Managed Secure SD-WAN

Achieve better, faster, and higher ROI managed services by leveraging Fortinet Secure SD-WAN.

Managed service providers (MSPs) and managed security service providers (MSSPs) operate in a competitive environment with many new entrants in the space. Attracting new customers and retaining existing ones require the ability to differentiate MSPs’ and MSSPs’ offerings from the competition. In a crowded industry, achieving this can be a challenge.

When trying to stand out from the competition, MSPs and MSSPs need to ensure that they can follow through on their commitments. Deploying an array of point solutions to add additional capabilities to the provider’s offerings quickly becomes unscalable if each solution must be individually deployed, configured, monitored, and managed.

MSPs and MSSPs can take an alternative approach by building their offerings upon a strong, integrated foundation. Secure software-defined wide-area networking (SD-WAN) integrates networking and security functionality into a single appliance, reducing security sprawl. It also lays the groundwork for MSPs and MSSPs to offer additional value-added services with minimal added overhead.

WAN Evolution Presents Opportunities to Service Providers: From Managed SD-WAN to Managed SD-Branch

WAN Evolution Presents Opportunities to Service Providers: From Managed SD-WAN to Managed SD-Branch

Leia agora
How Service Providers Can Optimize Managed SD-WAN and SD-Branch Delivery and Management

How Service Providers Can Optimize Managed SD-WAN and SD-Branch Delivery and Management

Leia agora
FortiGate Secure SD-WAN Helps Service Providers Boost Revenue

FortiGate Secure SD-WAN Helps Service Providers Boost Revenue

Leia agora

Key Managed SD-WAN Business Drivers

demand

Enterprise Demand

Enterprise demand for SD-WAN is rapidly increasing. Global SD-WAN Managed Services are expected to grow at a 76% compound annual growth rate (CAGR) to $5.7B by 2023 for SD-WAN, and according to Gartner, only 6% of organizations have no plans to deploy SD-WAN at all. By adding managed SD-WAN services to their offerings, MSPs and MSSPs can attract and retain customers by meeting this demand.

revenue increasing

Increase Revenue

Multiprotocol label switching (MPLS) bandwidth is expensive, and many enterprises are looking for alternative options for their corporate WAN. Additionally, as customers move to the cloud and to mobile, MPLS does not meet the needs of enterprise WAN. By adopting SD-WAN, MSPs and MSSPs can open up new revenue streams and provide value-added services to their customers.

competitive differentiation

Competitive Differentiation

In a crowded industry, MSPs and MSSPs need to differentiate themselves from their competitors. Managed SD-WAN services can act as a platform for additional value-added services for customers. Additionally, integration of security functionality into SD-WAN can reduce the fragmentation of the customers’ security architecture, making it simpler for MSPs and MSSPs to maintain visibility and security in client environments. Managed SD-WAN can be expanded to include managed SD-Branch, Internet-of-Things (IoT) security, and other value-added services that MSPs and MSSPs can offer to their customers.

geography

Geographical Footprint

A MSP’s or MSSP’s ability to provide MPLS services is limited by their current MPLS footprint, and adding new lines can be time-consuming and expensive. By expanding their offerings to include SD-WAN, MSPs and MSSPs can extend their geographical footprint outside of the local MPLS market by creating secure WAN connections via the public internet. This capability is critical to onboarding and supporting new and growing organizations since it enables the service provider to rapidly deploy their offerings at new service locations.

Key Requirements for Managed SD-WAN

high performance

Operational Efficiency

MSPs and MSSPs require solutions that allow them to operate more efficiently. Solutions should provide a rapid time to revenue by requiring minimal configuration and deployment time on provider or customer networks. They should also offer high margins and scale easily to larger customer bases.

value added

Value-added Services

MSPs and MSSPs seek solutions that allow them to offer value-added services to their customers. Deploying managed SD-WAN services to customer networks allows them to offer additional products such as managed SD-Branch and IoT security services. Secure SD-WAN can also favorably compete with pure SD-WAN offerings since they also offer integrated security and analytics functionality.

time

Time to Capability

MSPs and MSSPs seek offerings that they can quickly deploy to their customers after purchase. This includes both current customers, where new functionality can be added or enabled in an existing deployment, and new customers that require onboarding and solution deployment before services can be provided.

 

flexible

Flexible Business Model

MSPs and MSSPs have customers with widely differing needs. They require the capability to offer pay-as-you-grow models for their products and services, allowing them to scale their offerings and prices to a customer’s unique situation.

For undistributed federal networks, FortiGate NGFWs provide scalable, comprehensive protection with the industry’s best performance.

Learn More
The Fortinet Security Fabric enables intelligent segmentation of classified and top-secret data and layers of control to keep it in the right hands.

Learn More
Real-time, robust threat intelligence and unknown threat detection are critical for federal networks under assault by nation-states. Fortinet provides both comprehensive intelligence and AI-powered threat detection.

Learn More
To provide full visibility into some of the world’s largest networks, Fortinet management and analytics tools provide centralized control, visibility, and reporting.
Managed SD-WAN for Service Provider Business Agility Secure Hybrid WAN Cloud-scale Branch SD-WAN/SD-Branch
Click on a specific section of the diagram to get more details

Fortinet Differentiators for Managed SD-WAN

visibility

Visibility

The Fortinet Security Fabric, with out-of-the-box integration with over 250 third-party vendor products, enables single-pane-of-glass visibility and configuration management and real-time threat-intelligence sharing across a service provider’s entire network environment. With Fortinet Secure SD-WAN, this enables MSPs and MSSPs to manage their customers’ entire network infrastructure from a single pane of glass. This also allows MSPs and MSSPs to improve efficiency, decrease total cost of ownership (TCO), and reduce their clients’ cybersecurity risk. FortiGate next-generation firewalls (NGFWs) also support numerous administrative domains (ADOMs) and virtual domains (VDOMs), providing management flexibility and supporting role-based access control (RBAC).

automation

Automation

Secure SD-WAN enables MSPs and MSSPs to centralize visibility and management of their customers’ entire WAN. The Fortinet Security Fabric takes this a step further by enabling out-of-the-box integration with over 250 third-party vendor products through 12 Fabric Connectors, over 135 third-party application programming interfaces (APIs), 9 Fabric DevOps scripts, over 130 Extended Security Fabric Ecosystem partnerships, and an open-API architecture.

This integration enables MSPs and MSSPs to automate threat prevention, detection, and response, minimizing the overhead associated with securing customer environments. Centralized security management also enables MSPs and MSSPs to efficiently establish and enforce policies that comply with security standards. This, in turn, facilitates the automatic generation of reports for customers that demonstrate compliance for regulators and provide important security insights for the C-suite and the board.

threat intelligent

Proactive, AI-driven Threat Intelligence

Fortinet Secure SD-WAN links a customer’s entire security architecture via the Fortinet Security Fabric. The Security Fabric orchestrates threat intelligence across and between each of the organization’s security elements in real time. FortiGuard Labs leverages artificial intelligence (AI) and machine learning (ML) capabilities to pinpoint known and unknown threats and communicate actionable intelligence across the Security Fabric. Threat intelligence is enhanced through partnerships with over 30 threat-sharing organizations and integration with over 100 other vendor products. With the Fortinet Security Fabric, this threat intelligence is communicated to all SD-WAN appliances in a customer’s WAN, ensuring enterprisewide threat detection and prevention.

high performance

High Performance

FortiGate NGFWs, with corroborated performance testing by NSS Labs, offer the industry’s lowest latency, which is an important feature for MSPs’ and MSSPs’ customers. The highly efficient custom FortiGate application-specific integrated circuit (ASIC), as well as the world’s first SD-WAN ASIC, enables Fortinet to provide high-performance security at the WAN edge and throughout the network. Moreover, turning on advanced features such as secure sockets layer/transport layer security (SSL/TLS) encryption inspection does not impact network performance in speed or throughput, unlike competitive solutions.

