Hello everyone!
As part of our network infrastructure, we currently have a HEADQUARTER "A," which houses a datacenter with servers and services accessed from all our LANs (both in branch offices and headquarters).
We are considering establishing a second HEADQUARTER ("B"), which will contain a mirrored datacenter to that of HQ "A."
Considerations:
Both HQs have Fortigate edge firewalls:
HQ "A": Fortigate 600E
HQ "B": Fortigate 900G
Both HQs and BOs are connected to a common MPLS service and have internet access through one or more ISPs.
There is a dedicated fiber optic connection currently in use between HQ "A" and HQ "B."
The objective is to ensure that, if the datacenter at HQ "A" becomes unavailable due to a technical issue (e.g., failure of HQ "A"'s firewall), the rest of the LANs can continue consuming services through HQ "B" until HQ "A"’s firewall is restored and resumes its primary role.
Therefore, we would like to ask for your guidance on which Fortigate features and functions we can utilize to implement the technical requirements described above.
I am attaching a network diagram for a better understanding of the current infrastructure.
Best regards.
at first glance, i would say VRRP for HQ LANs and BGP between HQ A/B and branches, where HQ A is the main ( also at VRRP level is the MASTER for the LANs at GW ) and HQ B is the backup for traffic from the branches.
Hello @segurinf
I think @funkylicious said "at first glance" because this is purely a matter of network (nothing to do with FortiGate) and it depends on many factors that are specific to your network and requires a deeper study.
So I think the best thing to do here (I guess this is a critical installation) is to leave the network architecture to a network architect so he takes the responsibility to make the optimal design for this case.
User | Count |
---|---|
2534 | |
1351 | |
795 | |
641 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.