SD-WAN

SD-WAN:應用程式感知、帶整合 NGFW 安全防護的多路徑 WAN 控制器

網路領導者保護 SD WAN 指南
適用於:
  • 設備
  • 虛擬機
web product icon sd wan

FortiGate 安全 SD-WAN 軟體定義廣域網路 解決方案

分散式企業分支機構型轉變成數位商業模式對 WAN 網路產生重大影響。雲端服務的使用和越來越多的行動工作者正加速 WAN 技術的進步。許多企業使用直接網際網路存取,部署新一代安全策略以及啟用多路徑 WAN 網路來提高應用程式效能變得格外重要。

Fortinet 是業界唯一一個提供原生 SD-WAN 解決方案以及整合式先進威脅防護的新一代防火牆 (NGFW) 服務供應商。 FortiGate 安全 SD-WAN 解決方案具備應用程式感知能力、提供自動 WAN 路徑控管,並支援多寬頻連線。它取代傳統的分散 WAN 路由器、 WAN 優化和安全裝置,並且具備業界最佳的 VPN 效能,可將安全性擴展到多個分支機構。

   

SD-WAN 影片介紹

FortiGate FortiOS 6.0 SD-WAN Demo

Learn more on how the FortiOS 6.0 can provide SD-WAN capabilities on a FortiGate for greater application visibility and application steering to prioritize business application performance.

立即觀看
Transform Your Enterprise Branch with Fortinet Secure SD-WAN
Roll out SD-WAN with Fortinet's Zero Touch Deployment

FortiGate 安全 SD-WAN 解決方案產品介紹:

FortiGate SD-WAN 在分支機構進行轉型時,在安全無虞的情況下,提高生產力和應用程式效能。 在應用程式轉向功能的幫助下,確保關鍵業務應用程式得到優先處理。透過收集 WAN 修補資訊, FortiGate SD-WAN 將自動進行故障轉移到最佳可用的 WAN 連結。集中式控管的單一虛擬平台簡化了管理和監控功能,使企業分支機構快速佈局、輕鬆擴展。 FortiGate SD-WAN 已被全球金融、零售、製造和客服等行業所採用。

特色

intelligent icon

能夠識別與支援多達 3,000 種以上的應用程式,並為子應用程式提供精密的可視性。

monitoring icon

具備路徑感知智能以監控應用層級的交易,並自動將故障轉移到最佳可用的路徑。

platform support icon

單一虛擬平台管理簡化了 SD-WAN 解決方案的部署、管理和監控功能。

優勢

icon benefits tools
單一平台上的最佳組合 SD-WAN 解決方案和新一代防火牆 (NGFW) 功能,降低部署的複雜性和總擁有成本。
high performance icon
優先處理關鍵業務應用程式,讓分支機構直接存取網際網路,進而改善雲端應用程式效能。
reduce cash icon
透過轉移多協議標籤交換 (MPLS) 技術,並利用多連線寬頻服務如乙太網路 (Ethernet)、數位用戶迴路 (DSL) 和長程演進計畫 (LTE) 技術來降低營運成本。

Fortinet SD-WAN Solutions

  • World's only ASIC Accelerated SD-WAN
  • 5,000+ application identification with SSL Inspection
  • Self-Healing capabilities for better user experience
  • Cloud-On-Ramp for efficient SaaS adoption
  • Simplified Operations with SD-WAN Orchestrator

Next-Generation Firewall (NGFW) Security

The FortiGate NGFW delivers integrated SD-WAN networking and security capabilities in a single device.

Enhance Multi-Cloud Application Performance

Application identification, multi-path control, and application steering ensure that organizations can access all critical applications in the cloud.

Orchestration and Analytics

Fortinet’s SD-WAN Orchestrator simplifies WAN operations with zero touch provisioning, intuitive work-flow and granular application analytics across the network.

Low TCO

FortiGate Secure SD-WAN is less expensive and delivers both networking and security in the same solution for as much as 50% better TCO versus architectures with separate security and networking devices.

Gartner 2020 Magic Quadrant for WAN Edge Infrastructure

Fortinet named a Leader in the 2020 Gartner Magic Quadrant for WAN Edge Infrastructure with highest in ability to execute and completeness of vision. See the full report to learn more about how other vendors compare to Fortinet.

Read the report

FortiGate Secure SD-WAN Models and Specifications

FortiGate SD-WAN is available in diverse form factors with many different models to choose from to meet your needs ranging from hardware, VM appliances to six different cloud marketplaces for WAN Edge transformation. FortiManager, that can be used to monitor and manage the FortiGate appliances is also available in different form factors including hardware, virtual and SaaS.

