FortiSASE is a cloud-delivered SASE solution by Fortinet, converging networking and security for hybrid work environments. It integrates SD-WAN, ZTNA, and secure LAN edge capabilities, ensuring seamless protection and connectivity.
What is FortiSASE?
FortiSASE is Fortinet’s Secure Access Service Edge (SASE) solution, delivering converged networking and security for hybrid work environments. It combines SD-WAN, Zero Trust Network Access (ZTNA), and secure LAN edge capabilities into a single, cloud-delivered service. FortiSASE enables secure, high-performance connectivity for remote users and branch offices, ensuring seamless access to applications and resources. It integrates with FortiGate and other Fortinet products, providing advanced threat protection, encryption, and simplified management for organizations transitioning to SASE architectures.
Key Features of FortiSASE
FortiSASE offers converged networking and security, combining SD-WAN, Zero Trust Network Access (ZTNA), and secure LAN edge capabilities. It provides advanced threat protection, encryption, and access control, ensuring secure connectivity for remote users and branch offices. The solution integrates seamlessly with FortiGate, FortiSwitch, and FortiAP, delivering high-performance and simplified management. FortiSASE also includes AI-powered security services, cloud-based firewalling, and secure web proxy functionalities, making it a comprehensive solution for hybrid work environments and SASE architectures.
FortiSASE Ordering Guide Overview
FortiSASE offers streamlined ordering with predefined packages, including hardware and subscription bundles. Options like FortiRack and FGAAS cater to varying organizational needs, ensuring flexibility and scalability.
Product Offerings
FortiSASE provides flexible product offerings tailored to diverse organizational needs. The FortiRack On-Prem packages (Small and Large) and FGAAS solutions (Small and Large) cater to varying user counts and deployment scales. FortiRack includes FortiGate and FortiSwitch devices, while FGAAS focuses on cloud-based security. Each package supports up to 10,000 or 40,000 users, ensuring scalability. These solutions integrate seamlessly with Fortinet’s ecosystem, delivering robust security and networking capabilities for hybrid environments. Choose the package that aligns with your infrastructure and user requirements for optimal performance.
FORTIRACK ON-PREM ⸺ SMALL PACKAGE
The FortiRack On-Prem Small Package is designed for organizations requiring a compact yet powerful on-premises solution. Supporting up to 10,000 users, it includes essential FortiGate and FortiSwitch devices. This package is ideal for smaller deployments or branch offices, offering robust security features like AV, IPS, and web filtering. It integrates seamlessly with Fortinet’s SASE services, providing a secure and efficient network environment. The Small Package ensures scalability and flexibility, making it a versatile choice for growing businesses.
FORTIRACK ON-PREM ─ LARGE PACKAGE
The FortiRack On-Prem Large Package is tailored for enterprises with extensive network demands. Suitable for up to 40,000 users, it includes a robust combination of FortiGate and FortiSwitch devices. This package is designed for large-scale deployments, offering advanced security features such as AV, IPS, and DNS filtering. It is optimized for high-performance environments, ensuring reliable connectivity and comprehensive protection. The Large Package supports complex network architectures, making it ideal for organizations requiring scalable and secure on-premises solutions.
FGAAS ⸺ SMALL
FGAAS ─ SMALL is designed for organizations with up to 10,000 users, offering a scalable and flexible cloud-native solution. It provides essential security features like threat protection, secure access, and encryption. Ideal for small to medium-sized businesses, this package ensures robust performance and reliability. With its cloud-based architecture, FGAAS ⸺ SMALL supports hybrid work environments and integrates seamlessly with Fortinet’s ecosystem, delivering comprehensive security without compromising on ease of use or scalability.
FGAAS ⸺ LARGE
FGAAS ⸺ LARGE is tailored for enterprises with up to 40,000 users, delivering advanced security and scalability. It includes comprehensive features like ZTNA, SD-WAN integration, and robust threat protection. This package is ideal for large organizations requiring high performance and extensive security capabilities. With its cloud-native architecture, FGAAS ⸺ LARGE ensures seamless support for hybrid work environments and integrates effortlessly with Fortinet’s ecosystem, providing a secure and reliable solution for large-scale deployments.
Ordering Process
The ordering process involves selecting the appropriate hardware and subscription bundle, then contacting FortiCare Support to finalize the purchase and ensure proper deployment.
