The following snippets summarize the SD-WAN & SD-Branch architecture guide for MSSP deployment. To view the complete guide, go to SD-WAN / SD-Branch Architecture for MSSPs.
Secure SD-WAN solution
Secure SD-WAN functionality can be configured on any FortiGate device without requiring a separate license or additional products and components. In other words, any FortiGate device can provide this functionality in a completely autonomous manner, including traffic steering intelligence, monitoring, and of course, security.
A secure SD-WAN solution, on the other hand, transforms a group of autonomous devices providing local Secure SD-WAN functionality into the most critical element of your infrastructure. FortiGate devices can act as intelligent edge devices, providing secure connectivity across all your sites, cloud services, and the internet over the most optimal available path.
Secure SD-Branch
Businesses are increasingly looking to replace their isolated WAN and LAN infrastructures in favor of a consolidated networking solution that delivers deeper integration and simplified operations at branch office locations. An effective SD-Branch managed service should consolidate WAN and LAN capabilities to simplify remote office infrastructure and optimize operations without introducing new risks.
A fundamental starting point for SD-Branch is the delivery of SD-WAN as-a-Service. When selecting the right SD-Branch solution, service providers have multiple options. They need to weigh them carefully—factors such as orchestration, management, TCO, and security impact ARPU potential over time.
The following diagram illustrates a topology utilizing SD-WAN and SD-Branch solutions:
Architecture and design
| Design | Description |
| Basic SD-WAN/ADVPN |
|
| Dual-hub |
|
| Multi-regional |
|
For more information, go to SD-WAN / SD-Branch Architecture for MSSPs.