Compare Products

Hardware appliances

NGFW Throughput
200 Mbps
Threat Protection Throughput
150 Mbps
VPN Throughput
35 Mbps
Max G/W to G/W IPSEC
200
港口
5x GE RJ45
NGFW Throughput
800 Mbps
Threat Protection Throughput
600 Mbps
VPN Throughput
4.4 Gbps
Max G/W to G/W IPSEC
200
港口
5x GE RJ45
NGFW Throughput
220 Mbps
Threat Protection Throughput
160 Mbps
VPN Throughput
100 Mbps
Max G/W to G/W IPSEC
200
港口
7x GE RJ45
NGFW Throughput
1 Gbps
Threat Protection Throughput
700 Mbps
VPN Throughput
6.5 Gbps
Max G/W to G/W IPSEC
200
港口
8x GE RJ45
NGFW Throughput
250 Mbps
Threat Protection Throughput
200 Mbps
VPN Throughput
2 Gbps
Max G/W to G/W IPSEC Tunnels
200
港口
10x GE RJ45
NGFW Throughput
1 Gbps
Threat Protection Throughput
900 Mbps
VPN Throughput
6.5 Gbps
Max G/W to G/W IPSEC
200
港口
8x GE RJ45, 2x shared SFP | ByPass interface Variants
NGFW Throughput
360 Mbps
Threat Protection Throughput
250 Mbps
VPN Throughput
2.5 Gbps
Max G/W to G/W IPSEC Tunnels
200
港口
14x GE RJ45, 2x Shared Port Pairs
NGFW Throughput
360 Mbps
Threat Protection Throughput
250 Mbps
VPN Throughput
4 Gbps
Max G/W to G/W IPSEC Tunnels
2,000
港口
Multiple GE RJ45, GE SFP Slots | PoE/+ Variants
NGFW Throughput
1.6 Gbps
Threat Protection Throughput
1 Gbps
VPN Throughput
11.5 Gbps
Max G/W to G/W IPSEC Tunnels
2500
港口
26 1GE, 4 1GE Shared Media, 2 10GE
NGFW Throughput
1.8 Gbps
Threat Protection Throughput
1.2 Gbps
VPN Throughput
9 Gbps
Max G/W to G/W IPSEC Tunnels
2000
港口
18x GE RJ45, 4x GE SFP
NGFW Throughput
3.5 Gbps
Threat Protection Throughput
3 Gbps
VPN Throughput
20 Gbps
Max G/W to G/W IPSEC Tunnels
2000
港口
16x GE RJ45, 16x GE SFP
NGFW Throughput
6Gbps
Threat Protection Throughput
5 Gbps
VPN Throughput
20Gbps
Max G/W to G/W IPSEC Tunnels
2000
港口
16x GE RJ45, 16x GE SFP
NGFW Throughput
5 Gbps
Threat Protection Throughput
4.7 Gbps
VPN Throughput
20 Gbps
Max G/W to G/W IPSEC Tunnels
2000
港口
2x 10 GE SFP+, 10x GE RJ45, 8x GE SFP

Virtual machines

NGFW Throughput
850 Mbps
Threat Protection Throughput
700 Mbps
VPN Throughput
1 Gbps
Max G/W to G/W IPSEC Tunnels
2000
Ports
Up to 10
NGFW Throughput
1.5 Gbps
Threat Protection Throughput
1.2 Gbps
VPN Throughput
1.5 Gbps
Max G/W to G/W IPSEC Tunnels
2000
港口
Up to 10
NGFW Throughput
2.5 Gbps
Threat Protection Throughput
2 Gbps
VPN Throughput
3 Gbps
Max G/W to G/W IPSEC Tunnels
2000
港口
Up to 10
NGFW Throughput
4.5 Gbps
Threat Protection Throughput
3.5 Gbps
VPN Throughput
5.5 Gbps
Max G/W to G/W IPSEC Tunnels
40,000
港口
Up to 10
NGFW Throughput
9 Gbps
Threat Protection Throughput
7 Gbps
VPN Throughput
6.5 Gbps
Max G/W to G/W IPSEC Tunnels
40,000
港口
Up to 10

Public Cloud

Amazon Web Services (AWS) and Microsoft Azure supported for both BYOL (bring your own license) and On-demand (pay-as-you go). Please see the AWS and Azure Marketplace listings for more information:

 

Hardware appliances

Devices/VDOMs (maximum)
1,200
GB/Day of Logs
2
Storage Capacity
36 TB
Devices/VDOMs (maximum)
8,000
GB/Day of Logs
10
Storage Capacity
48 TB
Devices/VDOMs (maximum)
100,000
GB/Day of Logs
10
Storage Capacity
240 TB

Virtual machines

Devices/VDOMs (Maximum)
+1,000
GB/Day of Logs
10
Devices/VDOMs (Maximum)
+5,000
GB/Day of Logs
25
Devices/VDOMs (Maximum)
+10,000
GB/Day of Logs
50
Actual performance may vary depending on the network and system configuration. Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled. 1. IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix. 2. Application Control performance is measured with 64 Kbytes HTTP traffic. 3. NGFW performance is measured with IPS and Application Control enabled, based on Enterprise Traffic Mix. 4. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix.

