Network centralization and unification across 200 locations in Europe with FortiGate and Fortinet SDWAN

Implementation of the single-vendor model based on Fortinet

Result: Centralization and unification of the network in 200 locations in Europe with FortiGate and Fortinet SDWAN.

Initial situation and technical problem

The existing IT environment was inconsistent. Local branches used different devices and security policies, often managed by external vendors. After analyzing the security risks, the client decided to modernize the existing infrastructure and switch all branches to Fortinet solutions.

The main challenge was the distributed security infrastructure based on various solutions:

• Lack of centralized management and monitoring of network devices
• Risks resulting from inconsistent security policies and vulnerabilities
• Distributed and difficult-to-maintain firewall environment (SonicWall, CheckPoint, others)
• High costs and operational difficulties due to lack of standardization

The solution used

The client focused on fully unifying its IT security environment based on Fortinet solutions. Grandmetric, as a technology partner, designed and implemented a comprehensive solution, including:

• Migration of over 200 sites to FortiGate (firewalls).
• Building an SD-WAN dual hub architecture based on two main data centers located in Poland and the UK.
• Pilot migrations of the remaining four main sites as spokes to the Forti SDWAN Fortinet architecture.
• Centralization of management via FortiManager using RBAC (Role-Based Access Control).
• Preservation of local autonomy and granularity of permissions based on role-based access control and a shared management model. The main connection is managed by a group administrator, while local connections are managed by local administrators.

What was it like to implement Fortinet central management in a multi-site environment?

1. Analysis and Design

• Identification of Current and Future Infrastructure Requirements
• HLD (High-Level Design) and LLD (Low-Level Design) for the Group’s Two Main DCs

2. Preparing the Fortinet SD-WAN architecture

• Redundancy and performance with SDWAN, ADVPN, and BGP
• Dividing physical devices into virtual instances – one centrally managed, the other by local administrators
• Preparing configuration templates for each of the 200 sites based on the central SD-WAN architecture

3. Migration

• Starting with the creation of a HUB in the UK and connecting the first three sites to the first HUB
• Expanding the SDWAN environment with a second HUB site
• Regular migrations – evenings and weekends to minimize downtime
• Close collaboration with local administrators and external vendors

4. Support and Optimization

• Ticket support and ongoing communication with the client team
• Customization of solutions to local needs and integration with existing systems

Customer outcomes – Fortinet infrastructure unification

✅ Single management console (FortiManager) – central management of all firewalls
✅ Common log analytics system (FortiAnalyzer) – simplified incident tracking and response

✅ Security policy unification (FortiManager) – easy policy setting for the entire group

✅ Operational savings – cheaper vendor purchases and lower maintenance costs
✅ Faster launch of new sites – unified configuration and architecture for new locations
✅ Increased security – eliminating inconsistencies, closing gaps and attack vectors
✅ DC offloading – thanks to SD-WAN architecture and local breakouts
✅ Redundancy and stability – fault-tolerant network traffic

✅ Simplifying VPN connection architecture – thanks to SD-WAN architecture and ADVPN

Working with the client was a unique experience due to the scale and complexity of the project. We had to integrate a global security strategy with local realities and collaborate with teams at individual sites. Fortinet’s single-vendor architecture allowed us to achieve complete visibility and control over network traffic across the entire organization.

— Jakub Grzelski, Senior Systems Engineer | Network & Security, Grandmetric 

📎 Key figures:

• 200+ sites migrated to FortiGate
• 7 sites included in the FortiSDWAN project
• 3 years of collaboration from design to maintenance
• 1 unified security system for the entire group
• Management: FortiManager

What business benefits did unifying the infrastructure with FortiGate, FortiManager and FortiSDWAN bring?

By implementing a Fortinet-based solution, the client gained complete control over its IT security infrastructure. All firewalls were centrally managed from a single FortiManager console, and log analytics were unified using FortiAnalyzer, significantly simplifying incident detection and response.

Standardized security policies enabled the rapid and consistent application of rules across the entire group, which not only increased protection but also eliminated inconsistencies and closed potential attack vectors. The project also resulted in measurable operational savings – both in hardware purchase and maintenance costs. New locations can be launched much faster thanks to the ready-made, unified architecture. Reducing data center workloads and simplifying VPN connections based on SD-WAN and ADVPN resulted in greater network stability, redundancy, and fault tolerance.

Do you want to manage the infrastructure of multiple branches from a single management point?

Act today and plan your transition to a single-vendor architecture with Fortinet. Schedule a consultation with a Grandmetric engineer.

Get in touch

You hereby agree that Grandmetric can call you to process the given request. You also agree to obtain marketing information such as our newsletter. More about how we collect and process personal data in Privacy Policy.

Sylwia Szczygieł

Consulting Engineer, Grandmetric