Cost reduction and improving application performance were top priorities for the financial institution when it came time to execute their branch modernization project. They chose Fortinet’s SD-Branch solution because they were able to consolidate their branch services into the same platform that would be running their SD-WAN, giving them better visibility, control, and security at their branch offices.
A large financial institution with hundreds of branches and operating across multiple banking and investment segments was looking to implement what they envisioned as the next-generation branch. This project aimed to reduce costs by migrating their existing MPLS infrastructure to low-cost, high-bandwidth ADSL links, all while improving performance and network security.
To achieve this, the bank was looking for a cybersecurity solution that would provide them with:
- Increased performance of SaaS applications with high ADSL bandwidth
- Improved visibility of corporate and guest internet traffic
- Reporting capabilities and compliance with national and international laws and regulations
- Integration with existing and complex routing infrastructure using open routing protocols
- Ease and flexibility of management and implementation
- Integrated access technology, thereby increasing branching capabilities for wireless speeds of 1 Gbps and Wave 2
- Physical asset security with an integrated camera system for facial recognition
In addition to all this, they needed advanced security to offer this new service to their customers, as well as for internet access across all branches. This required the deployment of high-performance IPSec VPN, combined with Security-Driven Networking that supported NGFW, SD-WAN, and SD-Branch (AP/Switch). This security-driven, fabric-based strategy needed to cover their entire expanded infrastructure, from wired and wireless endpoint connections to full WAN protection.
Flexible Architecture and Increased Network Security
The bank had been looking to improve their network stability, solution management, and network security for some time – a demand that its legacy equipment could no longer meet. After much analysis, the bank, opened their doors to an IT solutions company and Fortinet partner – recognizing the company would be able to meet their current prerequisites as well as future bank implementations.
The next major step was to deploy Secure SD-WAN technology to manage the volume of application traffic in remote offices, reduce costly rack space, provide greater security, and implement centralized management across a flexible architecture. Adding FortiAPs (access points) and FortiSwitches (AP/Switch) enabled the bank to deploy Fortinet’s Secure SD-Branch solution, extending the Fortinet Security Fabric and the benefits of SD-WAN beyond network access by converging WAN, Branch LAN, and security functionality into a single, integrated platform managed by the Fabric Management Center. This convergence increased security and visibility while reducing complexity, thereby improving performance and agility and lowering overall IT costs at the edges of the network.
The bank chose Fortinet because of its broad range of technical differentiators, including their integrated Secure SD-WAN and SD-Branch architectures that proved to be much more advanced than the market standard, as well as the flexibility needed to address the bank’s demands in a personalized way. Other elements like FortiGate, with its superior IPS engine, performance and intelligence, combined with the Fabric Management Center, contributed to this decision due to their ability to delivering significant operational improvements.
The bank deployed Fortinet solutions into the data centers connected to its remote branches and subsequently installed Fortinet solutions in dozens of its branches. This deployment strategy has ensured that communications between the branches as the data center are encrypted, while providing branches with secure direct Internet access combined with browsing and logging to ensure efficiency and control, something that had been previously lacking.
Benefits of Secure SD-WAN and SD-Branch
The implementation of Fortinet Secure SD-WAN and SD-Branch has paved the way for new opportunities for the bank and its branches. As a result of implementing these solutions, the bank enjoys greater visibility and flexibility across data centers and branch offices, while high-performance SSL inspection features have improved security.
In addition, users have pointed to an increase in connection quality once the bank switched technologies. In the past, they had cases where the connectivity was degraded, creating problems such as an increase in response time – an issue that both operators and users continually tried to fix to no avail. SD-Branch now allows for placing switches in the circuit, so even if a connection becomes degraded, QoS functions are able to maintain a high-quality, secure service.
And due to the increasing number of sophisticated threats and malware they have been facing, the advanced security functionality built into SD-WAN implementation project has become an essential component of the bank’s network transformation project. To avoid costly deployment and management overhead, Fortinet Secure SD-WAN and SD-Branch solutions provide complete and natively integrated security to detect and prevent threats, including native NGFW functionality, a flexible and expandable VPN, and high-performance SSL inspection.
The results have been so positive for the bank that they are already thinking about developing their next round of critical developments with Fortinet as their strategic cybersecurity partner.
- Enabled high visibility of guest and employee traffic, with additional benefits such as facial recognition features and wireless integration with analytical tools.
- Reduced costs with ADSL-enabled Internet, as opposed to more expensive MPLS connections.
- Single-pane-of-glass management provided a quick response for both security and network management.
- Enabled compliance with all required laws and regulations, including the General Data Protection Regulation (GDPR), the Civil Rights Framework for the Internet, the Central Bank’s latest regulations, and more.
- Advanced end-to-end security.
Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.
Read more about how FortiGate Secure SD-WAN helped Fortinet optimize network performance in this case study.
Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.