FortiGate: Secure SD-WAN

WAN Edge Transformation with Security-Driven Networking

Gartner 2019 Magic Quadrant for WAN Edge Infrastructure
web product icon sd wan

FortiGate Secure SD-WAN Overview

As the use of business-critical, cloud-based applications and tools continue to increase, distributed organizations with multiple remote offices are switching from performance-inhibited wide-area networks (WANs) to software-defined WAN (SD-WAN) architectures. SD-WAN offers business application steering, cost savings, and performance for Software-as-a-Service (SaaS) applications, as well as unified communication services. However, SD-WAN has its own shortcomings—especially when it comes to security with direct internet access.

Fortinet FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering. Fortinet received second consecutive NSS Labs “Recommended” rating in the SD-WAN Group Test. Fortinet Secure SD-WAN delivered lowest Total Cost of Ownership (TCO) per Mbps among all eight vendors.

Try out Fortinet’s new SD-WAN Readiness Assessment Program using CTAP SD-WAN.

Understand What is SD-WAN and why it is critical to empowering today's businesses.

 

Secure SD-WAN News

   

Secure SD-WAN Videos

Fortinet Secure SD-WAN with Dynamic Cloud Security

Learn more about how Fortinet can protect your distributed WAN edges, applications, and cloud infrastructures with Secure SD-WAN and Dynamic Cloud Security.

Watch the video
Modernize your WAN Edge with Fortinet Secure SD-WAN
Fortinet Secure SD-WAN Solution
SD-WAN ASIC Delivers 10x Higher Performance

FortiGate Secure SD-WAN Product Details:

  • Best WAN Edge Price/Performance
  • WAN Path Controller with Remediation
  • Fastest Application Identification and Steering
  • Advance Routing Capabilities and WAN Optimization   

Features

intelligent icon

SD-WAN ASIC delivers fastest application identification and steering from a broad range of 5,000+ applications to enable digital transformation at the WAN Edge 

monitoring icon

Path awareness intelligence and link remediation delivers best application performance by automated fail-over and fail-back mechanism 

platform support icon

Single pane of glass management with zero-touch deployment for the entire WAN edge simplifies deployment of SD-WAN and security

Benefits

icon benefits tools
Reduced complexity and high total cost of ownership by using best of breed SD-WAN and NGFW functionality on a single appliance
high performance icon
Improve cloud application performance by prioritizing business critical applications and enabling branches to directly communicate to the internet
reduce cash icon
Reduce operating expenses by migrating from MPLS and utilizing multi-broadband such as Ethernet, DSL, and LTE

FortiGate Secure SD-WAN Models and Specifications

FortiGate SD-WAN is available in diverse form factors with many different models to choose from to meet your needs ranging from hardware, VM appliances to six different cloud marketplaces for WAN Edge transformation. FortiManager, that can be used to monitor and manage the FortiGate appliances is also available in different form factors including hardware, virtual and SaaS.

Compare Products

Hardware appliances

NGFW Throughput
200 Mbps
Threat Protection Throughput
150 Mbps
VPN Throughput
35 Mbps
Max G/W to G/W IPSEC
200
Ports
5x GE RJ45
NGFW Throughput
220 Mbps
Threat Protection Throughput
160 Mbps
VPN Throughput
100 Mbps
Max G/W to G/W IPSEC
200
Ports
7x GE RJ45
NGFW Throughput
1 Gbps
Threat Protection Throughput
700 Mbps
VPN Throughput
6.5 Gbps
Max G/W to G/W IPSEC
200
Ports
8x GE RJ45
NGFW Throughput
250 Mbps
Threat Protection Throughput
200 Mbps
VPN Throughput
2 Gbps
Max G/W to G/W IPSEC Tunnels
200
Ports
10x GE RJ45
NGFW Throughput
360 Mbps
Threat Protection Throughput
250 Mbps
VPN Throughput
2.5 Gbps
Max G/W to G/W IPSEC Tunnels
200
Ports
14x GE RJ45, 2x Shared Port Pairs
NGFW Throughput
360 Mbps
Threat Protection Throughput
250 Mbps
VPN Throughput
4 Gbps
Max G/W to G/W IPSEC Tunnels
2,000
Ports
Multiple GE RJ45, GE SFP Slots | PoE/+ Variants
NGFW Throughput
1.6 Gbps
Threat Protection Throughput
1 Gbps
VPN Throughput
11.5 Gbps
Max G/W to G/W IPSEC Tunnels
2500
Ports
26 1GE, 4 1GE Shared Media, 2 10GE
NGFW Throughput
1.8 Gbps
Threat Protection Throughput
1.2 Gbps
VPN Throughput
9 Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
18x GE RJ45, 4x GE SFP
NGFW Throughput
3.5 Gbps
Threat Protection Throughput
3 Gbps
VPN Throughput
20 Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
16x GE RJ45, 16x GE SFP
NGFW Throughput
6Gbps
Threat Protection Throughput
5 Gbps
VPN Throughput
20Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
16x GE RJ45, 16x GE SFP
NGFW Throughput
5 Gbps
Threat Protection Throughput
4.7 Gbps
VPN Throughput
20 Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
2x 10 GE SFP+, 10x GE RJ45, 8x GE SFP