This is crucial for MSPs and MSSPs, whose customers expect security to not impact network performance and who require solutions that minimize capital expenditures (CapEx) and operational expenditures (OpEx). Fortinet is named a Leader in the Gartner Magic Quadrant for Network Firewalls and a Challenger in the Gartner Magic Quadrant for WAN Edge Infrastructure, has won 2019 MEF 3.0 Proof of Concept Awards for Security Assurance in SD-WAN and Cloud Service Implementation, and is the only vendor to have NSS Labs Recommended status for nine different security products.

simplified operation

Simplified Operations

With FortiManager, Fortinet solutions can be easily deployed and centrally managed, allowing MSPs and MSSPs to easily roll out security infrastructure to new customers. FortiManager and FortiAnalyzer also allow MSPs and MSSPs to integrate and automate their client’s security deployment via the Fortinet Security Fabric, enabling analytics and compliance reporting through FortiAnalyzer. This integration also allows MSPs and MSSPs to break down silos that isolate security operations center (SOC) and network operations center (NOC) operations, enabling improved global visibility and more efficient operations. By deploying Fortinet Secure SD-Branch, centralized visibility and management is expanded to cover everything from the internet to the switching infrastructure in customer locations, simplifying security monitoring and management for MSPs and MSSPs.

zero touch deployment

Zero-touch Deployment

Fortinet devices are capable of touchless onboarding and provisioning with the ability to preconfigure deployment settings before sending devices to customer locations. Fortinet devices also allow a single key for supported devices on bulk orders and expose a JavaScript object notation/extensible markup language (JSON/XML) API for device customization. This enables automated or programmatic deployment of Fortinet devices, enabling MSPs and MSSPs to eliminate truck rolls and achieve faster onboarding of new customers.

flexible

Flexible Consumption Models

Multiple pricing and product consumption options offer MSPs and MSSPs and their customers the flexibility needed to optimally secure their data, infrastructure, and applications. This enables MSPs and MSSPs to scope their customers’ SD-WAN deployment, and the value-added services that it supports, to meet their customers’ specific needs.

multitenancy

Multitenant by Design

Fortinet solutions are designed to be multitenant from the ground up, enabling MSPs and MSSPs to isolate but still manage multiple customer networks from a single console. This enables MSPs and MSSPs to take advantage of cost savings by offering customers networking over shared, but isolated, SD-WAN infrastructure—increasing average revenue per user (ARPU) while improving operational efficiencies.

professional development

Professional Development

Fortinet offers a range of training opportunities to help MSPs and MSSPs better attract and serve customers and to differentiate their services and grow their business. Opportunities include seller training, technical training, and advanced training. This helps MSPs and MSSPs to learn how to optimize their SD-WAN deployment and efficiently deploy value-added services to their customers.

 

join marketing

Joint Solution Marketing Model

The Fortinet Joint Solution Marketing Model provides MSPs and MSSPs with numerous opportunities to improve and grow their business. These include a partner-focused marketing team, support for developing messaging, blogs, case studies, and selective support for partner campaigns. This helps MSPs and MSSPS to maximize the impact of their marketing regarding SD-WAN offerings and the additional value-added services that it enables.

Business Agility

Onboarding new customers and rolling out new customer sites is a significant expense for a managed service provider (MSP) and managed security service provider (MSSP). As MSPs and MSSPs acquire new customers and support growing businesses, they need solutions that can be easily deployed to new customer environments and integrated with the customer’s existing infrastructure.

Fortinet Secure SD-WAN provides a foundation for an MSP or MSSP deploying services to a new customer location. An integrated next-generation firewall (NGFW) and intrusion prevention system (IPS) provide threat prevention and traffic inspection, even of secure sockets layer (SSL) or transport layer security (TLS) encrypted flows. Integration with Fortinet Secure SD-Branch enables centralized visibility and network management down to the switching layer.

Fortinet is a member of the industry’s largest cybersecurity ecosystem, with over 250 Security Fabric Ecosystem Partners. Fortinet Secure SD-WAN and other Fortinet solutions offer out-of-the-box integration with all of these vendor products in as little as a single click via the Fortinet Security Fabric. The Fortinet open security ecosystem includes:

