Here’s a comprehensive overview of traffic steering, focusing on its key concepts, benefits, and implementation in various contexts:

Key Concepts of Traffic Steering

1. Application-Based Steering:

   • Application Awareness: Traffic steering often involves directing traffic based on the type of application generating the traffic. For example, VoIP and video conferencing might be steered through high-bandwidth, low-latency paths, while web browsing traffic could use less expensive links.
   • Policy Configuration: Policies are set to determine how different types of traffic should be routed. These policies can be based on application categories, traffic volume, or service level agreements (SLAs).

2. Performance-Based Steering:

   • Real-Time Monitoring: Traffic is directed based on real-time performance metrics such as latency, jitter, packet loss, and bandwidth utilization. This ensures that traffic is sent through the most optimal path based on current network conditions.
   • Dynamic Path Selection: The network can automatically switch traffic paths in response to performance changes, such as shifting traffic from a congested link to a less congested one.

3. Load Balancing and Failover:

   • Load Balancing: Distributes traffic across multiple WAN links to balance the load and prevent any single link from becoming a bottleneck.
   • Failover: Provides automatic rerouting of traffic in the event of a link failure, ensuring continuity and minimizing downtime.

4. Policy-Based Routing:

   • Static Policies: Administrators can configure static routing policies that direct traffic based on predefined rules, such as sending all traffic from a specific department through a certain link.
   • Dynamic Policies: Uses real-time data and network conditions to adjust routing dynamically, improving efficiency and responsiveness.

5. Cost Management:

   • Cost-Based Steering: Traffic can be steered based on the cost of using different network links. For example, non-critical traffic might be routed through cheaper broadband links, while critical applications use more expensive but higher-quality MPLS connections.

Benefits of Traffic Steering

1. Enhanced Performance:

   • Optimized Path Selection: Ensures that traffic is routed through the most efficient path available, improving application performance and user experience.
   • Reduced Latency: Minimizes latency by directing traffic away from congested or suboptimal paths.

2. Improved Reliability:

   • Automatic Failover: Provides robust failover mechanisms, maintaining network reliability and continuity even when primary links fail.
   • Load Distribution: Prevents any single link from becoming overloaded, enhancing overall network stability.

3. Cost Efficiency:

   • Optimized Resource Use: Leverages various types of WAN links (e.g., MPLS, broadband, LTE) based on cost and performance, optimizing the use of expensive and inexpensive resources.
   • Bandwidth Management: Ensures that high-bandwidth applications are supported while managing costs by using lower-cost links for less critical traffic.

4. Increased Flexibility:

   • Dynamic Adjustments: Adapts to changing network conditions and traffic patterns, providing greater flexibility and responsiveness to network needs.
   • Policy Customization: Allows for granular control over traffic routing based on specific business requirements or application needs.

Implementation in FortiGate SD-WAN

In the context of FortiGate SD-WAN, traffic steering is implemented through several key features:

1. Application Control:

   • Application-Based Policies: FortiGate SD-WAN allows administrators to create policies that steer traffic based on the type of application. This ensures that critical applications receive the required performance.

2. Real-Time Monitoring and Analytics:

   • Performance Metrics: FortiGate SD-WAN continuously monitors network performance metrics such as latency, jitter, and packet loss. Traffic is steered based on these metrics to ensure optimal performance.

3. Dynamic Path Selection:

   • Automatic Routing Adjustments: Based on real-time performance data, FortiGate SD-WAN dynamically adjusts traffic paths to avoid congestion and optimize resource use.

4. QoS and Bandwidth Management:

   • Traffic Shaping: Configures QoS settings to prioritize traffic and manage bandwidth allocation, ensuring that high-priority applications receive the necessary resources.

5. Cost-Based Routing:

   • Flexible Link Utilization: Routes traffic through the most cost-effective links based on the type of traffic and network conditions, optimizing overall network expenditure.

Example Use Case

A company with multiple branch offices and a mix of critical and non-critical applications might deploy FortiGate SD-WAN to:

1. Set Up Policies:

   • VoIP and Video Conferencing: Configure policies to steer VoIP and video conferencing traffic through high-quality MPLS links to ensure low latency and high reliability.
   • Standard Web Traffic: Route less critical web traffic through lower-cost broadband connections.

2. Monitor and Adjust:

   • Performance Monitoring: Continuously monitor link performance and adjust routing based on real-time data to avoid congestion and maintain application performance.
   • Automatic Failover: Implement automatic failover to backup links in case of primary link failures to ensure continuous connectivity.

In summary, Traffic Steering is a crucial aspect of modern network management that enhances performance, reliability, and cost efficiency. By leveraging technologies like FortiGate SD-WAN, organizations can implement sophisticated traffic steering strategies that optimize network resources and improve overall operational effectiveness.

