Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

JoshNiel
New Contributor

Created on ‎09-09-2016 05:07 AM

Multiple FortiGate's Environment?

Our office consists of a main location with a data center that all of our other sites connect to. Each site has an EDN connection so that they have direct access to us and also direct internet access. We currently have a single FortiGate at our main location. This device is at times near capacity and we need to make some upgrades.

A vendor recommended that we get smaller FortiGate devices at each of our other offices. With us moving our devices to the cloud they feel it would give us better performance. As of now, if our main office goes down nobody is getting out to the cloud, as all web filtering is going through the main office.

My question is, would this be a good solution? Or will it cause more problems? Would we be better off just upgrading our current FortiGate? I'm most concerned about the fact that as of now everything relies on our main office staying up and running. Our phone system is moving to the cloud as well. I want to make sure each office can access our resources in the cloud without having to come back to our office.

Labels:
316
0 Kudos
3 REPLIES 3
jpforcioli_FTNT
Staff
Staff

Created on ‎09-09-2016 05:51 AM

Hi,

Sorry asking for this but could you please clarify what is an "EDN connection"?

Would help to better understand how you would secure the "cloud" traffic if you no longer wants it to go through your main location.

Best Regards.

Jean-Pierre FORCIOLI
313
0 Kudos
JoshNiel
New Contributor
In response to jpforcioli_FTNT

Created on ‎09-09-2016 06:02 AM

An EDN connection basically is like a T1 line. It gives us direct access across our internet providers network to each of our site.

In regards to how to secure the cloud traffic, the vendor's idea was that each site would do their own web filtering, intrusion protection, email filtering and malware/virus protection. Then it would pass all internet traffic out through that point to the cloud.

313
0 Kudos
DiegCirc
New Contributor
In response to JoshNiel

Created on ‎09-15-2016 04:55 PM

I would say it is probably a good idea. As you said it will breaking the dependency on the central site, but also the internet access is probably cheaper and will give you better performance than the T1s you currently use.

Depending on the number of satellite sites, you might want to consider FortiManager to simplify management and centralize your logs. We've found that it does simplify operations a lot when managing multiple devices. You make all policy changes in a single place and then get them pushed across all sites.

313
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.