  • 12 Fabric Connectors that provide deep integration with third-party vendor products
  • Over 135 Fabric application programming interfaces (APIs) that enable end-to-end integration of third-party vendor products with Fortinet solutions
  • An active DevOps community to help with development of custom solutions
  • Over 130 Extended Security Fabric Ecosystem relationships with threat-sharing organizations and integrations with other vendor products
Security Fabric Orchestration Connectors enable security integration and simplified management across the Fortinet Security Fabric, decreasing operational expenditures (OpEx) for MSPs and MSSPs. The Fortinet Security Fabric offers out-of-the-box connectivity with all major public clouds, enabling security integration across multi-cloud environments. This enables MSPs and MSSPs to offer support for customer digital innovation initiatives with minimal additional overhead. Fortinet solutions offer a REST API for zero-touch deployment to client locations. This minimizes the time and expenditure associated with deployment to new customers or locations. The Fortinet Developer Network is a community of Fortinet administrators and developers who offer code sharing, documentation, and forums to answer questions regarding configuration and use of Fortinet solutions. FortiGate NGFWs utilize purpose-built security processors to help MSPs and MSSPs deliver top-rated protection and high-performance inspection of clear-texted and encrypted traffic. They are available in multiple form factors. Built-in intrusion prevention system (IPS) includes multiple inspection engines, threat-intelligence feeds, and advanced protection options. This enables MSPs and MSSPs to minimize operational expenditures (OpEx) associated with threat detection and response in customer environments. Integration of point products allows service providers to take advantage of security orchestration, automation, and response (SOAR). This enables them to meet service-level agreements (SLAs) with minimal overhead and operational expenditure (OpEx). FortiAnalyzer provides analytics-powered cybersecurity and log management to enable service providers to more rapidly detect and remediate issues in customer environments. Integration of point products allows service providers to take advantage of security orchestration, automation, and response (SOAR). This enables them to meet service-level agreements (SLAs) with minimal overhead and operational expenditure (OpEx). Integrated application control applies application-specific policies to network traffic based upon automatic application detection. This enables MSPs and MSSPs to more easily meet service-level agreements (SLAs) by providing optimized routing for high-priority traffic.
Business Agility Orchestration Connectors Public Cloud Connectors REST APIs Developer Network NGFW IPS Orchestration Analytics Automation Application Awareness
Click on a specific section of the diagram to get more details

Secure Hybrid WAN

Traditional WAN security solutions operate by layering security on top of networking in the form of a collection of standalone appliances. This approach to WAN security can impair visibility and create silos since the point products in an organization’s security deployment may not communicate with one another. This decreases a managed service provider’s (MSP) and managed security service provider’s (MSSP) ability to efficiently manage their customer networks and increases operational costs and overhead. Finally, the use of standalone point products locks an organization into the transportation media that they can support.

Fortinet Secure SD-WAN integrates networking and security functionality into a single appliance, removing the need to deploy an array of point security products. This enables MSPs and MSSPs to offer consistent, enterprise-grade security across their customers’ WANs with a dramatically lower total cost of ownership (TCO).

Secure SD-WAN also enables MSPs and MSSPs to offer their customers transport independence with secure hybrid WAN. Hybrid WAN allows traffic to be routed over multiple transport modes, which enables them to reduce their dependence upon expensive multiprotocol label switching (MPLS) bandwidth.

Secure SD-WAN also offers secure direct-to-internet connectivity for cloud applications since traffic inspection now occurs at the network edge. As customers increasingly transition to the cloud, the ability to offer direct routing for cloud-bound traffic from anywhere within the client’s environment is a significant competitive advantage.

As part of the Fortinet Security Fabric, Fortinet Secure SD-WAN offers out-of-the-box integration with a wide range of Fortinet and third-party vendor solutions. MSPs and MSSPs can offer managed Secure SD-WAN services as a foundation for a variety of other networking and security services for their customers, such as:

  • Managed SD-Branch
  • Managed Application SLA
  • Managed Cloud On-ramp
  • Managed IoT Security

With Fortinet Secure SD-WAN, MSPs and MSSPs can offer features such as:

