Fortinet Secure SD WAN on Azure 8-Week Implementation


The Gijima Secure SD-WAN solution provides unified managed network infrastructure for WAN and security utilizing FORTINET® devices hosted and maintained on Microsoft Azure

Gijima Fortinet Secure SD-WAN solution offers a secure, multi-location network solution to customers planning to move workloads to Microsoft Azure and customers with existing Azure environments which require secure connections from multiple locations. During this 8-week implementation, Gijima ensures that all cloud technologies in partnership with Next-Generation Fortinet technologies are leveraged to ensure a secure landing-zone & networking solution built according to a well-architected methodology, and in-line with Microsoft's Cloud Adoption Framework.

The Gijima Secure SD-WAN solution provides unified managed network infrastructure for WAN and security utilizing FORTINET® devices hosted and maintained on Microsoft Azure.

Our Secure SD-WAN solution utilizes the ability of the Fortinet overlay to dynamically connect over consumer grade internet services (as underlay). All SD-WAN traffic is back-hauled to the corporate network via IPsec.

This Secure SD-WAN solution can therefore operate with all forms of Internet access available at any location providing the best flexibility for each location to utilize the best cost options that are available locally by leveraging the scalability of the Microsoft Azure cloud.

Gijima follows a methodology of deployment the entails Assess, Deploy, Enable, Operate

Assess & Discovery Assess the existing landscape to understand the current WAN typology and user landscape, developing the scope through discovery work sessions, considering:

  • Security
  • Location topology
  • Availability
  • Remote access requirement
  • Application services
  • a site survey

The output of this phase is an architectural design and deployment plan.

Deployment Deploy the defined design in-line with the following considerations:

  • LAB phase to a proposed site to test all policies
  • Future mode of operations roadmap (CMO->CMO+->FMO)
  • Project organisation
  • Configuration of physical and virtual infrastructure
  • Description of communications processes for reviewing and reporting

Enable & Onboard The enablement and onboarding of the proposed design and approved solution

  • Design and proof of concept testing
  • Enablement of all approved policies and services
  • Commissioning of monitoring per location

The output of this phase is a connected and enabled SD-WAN solution as per the design.

Operate Managed services for the deployed environment including:

  • Gijima Cloud Managed Platform Portal Access Self Service Azure Cost Management
  • Regular Service Feedback & Reporting (implementation of Delivery Model)
  • Integration with the Gijima service desk
  • Networking Performance Management
  • Alert Monitoring
  • Traffic Monitoring

Proactive alert action plan: • Gijima take full accountability for the Network connectivity, CPE, Switch and APs at each location for defined VLAN’s • Monitoring tool will create tickets in Gijima based on breached thresholds • Gijima will remediate the incidents and provide mail updates to the customer service desk (If contracted to do so) • In the event of Critical incident, Gijima Incident Management will call together a War room team comprising of Gijima and defined customer representatives • The War room will remain operational until the incident is remediated • Gijima will confirm that VLAN connectivity is correctly configured and maintained in accordance with the original design documents