Virtual machines

NGFW Throughput
850 Mbps
Threat Protection Throughput
700 Mbps
VPN Throughput
1 Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
Up to 10
NGFW Throughput
1.5 Gbps
Threat Protection Throughput
1.2 Gbps
VPN Throughput
1.5 Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
Up to 10
NGFW Throughput
2.5 Gbps
Threat Protection Throughput
2 Gbps
VPN Throughput
3 Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
Up to 10
NGFW Throughput
4.5 Gbps
Threat Protection Throughput
3.5 Gbps
VPN Throughput
5.5 Gbps
Max G/W to G/W IPSEC Tunnels
40,000
Ports
Up to 10
NGFW Throughput
9 Gbps
Threat Protection Throughput
7 Gbps
VPN Throughput
6.5 Gbps
Max G/W to G/W IPSEC Tunnels
40,000
Ports
Up to 10

Public Cloud

Amazon Web Services (AWS) and Microsoft Azure supported for both BYOL (bring your own license) and On-demand (pay-as-you go). Please see the AWS and Azure Marketplace listings for more information:

 

Hardware appliances

Devices/VDOMs (Maximum)
1200
Sustained Log Rates
50
GB/Day
2
Devices/VDOMs (Maximum)
4000
Sustained Log Rates
150
GB/Day
10

Virtual machines

Devices/VDOMs (Maximum)
+1,000
GB/Day of Logs
10
Devices/VDOMs (Maximum)
+5,000
GB/Day of Logs
25
Devices/VDOMs (Maximum)
+10,000
GB/Day of Logs
50
Actual performance may vary depending on the network and system configuration. Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled. 1. IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix. 2. Application Control performance is measured with 64 Kbytes HTTP traffic. 3. NGFW performance is measured with IPS and Application Control enabled, based on Enterprise Traffic Mix. 4. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix.

 

Public Cloud

Amazon Web Services (AWS) and Microsoft Azure supported for both BYOL (bring your own license) and On-demand (pay-as-you go). Please see the AWS and Azure Marketplace listings for more information:

Our Customers Emphasize the Value of FortiGate Secure SD-WAN in Gartner Peer Insights Review

Modern SD-WAN solutions not only need to offer uninterrupted performance, but must also be reinforced with features to secure distributed networks from advanced cyberattacks, especially for those branch offices that also include direct Internet access to online and cloud-based resources. This stark reality is why 72% of executives surveyed in a recent Gartner report stated that securing their SD-WAN deployment was their top concern.

FortiGate Secure SD-WAN has been well received by the industry, earning a “Recommended” rating from NSS labs and positive feedback from users on Gartner Peer Insights. Hear what some of our users had to say about our secure SD-WAN solution below. Download the infographic to get a quick list of the reviews. 

Easy To Deploy And Use

Network Security Administrator, $3B-$10B Energy and Utilities Company

“The FortiGate Firewalls are currently among the best in the Market for their extremely simplified UI, ease of deployment and maintenance.”

Easy Integration With Excellent Hardware Architecture

Infrastructure and Operations, $3B-10B Finance Company

“Integrated easily into our environments. Hardware architecture is a competitive advantage to manage policy processing.”

Simple SD-WAN Solution To Replace Costly MPLS

Network Engineer, Education

“We wanted a solution that was built into a firewall for ease of deployment and cost savings. After evaluating all of the vendors, we ended up going with Fortinet - largely for the SD WAN offering. After doing a proof of concept, we found that using the SD-WAN solution actually resulted in less latency between sites compared to our MPLS. We were able to save at least $10k a month by removing the MPLS, which was a huge return on our investment. Not only was the SD-WAN offering great, but the entire package of Fortinet products paired together greatly improved our overall security posture and gave us more insight into our network.”

