Professional Documents
Culture Documents
FortiGate Secure SD-WAN Solutiion
FortiGate Secure SD-WAN Solutiion
WAN
Solution
Agenda
• Definition
• Features
• Benefits
• Application Aware SD-WAN
• Dynamic WAN path
• Control Application
• Performance using SLA
• Simplified SLA using Quality
SD-WAN
• SD-WAN is a software-defined approach to managing Wide-Area Networks which improves traffic flow and reduces
pressure on the network.
• SD-WAN with Application Aware Routing can measure and monitor the performance of multiple services in a hybrid
network
• The SD-WAN Edge is a physical or virtual network function that is placed at an organization's branch/regional/central
office site, data center, and in public or private cloud platforms
• Quality of service
• Security
• Application optimization
• Deployment options
• Optimized user experience and efficiency with SaaS and public cloud applications
• The ability to do dynamic path selection, for load sharing and resiliency purposes
• The ability to support VPNs, and third party services such as WAN optimization controllers, firewalls and web
gateways
Application Aware SD-WAN
Application Control
▪ Dynamically updated database
of applications
▪ Deep inspection
Dynamic WAN path controller and measurement
Control Application Performance using SLA
Performance SLA
Application-Level • Latency
Transaction • Packet Loss
• Jitter
• Ping
Multiple Measurement • Http
Techniques • TCP Echo
• UDP Echo
• TWAMP
• Check Interval
Failover Parameters • Failure before inactive
• Success before restore
Simplified SLA using Quality
Configuration
Removing existing configuration references to interfaces
• Before you can configure FortiGate interfaces as SD-WAN members, you must remove or redirect existing
configuration references to those interfaces in routes and security policies
• After remove the routes and security policies, traffic can't reach the WAN ports through the FortiGate
• After configure SD-WAN, we can reconfigure the routes and policies to reference the SD-WAN interface
1. Go to Network > Static Routes and delete any routes that use WAN1 or WAN2.
2. Go to Policy & Objects > IPv4 Policy and delete any policies that use WAN1 or WAN2
Configuration cont.….
Configuring SD-WAN:
Status: Enable
Interface: wan2
Interface: wan1
Configuration cont.….
SD-WAN Rules
Select the Volume
Wan1: 50
Wan2: 50
Source IP: Select this option to balance traffic equally between the SD-WAN members according to a hash
algorithm based on the source IP addresses.
Session: Select this option to balance traffic equally between the SD-WAN members by the session numbers ratio
among its members. Use weight 50 for each of the 2 members.
Source-Destination IP: Select this option to balance traffic equally between the SD-WAN members according to a
hash algorithm based on the source and destination IP addresses.
Volume: Select this option to balance traffic equally between the SD-WAN members according to the bandwidth
ratio among its members.
Configuration cont.….
Static Route
Interface: SD-WAN
Distance: 10
Configuration cont.….
Performance SLA
Name: SLA perform
Protocol: ping
Server: 8.8.8.8 and 4.2.2.2
Participants: wan1 and wan2
SLA Targets: Enable
Configuration cont.….
Creating the Policy for
SDWAN
Questionnaires
Thank You