Customer Stories

Municipality Leverages Secure SD-WAN for Multi-Cloud to Optimize Cloud Security

By Jonathan Nguyen-Duy | October 02, 2020

Customer Perspectives

Cyberattack surfaces are constantly growing as organizations upgrade their network services with digital innovations. And this is only exacerbated when these digital innovation initiatives involve migrating to multi-cloud environments. Further, as remote work leads to an increased reliance on data and information spread across multiple clouds, many organizations find themselves overwhelmed by the tools and resources required to secure these expanded networks. 

To address increased complexity and risk while maintaining high application performance and user experience, Fortinet customers have turned to Secure SD-WAN for Multi-Cloud offered through FortiGate-VM. Explore how this U.S. municipality is leveraging Fortinet’s solution to secure their cloud-to-cloud network deployments:

Leveraging the Fortinet Security Fabric’s Dynamic Cloud Security

The municipality already had in place a security infrastructure based on several components of the Fortinet Security Fabric, among them FortiGate Next-Generation Firewalls (NGFWs), FortiAP access points, and the FortiSIEM security information and event management solution. As it expanded its connectivity options for its employees and citizens, the municipality saw a need to augment its existing security devices and add new types of controls to protect its cloud environments through Fortinet’s Dynamic Cloud Security offerings.

Secure SD-WAN for Multi-Cloud

For connectivity to the municipality’s Azure Cloud and Oracle Cloud Infrastructure (OCI) services, the municipality leveraged the Fortinet Secure SD-WAN solution at the branch edges and Secure SD-WAN for Multi-Cloud through FortiGate-VM to connect their public clouds. Deployed at 25 branch locations, Fortinet Secure SD-WAN appliances combine the enterprise-level threat protection of the FortiGate NGFW with advanced software-defined WAN (SD-WAN) functionality to provide bandwidth- and application-optimized connectivity. This unique combination of security and SD-WAN functions enabled the municipality to swap the previous FortiGate firewalls one-to-one with 25 new NGFWs and high-performance SD-WAN devices at nearly the price of the firewalls alone. 

With Fortinet Secure SD-WAN, the municipality also preserves the value of its previous investment in the FortiAP access points. Like the FortiGate NGFW, the Fortinet Secure SD-WAN solution at each branch enforces the network access policies for the access points in that branch. These policies are consistent across all the branches because all the Fortinet Secure SD-WAN devices are automatically updated and managed from the Fortinet Fabric Management Center console. 

The FortiGate-VM NGFWs in Azure and OCI support security automation through Cloud-native integrations and provide the same robust threat protection and SD-WAN networking as the physical devices but are offered as-a-service in the cloud marketplaces. By selecting the one-year bring-your-own-license (BYOL) option instead of paying for usage by the hour, the municipality was able to lower its operating expenses.

The Fortinet team worked with the municipality to help justify—both technically and financially—the optimization savings in the operation and management of the new solution. Based on this, decision-makers at the municipality agreed to join the OPEX and CAPEX budgets into a single project, which was subsequently approved, in the midst of the pandemic.

Benefits of a Platform Approach

Because all the Fortinet components are integrated within the Fortinet Security Fabric, the municipality benefits from enterprise-wide security improvements each time it deploys a single device. Compared to a collection of multiple points products, the Security Fabric approach not only reduces operational complexity for the municipality’s IT team but also lowers the total cost of ownership (TCO) for its security technology. 

Learn how Fortinet’s dynamic cloud security solutions provide increased visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.