Fast Set Up And Scalability For SD-WAN

Senior Information Security Manager, $3B-10B Manufacturing Company

“SD-WAN as it is, is a technology advance for a new era of WAN solutions, in particular Fortinet has a fast set up and scalability with all features inside NGFW.”

Easy Implementation And Help Us To Simplify Our Connections

Sr. Global IT Security, $500M-1B Services Company

“Excellent solution, very flexible and easy to operate, with FortiGate SD-WAN we could remove our MPLS and simplify our operations worldwide.”

 
Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.

FortiGate Secure SD-WAN Use Cases

Traditional WAN architectures are undergoing major transformation driven by multi-cloud migration and increase in number of services deployed at the WAN Edge. As the connectivity and application delivery change, organizations are forced to redesign their WAN architectures. Fortinet Secure SD-WAN offers best-of-breed SD-WAN  and NGFW capabilities to help organizations reduce costs, enhance application experience, simplify operations, and enable high security posture. 

 

Cloud Ready Branch

Leveraging Fortinet Secure SD-WAN for cloud on-ramp to SaaS and multi-cloud improves the user experience for business applications. With integrated advance security, the enterprise branch security posture remains strong even with direct internet access to the cloud. Managing edges, cloud and SaaS applications through single-pane-of-glass management reduces the cost and complexity of the branch.

 

Simplified Operations

Simplifying SD-WAN operations is one of the core use case to make implementation and expansion of SD-WAN successful in support of digital innovation initiatives. FortiGate Secure SD-WAN, FortiManager and FortiAnalyzer offer best-of-breed SD-WAN management and analytics capabilities that help network leaders reduce operational costs, risks and improve efficiencies at the network edge.

 

Reduce Costs

Deliver industry leading SD-WAN, NGFW, Advanced Routing and Optimization services with centralized management. Lower total cost of ownership (TCO) by reducing MPLS bandwidth costs and deploying a new branch in minutes with Zero-Touch provisioning for efficient operations.

 

FortiGuard Services for FortiGate Secure SD-WAN

The growth of technologies such as public and private clouds, software-defined wide-area networks (SD-WAN), and DevOps has resulted in increasingly complex IT networks at almost every organization. At the same time, cybersecurity threats have become more sophisticated and fast-moving.  Fortinet offers a full range of services and subscriptions to help you simplify and make the most of your SD-WAN deployment with the lowest TCO possible.

Read on to find out how Fortinet subscriptions and services can help you get the most out of your SD-WAN solution : 

We can help our customers lower their total cost of ownership (TCO) and simplify day-to-day  security operations  through our FortiOps services, which provide cloud-based management, visibility, and automation  across your Fortinet Security Fabric and help you realized the operational benefits of a Fortinet-enabled Secure SD-WAN.  

FortiOps

Cloud-based Management, Visibility, and Operations

FortiGuard

World-class Global Support and Professional Services

Effective best-in-class security requires timely, global intelligence combined with fast decision-making and response across all critical vectors. Fortinet offers proven and one of the most certified artificial intelligence-driven protection available in the market today powered by FortiGuard Labs.

For customers implementing FortiGates as NGFWs, here’s how FortiGuard subscriptions can help:

  • Application Control: Fortinet boasts one of the largest applications database to safeguard your organization from risky application and allows you visibility and control of applications running in your network
  • Intrusion Prevention: Stop unwanted attempts to access your network that target vulnerabilities and configuration gaps. We block over 10 million intrusion attempts per minute.
  • Advanced Threats: Stop malicious files and payloads moving into your network with FortiGuard’s leading advanced malware, antivirus, and sandboxing capabilities. We stop over 35,000 malicious files per minute.

Mission critical security-driven networks deserve the best support available.  FortiCare provides 24x7 support options to help keep your FortiGates up and running.  We also have services to help you recover in the rare moments when bigger bumps seem to come out of nowhere such as our Premium RMA options with 4-hour replacements. 

Want faster resolution?  Choose our Advanced Support option.

Need help to get going with new deployments and integrations?  FortiCare can do it, too, with Professional Services and Resident Engineers!  Contact Sales to find out how.

