SD-WAN is a technology that enables the more effective use of your internet and WAN services. Features such as load-balancing, application steering and awareness – lead to savings, greater visibility and performance. In this article, we look at the critical elements of an SD-WAN solution, and they can benefit a small business or enterprise company.
Before jumping into the details of SD-WAN, we should outline how your business probably operates without SD-WAN. As MTG is a Fortinet partner, we will be focusing on the features of Fortigate firewalls. [ Some of the SD-WAN features and benefits that we describe below will feature in other vendor devices – we’d still recommend Fortinet:) ]
Traditional WAN
Traditionally a business would have a primary internet connection, and possibly a secondary connection for backup or failover (in the event of an outage). For a small business, your internet connection may be a DSL or an FTTP service. For a larger enterprise, you may have a mix of fibre, DSL, MPLS or dedicated internet access services. At the network edge, your firewall or small business router serves will act as the gateway, routing all traffic from your local network to the internet, and vice-versa.
Larger organisations may have several routers/firewalls; each firewall may have a different connection, function, technology and security policy. For example, you may have a DSL connection for guest wireless, a fibre for WAN connections to other offices and an additional fibre for business internet usage.
Despite the sprawl and apparent complexity; the downside with all these solutions is the lack of intelligent design; they are uneconomical, inefficient and have a management overhead. Traffic from your network is typically routed by destination (i.e. To reach our ERP provider, go across the fibre. For voice, use the DSL, etc.).
Where SD-WAN can help
SD-WAN brings a level of intelligence into your network edge. When you replace your firewall or gateway with an SD-WAN capable device (such as a Fortinet Firewall); it enables a whole different approach to WAN connectivity in your business.
- Application Discovery means the firewall quickly identifies applications and internet services. Application identification means you can create policies based on applications rather than just networks. The technology on Fortinet firewalls means it can detect over 5,000 applications.
- Office 365 can be routed over your FTTP while voice/video sent over your fibre.
- You can configure business-critical applications such as ERP/Accounting to have different classes of service.
- Social media and general productivity applications (i.e. Facebook, Dropbox) can be given a lower priority and offloaded onto inexpensive connections.
- Application Awareness enables the use of Automated Path Intelligence. The Fortinet SD-WAN firewall uses application steering to route traffic based on service-levels (SLA) defined by you. Once you have determined the SLA, the firewall will dynamically select the optimum connection and path to route the traffic. For critical applications, you can emphasise the need for stringent SLAs based upon jitter, packet loss and latency.
- Automatic Failover and multi-path technology can automatically failover to the next-best connection in the event another WAN connection suffers an outage, or if the service is degraded. Your DSL ISP may be experiencing congestion or a DDOS attack (rather than a full disruption) – in this instances, the firewall will automatically failover to an alternative connection.
- WAN Path Remediation seems a complex term but is quite straight-forward. The feature uses FEC to overcome adverse WAN conditions such as inadequate or problematic links.
- Tunnel Bandwidth Aggregation is a technology that can perform per-packet load-balancing by combining two overlay tunnels to maximise bandwidth and throughput. If your business has a VPN between two sites, and two connections in each location; the firewall will intelligently load-balance and maximise the use of these connections.
Simplified Management
When compared to its competition, Fortinet SD-WAN has a simplified deployment capability, making it far easier for enterprise and small business owners to deploy SD-WAN technologies. With a single-pane-of-glass management interface and a highly intuitive user interface, the implementation of SD-WAN will be accelerated without the unnecessary complexity you may experience with other solutions. WAN policies, VPNs, application routing and networking – are all managed from a single interface.
SD-WAN and Office 365
As more businesses adopt a hybrid cloud strategy (i.e. They move workloads, e-mail and services to Office 365) – then SD-WAN is an essential partner in that transition. The ability for Fortinet FortiGate Firewalls to identify Office 365 traffic (and specific applications within O365) means that you can enhance the level of service and redundancy for O365 usage. If your entire organisation now relies on Exchange Online, Sharepoint or Teams – being able to ensure optimal function, even in the event of an outage, is imperative.
SD-WAN in your business
SD-WAN is built into the Fortinet Firewalls that we supply as part of our IT Support, Managed IT and Managed Firewall services. Not only will your business benefit from a modern next-generation firewall (enhancing your security) – but SD-WAN will allow you to evaluate and potentially rationalise your internet and WAN services. This evaluation may lead to cost savings and greater efficiencies; replacing expensive connectivity with intelligent devices and more cost-effective services.
If you would like to learn more or explore if SD-WAN can be used within your business, speak to our solutions team. You can e-mail sales@mtg.im, call +44 1624 777837 or submit the ‘Request a Quote’ form on our website.
Further Reading
- Best small business firewall/router
- Small business firewall guide
- How to deploy an internal segmentation firewall
- Managed Firewall Services
- Fortinet SD-WAN E-Book (PDF)
- Update Branch Infrastructure with Fortinet Secure SD-WAN