2 Matching Annotations
  1. Jun 2021
    1. A seeming security advantage of MPLS is that it provides a secured and managed link between branch offices and the data center through the service provider’s internal backbone. Public internet connections do not natively provide that same level of protection. But this comparison is deceptive. MPLS does not provide any sort of analysis of the data that it delivers. That is still the responsibility of the MPLS client. Even when traversing an MPLS connection, traffic still needs to be inspected for malware or other exploits, which requires deploying a firewall and any additional security functions at one end of the connection or the other at a minimum. To be fair, many SD-WAN solutions, however, have the same issue. Other than some basic security functionality, most SD-WAN solutions still require security to be added as an overlay solution. And for those organizations that try to add security to their complex SD-WAN connections as an afterthought, the challenge is often more than they bargained for. Fortinet’s Secure SD-WAN solution is different because connectivity is deployed as an integrated function within an NGFW appliance, so every connection automatically includes dynamic meshed VPN capabilities to secure data in transit, combined with deep inspection of that traffic using the wide array of security tools – including IPS, firewall, WAF, web filtering, anti-virus, and anti-malware – that are already part of every FortiGate NGFW solution that supports SD-WAN. This includes the high-speed inspection of SSL and IPsec VPN connections – a function especially important today as nearly 70% of all internet traffic today is encrypted, with many countries encrypting as much as 85% of all webpages visited.
    2. n the past, many organizations connected remote branches and retail locations to the central data center through a hub and spoke WAN model that relied on individual MPLS connections. As a result, all data, workflows, and transactions, including access to cloud services or the internet, required traffic to be backhauled to the data center for processing and redistribution. Compared to an SD-WAN solution, this is extremely cost-inefficient. SD-WAN reduces costs by providing optimized, multi-point connectivity using distributed, private data traffic exchange and control points to give your users secure, local access to the services they need – whether from the network or the cloud – while securing direct access to cloud and internet resources.