 

Public Cloud

Amazon Web Services (AWS) and Microsoft Azure supported for both BYOL (bring your own license) and On-demand (pay-as-you go). Please see the AWS and Azure Marketplace listings for more information:

Features

intelligent icon

SD-WAN ASIC delivers fastest application identification and steering from a broad range of 5,000+ applications to enable digital transformation at the WAN Edge 

monitoring icon

Path awareness intelligence and link remediation delivers best application performance by automated fail-over and fail-back mechanism 

platform support icon

Single pane of glass management with zero-touch deployment for the entire WAN edge simplifies deployment of SD-WAN and security

Benefits

icon benefits tools
Reduced complexity and high total cost of ownership by using best of breed SD-WAN and NGFW functionality on a single appliance
high performance icon
Improve cloud application performance by prioritizing business critical applications and enabling branches to directly communicate to the internet
reduce cash icon
Reduce operating expenses by migrating from MPLS and utilizing multi-broadband such as Ethernet, DSL, and LTE

Secure SD-WAN 投資報酬率 (ROI) 計算機

Fortinet安全SD-WAN能够提供更好的使用體驗,不只簡化廣域網路連結操作,更能將線路資源池化,使昂貴的MPLS不再是唯一選擇,大幅降低企業成本,並且整合下一代防火牆功能,使線路同時受到安全防護!

歡迎利用下面的小工具輸入數據,了解使用Fortinet安全SD-WAN可以為您節省多少!

 


據點數量
請輸入辦公室據點數量.
Hub 數量
請輸入資料中心的數量.
每個據點的每月 MPLS 成本
請輸入每個分支單位 MPLS WAN 連結平均每月成本 (以美金計算).
每個據點的 MPLS 頻寬要求
請輸入每個分支單位 MPLS WAN 連結的平均頻寬容量(以 Mbps 為單位).
MPLS 减少百分比
請輸入將被網路連接替換的 MPLS 連結百分比.
每個據點的每月網路成本
請輸入每個分支和中心每月平均網路成本 (以美金計算).
每個據點 WAN 頻寬提昇
請輸入網路分支和集線器提供的平均頻寬容量.
年數
請輸入計算投資回報率的年數.
安全 SD-WAN
請選擇是否需要 NGFW 安全防火牆.
超過 的成本可在 年內省下 !
節省目前 WAN MPLS 成本
降低 SD-WAN 成本(資本 + 營運支出)
新增每個網站的 WAN 頻寬
安全指數提昇
此計算僅用於估算目的,不計入傳統路由器的維護成本.

安排專屬 Demo

FortiGuard Services for FortiGate SD-WAN

FortiGate SD-WAN employs multiple FortiGuard services.  Application control provides visibility into thousands of  applications, as well as granular sub-applications.  Other security services such as web filtering, sandboxing, antivirus and intrusion prevention protect the branches from the latest advanced threats.

View FortiGuard Labs Services and Bundles.

 

FG Application Control

應用程式控制

可對您的客戶正在執行的應用程式獲得無可比擬的即時可視性,並輕鬆實施您可接受的使用原則,進而提高安全性並滿足合規要求。透過 FortiGuard 應用程式控制,您可以快速建立原則來允許、拒絕或限制對應用程式或整個類別的應用程式的存取。

FG Web Filtering

網頁篩選

透過對惡意、被入侵或不當網站的存取封鎖來保護您的組織。

icon sandbox cloud

FortiSandbox 雲端

FortiSandbox 雲端服務是一個進階威脅偵測解決方案,可執行動態分析以識別先前未知的惡意軟體。FortiSandbox 雲端產生的可執行情報會反饋到網路中的預防控制機制,進而消除威脅。

FG Antivirus

防毒

FortiGuard 防毒可阻斷最新病毒、間諜軟體以及其他內容層面的威脅。它採用行業領先的進階偵測引擎來阻止不斷變化的新威脅在您的網路中獲得據點、存取網路中寶貴的內容。

FG Intrusion Prevention

入侵防護

FortiGuard IPS 透過偵測威脅並在威脅侵入到網路裝置前進行封鎖,以此抵禦最新的網路入侵。

Product Category Thumb SS virus outbreak

Virus Outbreak Protection Service

FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.