How to Order FortiSASE
To order FortiSASE, select the appropriate hardware (e.g., FortiGate or FortiExtender) and subscription bundle. Contact FortiCare Support to finalize the purchase and ensure proper licensing. Customers must register their devices and user licenses through the FortiSASE portal. For detailed guidance, refer to the FortiSASE Ordering Guide, which outlines supported models, user limits, and bundle options. Note that certain devices, like FEX-200F, do not support FortiSASE bundles, so alternatives like FortiGate 595 should be considered.
Subscription Bundles
FortiSASE offers flexible subscription bundles tailored to organizational needs. These bundles include FortiGate devices, cloud-delivered security services, and user-based licenses. The Standard bundle provides essential SASE features like SD-WAN and ZTNA, while the Advanced bundle adds enhanced threat protection and data loss prevention. Subscription tiers are based on user count, with options for 10,000 or 40,000 users. Sovereign solutions are also available for regions requiring strict data residency. Bundles are scalable, ensuring organizations can adapt as their needs evolve, with support for hybrid and cloud-based deployments.
Licensing Details
FortiSASE licensing is based on user count, with options for 10,000 or 40,000 users. Licenses are required for FortiGate devices and FortiClient endpoints. Users can manage up to three devices, combining agent-based and proxy-based access. Sovereign licenses are available for regions with strict data residency requirements. Contact FortiCare Support for license conversions or upgrades. Detailed licensing options, including device-based (EMS05-434) and user-based (EMS05-553) licenses, are outlined in the FortiSASE Ordering Guide, ensuring compliance with organizational needs and regulatory standards.
FortiSASE Key Components
FortiSASE includes FortiGate for SD-WAN, ZTNA for secure access, and Secure LAN Edge for network protection, providing comprehensive security and connectivity across hybrid environments.
FortiGate and its Use Cases
FortiGate is a core component of FortiSASE, enabling secure SD-WAN and ZTNA capabilities. It supports hybrid work environments by providing seamless connectivity and advanced threat protection. Use cases include securing branch offices, ensuring remote access, and integrating with cloud-based solutions. FortiGate’s flexibility allows it to operate in various deployment scenarios, from on-premises to cloud environments, ensuring consistent security policies across all locations.
Its AI-powered security services and scalable architecture make it ideal for organizations seeking to enhance their network security and performance. FortiGate models like the 91G and 901G are popular choices for their robust capabilities in handling high-speed traffic and advanced threats.
ZTNA (Zero Trust Network Access)
ZTNA is a foundational security capability within FortiSASE, enabling secure, identity-based access to resources. It ensures that only authorized users and devices can connect to sensitive applications, regardless of their location. FortiSASE integrates ZTNA seamlessly with SD-WAN and other security services, providing end-to-end encryption and granular access control. This approach minimizes the attack surface and strengthens compliance with industry standards. By leveraging FortiGate and FortiClient, organizations can implement ZTNA policies effortlessly, ensuring robust protection for hybrid work environments.
Secure LAN Edge
Secure LAN Edge within FortiSASE ensures robust security and connectivity for local area networks. It integrates FortiGate, FortiSwitch, and FortiAP to deliver unified management and consistent security policies. This solution enhances visibility and control, enabling organizations to secure wired and wireless access points seamlessly. With AI-powered threat detection from FortiGuard, it protects against malicious activities and ensures compliance with industry standards. Secure LAN Edge is essential for organizations aiming to maintain a resilient and adaptive network infrastructure in hybrid work environments.
Technical Specifications
FortiSASE supports hardware requirements for FortiGate devices, ensuring compatibility with FortiOS and FortiGuard services. Performance metrics include optimized throughput and scalable solutions for hybrid environments.
Hardware Requirements
FortiSASE supports FortiGate devices, FortiSwitch, and FortiExtender for on-premises deployments. FortiRack packages are available in small and large configurations, accommodating up to 24 FortiGate units and 4 FortiSwitch devices. For cloud-based solutions, FortiGate virtual appliances (VMs) and FortiGate CNF are compatible. FGAAS (FortiGate as a Service) options are scalable, catering to small or large user bases. Each FortiExtender requires a FortiSASE license for secure connectivity. Ensure hardware aligns with FortiOS compatibility for optimal performance and security.
Software Compatibility
FortiSASE operates seamlessly with FortiOS, ensuring robust security and networking capabilities. It supports FortiGate devices running FortiOS 7.0 or later, enabling advanced features like SD-WAN and ZTNA. Compatibility extends to FortiClient for endpoint protection and FortiManager for centralized management. Cloud-based deployments require compatible virtual appliances, such as FortiGate VMs. Software subscriptions like FortiGuard ensure updated threat protection and security services. Regular updates are essential for maintaining performance and security standards across all integrated platforms.
