Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ULL1903
New Contributor

SECURITY

Hello community, I am thinking about implementing a FortiGate device in my network. However, due to the topology of the network, I have questioned whether or not to replace my Core Router directly with a FortiGate. What has been your experience? Regards.

12 REPLIES 12
xeniacanary
New Contributor

Replacing your core router with a FortiGate device depends on your network needs. While FortiGate offers robust security features like firewall protection, VPN, and intrusion prevention, core routers handle routing protocols and large-scale traffic. I recommend using FortiGate as a security appliance alongside your core router rather than replacing it entirely, as core routers are optimized for routing functions that FortiGate may not fully support. This approach ensures both strong security and efficient network routing.

dingjerry_FTNT

Hi @ULL1903 ,

 

Without a network topology diagram, it's really hard to provide you with any recommendations.

 

However, you may use the Core Router as the Gateway for the FortiGate device.

Regards,

Jerry
ULL1903

Hi dingjerry_FTNT This is a simplified example of how the topology is. Based on the primary need to shield the network from external threats, I was thinking about the implementation between the CCR and Core teams.
 
Your paragraph text.jpg
Toshi_Esumi

The simplest is to just replace the core router with the FGT because the diagram doesn't suggest it's handling multiple routing protocols currently.

Toshi

Rajneesh
Staff
Staff

Hello @ULL1903 

Following points need to checked:

1. Make sure the device supports the protocols which are running on your existing device.

2. Firewall policies needs to be correctly applied, else it will break the communicationn.

3. Device hardware capability.

4. Network topology as mentioned by the other members, it plays the important role

Yurisk
SuperUser
SuperUser

What is the current vendor and model of your Core router ?

Yuri Slobodyanyuk
Yuri Slobodyanyuk
ULL1903
New Contributor

MK CCR2116-12G-4S+

Cajuntank
Contributor II

As others have asked, your topology and requirements would allow for a more complete answer, but for sake of just adding some further insight, using myself as an example, I use a FortiGate solution as my core router at my data center for specific subnets I want to perform security inspection on. So while my Aruba CX equipment does L3 routing for some network subnets from my WAN sites, my FortiGate does L3 routing and security inspection for those subnets at my datacenter I want that added level of protection on.

ULL1903

Hi Cajuntank, This is a simplified example of how the topology is. Based on the primary need to shield the network from external threats, I was thinking about the implementation between the CCR and Core teams. Your paragraph text.png
 
 
 
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors