the WAN links, utilize all WAN connections capacity, and provide failover in less than one second. 

And since the SD-WAN is an integrated service delivered via the FortiGate next-generation firewall (NGFW), critical security functions such as intrusion detection and intrusion prevention system (IDS and IPS) and antivirus capabilities are built in. Fortinet Secure SD-WAN provides protection for each location’s network edge comparable to what they receive at the corporate data center. So instead of requiring backhauling through the nearest data center, internet traffic can utilize the more cost-effective broadband links for direct connectivity, without sacrificing security or performance.

This approach has created a huge improvement in WAN performance for end users connecting to the growing number of critical cloud applications they use daily. Fewer hops from desktop to Software-as-a-Service (SaaS) providers equates to faster application response and enhanced user productivity. Additionally, Fortinet Secure SD-WAN appliances have a specialized, dedicated security processing unit (SPU) to further minimize latency and provide industry-leading security effectiveness and performance.

Finally, application-aware steering ensures that business-critical traffic is always given the highest priority and traverses the network first. Granular application steering applies to both encrypted and unencrypted traffic, with quality of service (QoS) rules for egress and ingress traffic determined specifically for each application and each WAN link. As a result, the company reports a significantly better user experience.

"Fortinet Secure SD-WAN brings together networking, advanced routing, and security into a single solution with one management interface. This consolidation simplifies architecture, streamlines provisioning and implementation, eliminating integration concerns."

Fortinet Secure SD-WAN to Provide Better Security and Substantial TCO Savings

For the IT team, Fortinet Secure SD-WAN simplifies both networking and security across the company’s broad and diverse infrastructure. Previously, it would have required considerable staff time to integrate a series of different solutions to connect and protect hundreds of global locations, and then manage them through multiple separate administrative interfaces.

By contrast, Fortinet Secure SD-WAN brings together networking, advanced routing, and security into a single solution with one management interface. This consolidation simplifies architecture, streamlines provisioning and implementation, eliminating integration concerns. This also simplifies system updates and enhancements, as well as troubleshooting and analytics. In addition, Fortinet Secure SD-WAN automates VPN authorization by matching policies to users via their Active Directory credentials. 

Crucially, the streamlined management within Fortinet Secure SD-WAN facilitates faster detection of, and response to, security threats, improving overall network protection. The solution has also reduced total cost of ownership (TCO) worldwide by minimizing the staff time required to handle networking and security issues, meaning the IT team now has more time for value-added activities and better flexibility to respond to business and user needs. 

The replacement of MPLS links with broadband and 4G connections around the world further reduces TCO and allows for greater flexibility to support dynamic business needs. 

Fortinet’s Secure SD-WAN solution allowed this leading global food supplier to simplify operations enabling IT teams to respond quickly to business and user needs, eliminate many direct and hidden costs that are impacting business performance and streamline network connectivity and security effectiveness across their distributed enterprise landscape improving user experience.

Take a security-driven networking approach to improve user experience and simplify operations at the WAN edge with Fortinet Secure SD-WAN.

Read these customer case studies to see how Mirex and the Ooredoo implemented Fortinet Secure SD-WAN to alleviate network complexity, improve performance, and reduce security costs.