Performance Metrics
FortiSASE delivers high performance with scalable solutions tailored to diverse network demands. It offers optimized throughput for SD-WAN and secure web gateway services, ensuring minimal latency. Advanced hardware and software integration enhances processing capabilities, supporting up to 40,000 users efficiently. The solution provides robust threat detection and response times, maintaining seamless connectivity across hybrid environments. Performance metrics are consistently monitored to ensure adherence to service level agreements and deliver uninterrupted security services. This ensures organizations achieve both network efficiency and strong security postures.
Deployment Scenarios
FortiSASE supports flexible deployment options, including SD-WAN integration, cloud-based solutions, and hybrid work environments, ensuring secure and efficient connectivity across diverse network architectures and use cases.
SD-WAN Integration
FortiSASE seamlessly integrates with SD-WAN solutions, enabling organizations to enhance their existing networks with robust security and optimized application performance. The FortiGate SASE expansion license simplifies the transition, offering a starter kit with Secure Private Access (SPA) connectivity. This integration supports hybrid work environments, ensuring secure and efficient connectivity for branch offices and remote users. By leveraging FortiGate’s advanced capabilities, businesses can achieve a unified approach to networking and security, optimizing their infrastructure for modern demands.
Cloud-Based Deployments
FortiSASE supports cloud-based deployments, offering a scalable and flexible solution for organizations moving to the cloud. It provides secure access to cloud applications and resources, ensuring consistent security policies across all environments. With FortiGate cloud-native firewalls and FortiSASE’s cloud-delivered services, businesses can protect their cloud infrastructure and remote users effectively. This deployment model aligns with modern cloud strategies, enabling seamless integration with public and private clouds while maintaining high performance and security standards. It is ideal for organizations seeking to enhance their cloud security posture without compromising on agility.
Hybrid Work Environments
FortiSASE is designed to secure hybrid work environments, enabling seamless connectivity for remote and on-premises users. It integrates SD-WAN, ZTNA, and secure LAN edge solutions to provide consistent security and optimal performance. With features like FortiClient and FortiGate, it ensures secure access to corporate resources regardless of location. FortiSASE supports hybrid deployments, making it easy for organizations to adapt to evolving work models while maintaining robust security and compliance. This solution is tailored to meet the dynamic needs of modern workplaces, ensuring productivity and security go hand in hand.
Security Features
FortiSASE offers advanced threat protection, access control, and encryption. It includes AI-powered security services, secure web gateways, and ZTNA to safeguard data and ensure compliance with industry standards.
Threat Protection
FortiSASE delivers robust threat protection through FortiGuard Labs’ AI-powered security services. It includes advanced antivirus, intrusion prevention, and web filtering to detect and block malicious activities. The solution leverages a cloud-based architecture to ensure real-time threat intelligence and automated response capabilities. By integrating with Fortinet’s NGFWs, FortiSASE provides comprehensive protection against sophisticated cyber threats, ensuring secure access for remote users. These features are seamlessly managed via the FortiSASE cloud platform, offering enhanced security for hybrid work environments and SASE deployments.
Access Control
FortiSASE implements robust access control measures, ensuring secure connectivity for hybrid work environments. It utilizes Zero Trust Network Access (ZTNA) to verify user and device identity before granting access to resources. Role-based access control (RBAC) further restricts permissions, aligning with organizational policies. The solution integrates seamlessly with FortiGate and FortiTrust-ZTNA, providing granular control over network access. Cloud-based management simplifies enforcement of access rules, ensuring consistent security across all endpoints and locations.
Encryption Standards
FortiSASE adheres to industry-leading encryption standards to protect data integrity and privacy. It employs SSL/TLS protocols for secure communication and AES-256 encryption for data at rest. These standards ensure that sensitive information remains confidential, whether in transit or stored. Additionally, FortiSASE supports IPSec for site-to-site VPNs, providing an extra layer of security. The solution is compliant with global standards, making it a trusted choice for organizations requiring high levels of data protection and regulatory compliance. Encryption is seamlessly integrated into all SASE services, including SD-WAN and ZTNA.
Compliance and Certifications
FortiSASE ensures compliance with global regulations like GDPR and ISO 27001, while offering sovereign solutions for data residency and privacy. It meets industry standards for secure operations.