FortiCare

World-class Global Support and Professional Services

Pro-Tips

  • Request a free threat assessment today to find out how we can help secure your network!
  • Choose the 360 Protection Bundle for your SD-WAN solution. The 360 Protection bundle was designed to simplify SD-WAN operations on top of providing our customers with comprehensive security and operational services to deliver the best protection available while lowering TCO. In addition to the full suite of FortiGuard and FortiOps subscriptions and services you see here, you also get 24x7 FortiCare with Advanced Support built-in!
  • Don't forget to add Premium RMA for the fastest way to recover from unexpected bumps. We have global depots to get your parts fast!

Resources

Fuse Community


Product Demo

Welcome to the FortiGate Secure SD-WAN 6.2 demo site. This demo shows the dynamic WAN path controller, application SLA enforcement, intelligent application steering and traffic shaping capabilities of Fortinet SD-WAN and how it can help your organization achieve more efficient use of your WAN resources while lowering TCO. 

   

FortiGate FortiOS 6.2 SD-WAN Failover Demo

This video demonstrates how SD-WAN on FortiOS 6.2 can help greatly improve the quality of experience of four popular applications – Dropbox, VoIP, Office 365, and video. Fortinet Secure SD-WAN features a dynamic WAN path controller with a proprietary library of over 5000 applications to help organizations with their digital transformation, WAN OpEx reduction, and branch consolidation efforts.

Watch Now

    

Certifications

Fortinet Secure SD-WAN excels in most challenging enterprise SD-WAN deployment tests receiving a second consecutive "Recommended" rating in NSS Labs for SD-WAN Group Test report; while delivering Lowest Total Cost of Ownership (TCO) per Mbps Among All Eight Vendors.

Key Highlights:

  1. Lowest Total cost of Ownership (TCO):  FortiGate Secure SD-WAN showcased significant operational savings with the lowest TCO per Mbps (VPN Throughput) at $3.5@845Mbps and zero touch provisioning of new branches under six minutes. 
  2. Best User Experience with High Availability: In the extreme conditions such as WAN Link failures, FortiGate SD-WAN delivered the full score of 4.41 and 4.53 for voice and video for best application user experience.  
  3. Industry’s Most Validated NGFW Security Built-In: FortiGate SD-WAN comes with built-in NGFW which has received five consecutive NSS Labs NGFW “Recommendation” ratings. In the latest NSS Labs NGFW group test, FortiGate delivered 99.3% security effectiveness and 100% evasions blocking.

 

SD-WAN Value Map

In a crowded SD-WAN market, enterprises are finding it increasingly difficult to identify the right solution for them. NSS Labs provides a comprehensive and impartial test, in real-world situations, that identifies the key requirements for SD-WAN and the effectiveness of each solution. The SD-WAN capabilities that were assessed by NSS Labs include Zero-Touch provisioning, WAN Performance, Application-Aware Traffic Steering, Dynamic Path Selection with SLA Measurements and High Availability with WAN Impairments. Fortinet delivered best user experience with High Availability in extreme WAN impairment conditions.

Download Now

sd-wan nss lab fortigate 61e

Fortinet FortiGate 61E Test Report

Take a closer look at how Fortinet excelled again NSS Labs SD-WAN Group Test.  Fortinet showcased a number of advantages including lowest TCO, native NGFW security and quality of experience for unified communications. 

Download the Report

NSS Labs SD-WAN 2018 Value Map and Report

diagram sd wan certification 4

Comparative Report - Performance

NSS Labs SD-WAN Performance Comparative report provides a detailed comparison of all 9 participating vendors for quality of experience and performance. Fortinet showcased the highest quality of experience for business-critical applications such as VoIP and excellent VPN performance.      

Download the Report
diagram sd wan certification 5

Comparative Report - TCO

NSS Labs SD-WAN TCO Comparative report provides a detailed comparison of all 9 participating vendors for quality of experience and performance. FortiGate SD-WAN has achieved the best price/performance among all 10 vendors with TCO of $5.

Download the Report
diagram sd wan certification 1

Comparative Report - Value Matrix

Fortinet solutions have consistently demonstrated superior performance and feature quality TCO when put to the test. Recent customer traction shows that organizations around the world are increasingly choosing FortiGate SD-WAN to upgrade their WAN infrastructure.  The 2018 NSS Labs SD-WAN test results further prove that Fortinet delivers the highest quality of experience for VoIP,  the best TCO and the right security to go with it, solidifying FortiGate SD-WAN as a compelling balance of quality, security and value. Take a look at the comparative value matrix report and understand how Fortinet emerged as a top choice for Secure SD-WAN. 

Download the Report