Digital innovation initiatives continue to help organizations improve productivity and customer service, but new technology can also introduce new cyber threats for bad actors to exploit by expanding the potential attack surface. And aging branch VPN infrastructures built around WAN edge routers only compound this problem, leaving companies exposed at the edge.
One Fortune 500 organization recently came to Fortinet with exactly that issue. They needed a VPN infrastructure that could scale across their datacenter and multicloud – something they could not achieve using their legacy networks. They were looking for a robust security solution that could support the evolving needs of their branch locations.
Seeking a new, Integrated Secure SD-WAN Solution
After experiencing numerous failures of the legacy routers and basic network firewalls they had deployed at their remote locations due to age, and realizing their contract on their current solution would expire in less than a year, this large distributed enterprise in the United States began seeking a replacement.
With its advanced networking capabilities that include dynamic routing such as BGP, Fortinet Secure SD-WAN — which integrates Next-Generation Firewall (NGFW) and Secure SD-WAN in a single offering — quickly became the front runner. This solution was able to provide advanced security to protect vulnerable branch locations with direct internet access, while also delivering all the benefits of an SD-WAN solution, including improved performance of business-critical applications, better user experience, and better protection at the WAN Edge.
These advantages impressed this company enough to begin an initial pilot at six locations, during which Fortinet was able to highlight its Zero-Touch Provisioning capabilities for simple and fast deployment and management. For a company like this, this was a huge advantage as they manage their environment internally and are always looking to reallocate their security team’s time and attention to other critical security tasks.
This initial pilot also demonstrated Fortinet’s simple deployment and robust combination of networking and security features, prompting this company to extend the pilot to over 150 more locations, all which proved successful. During this time, Fortinet was further set apart from the competition because they were able to provide an enterprise agreement that added additional value and resources to support the organization’s various needs. These included augmenting MPLS with broadband + LTE and the ability to replace MPLS in future, reducing CAPEX through product consolidation, and reducing OPEX with its centralized management.
LAN requirements were another need. Their SD-Branch requirements included the need for access points, switches, and 3G/4G connectivity. They also needed advanced support for cloud and other business critical enterprise applications combined with an effective cloud on-ramp strategy.
Choosing Fortinet Secure SD-WAN to Future-Proof Branch Offices
The company’s existing security solution required centralized inspection and filtering, which meant backhauling all traffic to datacenters to ensure security. What they needed was advanced NGFW capabilities at the branch office/WAN edge to make local breakouts for multi-cloud access possible. At the same time, they wanted to avoid all the bandwidth demands required to send traffic to the data center for inspection. After demonstrating the ability to meet, and even exceed, all of the organization’s security and networking requirements, Fortinet was determined to be the right fit.
While Fortinet was not the least expensive solution presented to this price-sensitive organization, they found that Fortinet provided the most value to their company long-term. Fortinet’s integrated platform approach, including Secure SD-WAN, provided their organization with the following benefits:
- Reduced Complexity: In their proof of concept trial, the primary competitive solution under consideration was missing advanced routing features and VPN capabilities. A lack of advanced routing BGP capabilities for faster convergence and route-based path selection, and not being able to build overlay VPN tunnels to same destination address were show stoppers. With Fortinet’s fully integrated Next-Generation Firewall and Secure SD-WAN solution, however, the company was able to reduce the number of devices needed at each location.
- Simple Deployment: With a large installed base of 10,000 branch offices, speed was a priority when it came to deployment and configuration. Fortinet’s Zero-Touch Provisioning reduced deployement time to minutes, saving IT staff resources and eliminating the need deploying additional IT personnel to each site. Additionally, centralized management using FortiManager for network and security needs and analytics provided by FortiAnalyzer enabled easy integration with their NOC and SOC teams for easy problem resolution and troubleshooting.
- Reduced Bandwidth Requirements: This company was able to establish split tunneling for their traffic at the branch level, enabling web traffic filtering locally while allowing access to corporate applications through VPN to reduce bandwidth requirements.
In addition to the above benefits, the company also valued the opportunity to take full advantage of the ability to extend Secure SD-WAN capabilities into the branch LAN by adding secure switches, wireless APs, and LTE support via Fortinet Secure SD-Branch, effectively future-proofing their solution while continuing to consolidate devices and reduce management overhead.
Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.