  • Alternatives to MPLS networking
  • Out-of-the-box integration with Fortinet and over 250 third-party solutions
  • Single-pane-of-glass visibility into customer environments
  • FortiPortal, which enables MSPs and MSSPs to offer customers limited management control. This gives them direct control over end-user customizations and access to reporting capabilities built into FortiManager and FortiAnalyzer.
  • Automated identification of over 5,000 types of application traffic
  • Direct-to-internet, optimized routing of cloud-bound traffic
  • Integrated security and networking functionality in a single appliance
FortiExtender provides LTE connectivity to wireless and cellular networks for both primary and secondary/backup WAN connections for use in locations such as branch offices, retail pop-up stores, point-of-sale (POS) systems, and more. FortiGate NGFWs utilize purpose-built security processors to help MSPs and MSSPs deliver top-rated protection and high-performance inspection of clear-texted and encrypted traffic. They are available in multiple form factors. Fortinet Secure SD-WAN enables MSPs and MSSPs to offer next-generation firewall (NGFW) security, advanced routing, and WAN optimization capabilities for high performance and security in customer environments. FortiPortal enables MSPs and MSSPs to offer customers limited management control. This gives them direct control over end-user customizations and access to reporting capabilities built into FortiManager and FortiAnalyzer. Integrated URL filtering enables a service provider to identify and block attempted connections from customer networks to malicious or suspicious domains. Built-in intrusion prevention system (IPS) includes multiple inspection engines, threat intelligence feeds, and advanced protection options. This enables MSPs and MSSPs to minimize operational expenditures (OpEx) associated with threat detection and response in customer environments. Built-in antivirus solutions identify and block attempted malware intrusions based upon threat intelligence provided by FortiGuard Labs. This enables MSPs and MSSPs to more easily and efficiently meet service-level agreements (SLAs) for protecting customer networks. Integrated application control applies application-specific policies to network traffic based upon automatic application detection. This enables MSPs and MSSPs to more easily meet service-level agreements (SLAs) by providing optimized routing for high-priority traffic.
Secure Hybrid WAN Cellular Extender NGFW SD-WAN FortiPortal URL Filtering Intrusion Prevention Antivirus App Control
Click on a specific section of the diagram to get more details

Cloud-scale Branch

Organizations’ corporate WANs are increasingly expanding to include cloud-based Software-as-a-Service (SaaS) and Infrastructure-as-a-Service (IaaS) resources. The need to route traffic from branch locations through the headquarters network for security scanning and policy enforcement degrades network performance, increases latency, and creates congestion on the corporate WAN. Managed service providers (MSPs) and managed security service providers (MSSPs) who can advertise improved cloud connectivity have a clear competitive advantage.

Fortinet Secure SD-WAN enables secure, direct-to-internet connectivity for cloud-bound traffic, which is essential for customers increasingly transitioning to use of IaaS and SaaS offerings. The built-in FortiGate next-generation firewall (NGFW) provides Layer 3 to Layer 7 protection and high performance guaranteed by the industry’s first purpose-built SD-WAN application-specific integrated circuit (ASIC) chip. As part of the Fortinet Security Fabric, FortiGate NGFWs offer single-pane-of-glass visibility and management for MSPs and MSSPs, increasing operational efficiency and simplifying management of customers’ WANs.

Service providers can also offer cloud-native security protections that are integrated with the Fortinet Security Fabric. FortiCASB and FortiCWP enable automation of security and compliance management in cloud environments. FortiWeb, available as a virtual machine (VM), physical appliance, or SaaS offering, provides protection for a customer’s cloud-based web pages, payment portals, and application programming interfaces (APIs). FortiGate NGFWs, which are available in a cloud-native IaaS form factor (among others), enable cloud-native protection in any deployment environment.

As customers move to the cloud, MSPs and MSSPs must be able to offer cloud-focused security to support them, such as those provided by Fortinet solutions:

  • Automatic identification of over 5,000 types of application traffic
  • Middle-mile and last-mile traffic optimization
  • Native integration with all major cloud service providers (CSPs)
  • Single-pane-of-glass visibility and management across branch locations and cloud deployments
  • Simplified compliance management with automated data collection and out-of-the-box report templates
Fortinet Secure SD-WAN enables service providers to offer secure, direct-to-internet connectivity for Software-as-a-Service (SaaS) applications in customer environments. FortiCASB helps MSPs and MSSPs provide their customers with visibility, compliance, data security, and threat protection for their cloud-based services.
Cloud-scale Branch SD-WAN FortiCASB
Click on a specific section of the diagram to get more details