 

 

FortiGuard Services Bundles

FortiGate Enterprise Bundle

Our Enterprise (ENT) bundle now includes:

  • CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
  • Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
  • Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers. 

The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • CASB
  • Security Rating 
  • Industrial Security Service
  • FortiCare
FortiGate UTM Bundle

The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare

The FortiGuard Advantage: 

  • FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization. 
  • Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
  • Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
FortiGate Advanced Threat Protection Bundle

The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare 24*7
Services Table
Service Advanced Threat Protection
(ATP)
 
Unified Protection
(UTM)
 
Enterprise Protection
(ENT)
 
A La Carte Protection


Threat Intelligence Service
     
Industrial Security Service
   

Security Rating
   

CASB
   

Web Filtering
 

Antivirus + Sandboxing




IPS




Antispam
 

 
Internet DB



 
IP Reputation


 
Application Control



 

認證

Fortinet 安全 SD-WAN 解決方案在最具挑戰性的企業 SD-WAN 部署測試中表現優異,在 NSS 實驗室的 SD-WAN 組別測試報告中,連續獲得第二次「推薦」評級。同時,每Mbps 的總擁有成本 (TCO) 也是其他八家供應商中最低的。

核心亮點 :

  1. 最低的總擁有成本 (TCO) : Fortinet 安全SD-WAN 解決方案以每 Mbps (VPN 流通量) 3.5 美元 / 845 Mbps 最低的總擁有成本,為用戶節省可觀的營運成本。六分鐘內即可完成新分支機構的零接觸部署。
  2. 最佳使用者體驗和最高可用性:在 WAN 連線故障這種極端情況下,Fortinet 安全 SD-WAN 解決方案在最佳使用者體驗的語音和影片應用分別獲得了 4.41 分和 4.53 分的高分。  
  3. 內建業界驗證度最高的新一代防火牆 (NGFW) : Fortinet 安全 SD-WAN 解決方案內建的 NGFW 已連獲五次 NSS 實驗室的 NGFW 「推薦」評級。在最新的 NSS 實驗室 NGFW 組別測試中, FortiGate 的整體安全有效性獲得 99.3% 評分,並更實現 100% 的逃逸阻斷。 

 

SD-WAN 價值映射圖

在擁擠不堪的 SD-WAN 市場中,企業越來越難找到正確的解決方案。 NSS 實驗室在實際情況下提供了全面性、公正無私的測試,確認 SD-WAN 的關鍵要求和各種解決方案的有效性。 NSS 實驗室評估的 SD-WAN 功能包括零接觸部署、 WAN 效能、應用程式感知的流量轉向功能、具有服務水準協議(SLA)測量的動態路徑選擇和 WAN 損壞時仍具有高可用性。在 WAN 損壞的極端情況下, Fortinet 提供最佳使用者體驗和高可用性。

立即下載

sd-wan nss lab fortigate 61e

Fortinet FortiGate 61E 測試報告

查看 Fortinet 如何在 NSS 實驗室 SD-WAN 組別測試中再度得到優異成績。 Fortinet 展示了許多優勢,包括最低總擁有成本、原生的 NGFW 安全性和統一的傳播體驗品質。

下載報告

NSS 實驗室 SD-WAN 價值映射圖和報告

diagram sd wan certification 4

效能表現比較報告

NSS 實驗室的 SD-WAN 效能比較報告提供了所有 9 家參與供應商的詳細體驗和性能比較結果。 Fortinet 為關鍵業務應用程式提供卓越的體驗品質,如高品質的 VoIP 體驗以及出色的 VPN 性能。

下載報告
diagram sd wan certification 5

最低總擁有成本比較報告

NSS 實驗室的 SD-WAN 最低總擁有成本比較報告提供了所有 9 家參與供應商的詳細體驗和性能比較結果。 FortiGate 安全 SD-WAN 解決方案在所有 10 家供應商中均獲得了最佳性價比 (TCO 為 5 美元) 。

下載報告
diagram sd wan certification 1

價值矩陣比較報告

經測試, Fortinet 解決方案始終呈現卓越的效能和最低的總擁有成本。最近抓客力顯示,世界各地越來越多企業選擇FortiGate 安全 SD-WAN 解決方案來升級其 WAN 基礎架構。2018 年 NSS 實驗室的 SD-WAN 測試結果進一步證明, Fortinet 高質量的 VoIP 體驗,最低的 TCO 和正確的安全性,使得 FortiGate 安全 SD-WAN 解決方案在品質、安全性和價值之間取得平衡。查看價值矩陣比較報告,了解 Fortinet 如何成為安全 SD-WAN 解決方案的首選。

下載報告