Industry Standards
FortiSASE adheres to global industry standards such as GDPR, ISO 27001, and NIST, ensuring robust security and compliance. It supports data residency requirements and sovereign solutions, meeting regional regulations. The solution integrates with Fortinet’s ecosystem, providing encryption and secure access controls. FortiSASE simplifies compliance for organizations, offering a unified approach to security and networking. Its adherence to industry benchmarks ensures trust and reliability in hybrid work environments.
Data Residency Options
FortiSASE offers flexible data residency options to meet regional regulations and sovereignty requirements. It ensures data is stored and processed in specific geographic locations, aligning with local laws. Organizations can choose data centers that comply with their jurisdictional needs, enhancing control over data storage. This feature is particularly beneficial for industries with strict data residency mandates. FortiSASE’s sovereignty solutions enable secure data management while maintaining compliance with global and regional standards, ensuring data remains within designated boundaries and is protected by robust encryption and access controls.
Sovereign Solutions
FortiSASE Sovereign Solutions are designed to meet strict data sovereignty and compliance requirements in regions with specific regulatory demands. These solutions ensure data remains within defined geographic boundaries, leveraging localized data centers and isolated cloud infrastructures. FortiSASE Sovereign Solutions provide compliance with local laws and standards, offering secure access services while maintaining data residency. This approach supports organizations needing to adhere to jurisdictional requirements, ensuring seamless integration of SASE capabilities without compromising on sovereignty or security. It aligns with global and regional regulations, delivering tailored solutions for sensitive environments.
Support and Resources
FortiSASE offers comprehensive support through FortiCare, including 24/7 technical assistance, online resources, and training programs to ensure optimal deployment and management of SASE solutions.
FortiCare Support
FortiCare Support provides comprehensive assistance for FortiSASE, including 24/7 technical support, online resources, and dedicated customer service. Customers can access the FortiCare Support Portal to open tickets, review license options, and manage their subscriptions. FortiCare ensures seamless troubleshooting, updates, and maintenance, helping organizations maximize their SASE investments with expert guidance and reliable service.
Documentation and Guides
FortiSASE provides extensive documentation and guides to facilitate smooth deployment and management. The FortiSASE Ordering Guide offers detailed product information, licensing options, and subscription bundles. Additional resources include deployment guides, such as the SPA with FortiGate SD-WAN Deployment Guide, and reference materials like the FortiSASE Reference Guide. These documents ensure customers can efficiently navigate the platform, understand hardware requirements, and optimize their SASE solutions for various use cases and environments.
Training and Certification
FortiSASE offers comprehensive training programs to enhance technical expertise. Customers can access courses on Secure SD-WAN, ZTNA, and Cloud NGFW through Fortinet’s training platform. Certifications like NSE training ensure professionals master FortiSASE deployment and management. These resources empower users to optimize their SASE solutions effectively.
Frequently Asked Questions
FortiSASE FAQs address licensing, compatibility, and upgrades, ensuring clarity on subscriptions, integration with FortiGate, and migration options for seamless SASE adoption.
Licensing and Subscriptions
FortiSASE requires a subscription for each user, ensuring secure access to cloud-delivered services. Licensing is based on the number of endpoints or users, with options for conversion from device-based to user-based licenses. Contact FortiCare Support for license conversion options. Each user can connect up to three devices, combining agent-based and proxy-based access. Refer to the FortiSASE Ordering Guide for detailed licensing information and supported models.
Compatibility and Integration
FortiSASE integrates seamlessly with Fortinet’s ecosystem, including FortiGate, FortiClient, and FortiTrust-ZTNA. It supports secure SD-WAN, cloud-based deployments, and hybrid work environments. The solution also works with FortiAP and FortiSwitch for secure LAN edge connectivity. FortiSASE is compatible with FortiAIOps for enhanced visibility and management. Its cloud-based architecture ensures unified security across all platforms, providing a cohesive and scalable SASE solution.
Upgrade and Migration Options
FortiSASE offers streamlined upgrade and migration options to ensure a smooth transition. Customers can migrate from SD-WAN to SASE using the FortiGate SASE expansion license. The solution supports existing Fortinet hardware and software, minimizing disruptions. Upgrade paths are detailed in the FortiSASE Ordering Guide, with options for user-based or device-based licensing. FortiCare Support assists with license conversions and migrations, ensuring compatibility and optimal performance. This flexibility allows organizations to scale seamlessly while maintaining robust security and connectivity.
Leave a Reply