The goal of the project is to ensure stable and safe operation of the perimeter of the data center network.
The distributor company is modernizing its corporate IT infrastructure. A key requirement is the reliable and continuous operation of the company's server infrastructure, which is located in the data center. A reliable data center network perimeter is necessary to ensure the security of corporate data and maintain continuous connectivity with dozens of geographically distributed company offices. A solution based on Fortinet equipment was developed and proposed. Fortinet – is an innovative company and a global provider of solutions in the field of network security, a market leader in the field of unified threat management.
Tasks for the executor of the project
The choice of solution architecture is based on the following requirements of the customer:
- High performance of the corporate data transmission network
- High level of information security
- Reliability and round-the-clock availability of network services
- Convenience and simplicity of administration and operation
- The need for continuous availability of more than 30 remote offices
- The need for the possibility of reserving access to the Internet using the BGP protocol
Technology
Architecture Two Fortigate 500E security gateways are installed at the perimeter of the corporate network, combined into a fault-tolerant cluster. Given the need to build fault-tolerant VPN tunnels to the company's geographically distributed offices, an architecture using VTI tunnels and the OSPF protocol was chosen to ensure fault tolerance. To implement this architecture, the security gateways were logically divided into two VDOMs, one of which provides connectivity with Internet providers and ensures the operation of the BGP protocol, the second VDOM is used to build VPN tunnels, as such, and is also a gateway for data center networks . IPS functionality, web filtering, application control and antivirus are deployed on the security gateways, which provides comprehensive protection of the perimeter of the corporate network.
Scheme of the solution
Benefits of implementing the solution
- A fault-tolerant network perimeter based on Fortinet equipment is organized
- The developed solution ensures continuity of work of the company's remote branches and reliable data protection