Key Concepts of Application-Based Routing

1. Application Identification:

   • Deep Packet Inspection (DPI): FortiGate uses DPI to identify applications based on the traffic patterns and signatures within the packets. This allows the firewall to understand which application is generating the traffic, even if it’s using non-standard ports or protocols.
   • Application Control: FortiGate’s Application Control feature categorizes and manages application traffic based on pre-defined signatures and behavior.

2. Policy-Based Routing:

   • Routing Policies: Application-Based Routing allows the creation of policies that define how traffic from specific applications should be handled. These policies can dictate which WAN link or path should be used based on the application’s requirements.
   • Dynamic Path Selection: Traffic can be routed through different paths based on real-time performance metrics, ensuring optimal delivery for different applications.

3. Traffic Steering:

   • Quality of Service (QoS): Different applications might have varying QoS requirements. For example, video conferencing applications might require higher bandwidth and lower latency compared to standard web browsing. FortiGate can route traffic to meet these needs.
   • Load Balancing and Failover: Traffic from high-priority applications can be directed to dedicated links or paths, while less critical applications can use lower-cost links. Failover policies ensure that if a primary link fails, traffic can be rerouted through secondary links.

How to Configure Application-Based Routing in FortiGate

1. Define Application Rules:

   • Create Application-Based Policies: Configure policies that specify how different applications should be routed. This involves defining rules that match traffic based on application types, using FortiGate's Application Control database.
   • Set Conditions: Specify conditions such as source/destination addresses, application categories, and traffic volume to create precise routing rules.

2. Configure Routing Tables:

   • Static and Dynamic Routing: Depending on the traffic and application needs, configure static routes or use dynamic routing protocols to manage how traffic is forwarded.
   • Route Maps: Use route maps or policies to direct traffic based on the application-specific criteria set in your routing rules.

3. Apply Quality of Service (QoS) Settings:

   • Bandwidth Management: Set up QoS policies to allocate bandwidth based on application requirements, ensuring critical applications get the necessary resources.
   • Traffic Shaping: Configure traffic shaping rules to manage and prioritize application traffic, ensuring smooth performance.

4. Monitor and Adjust:

   • Traffic Analytics: Use FortiGate’s monitoring tools to track the performance and volume of application traffic. This helps in understanding how well the routing policies are performing and whether adjustments are needed.
   • Adjust Policies: Based on monitoring data, adjust the application-based routing policies to optimize performance and address any issues.

Benefits of Application-Based Routing

1. Improved Application Performance:

   • Prioritization: Ensures that high-priority applications receive the necessary bandwidth and performance levels, enhancing user experience and productivity.
   • Optimized Path: Routes traffic through the most efficient path, reducing latency and avoiding congestion for critical applications.

2. Enhanced Network Efficiency:

   • Cost Savings: Allows for more efficient use of network resources by directing less critical traffic through less expensive links.
   • Dynamic Adjustment: Automatically adjusts routing based on real-time conditions, improving overall network performance and reliability.

3. Granular Control:

   • Application-Specific Policies: Provides the ability to create detailed routing policies based on specific applications, offering fine-grained control over network traffic.

4. Increased Flexibility:

   • Adaptability: Easily adapts to changes in network conditions and application requirements, ensuring that routing policies remain effective over time.

Example Use Case

Consider an enterprise with multiple branches and a mix of critical applications like VoIP, video conferencing, and standard web browsing:

1. Policy Configuration:

   • VoIP Traffic: Create a policy that routes VoIP traffic through a high-bandwidth, low-latency link to ensure clear call quality.
   • Video Conferencing: Route video conferencing traffic through a dedicated link with guaranteed bandwidth to maintain high video quality.
   • Web Browsing: Direct web browsing traffic through a cost-effective broadband link, as it has lower priority compared to VoIP and video conferencing.

2. QoS and Monitoring:

   • Monitor Performance: Use FortiGate’s analytics tools to monitor the performance of each application and adjust policies as needed.
   • Adjust Routing: Based on performance data, adjust routing rules to optimize application delivery and network resource utilization.

In summary, Application-Based Routing in FortiGate provides a robust mechanism for managing and optimizing network traffic based on the specific needs of different applications. By leveraging FortiGate’s application identification and routing capabilities, organizations can ensure that critical applications receive the performance they require while optimizing the use of network resources.

• Hardware and Virtual Appliances:FortiGate SD-WAN can be deployed using Fortinet’s hardware appliances or as virtual appliances in cloud environments.
• Connectivity: Connects to various types of WAN links, including dedicated MPLS circuits, broadband internet, and cellular networks

• Policy-Based Routing:Administrators can configure policies to define how different types of traffic should be routed based on application requirements, link performance, and security needs.
• Automatic Link Detection: Automatically detects and configures new WAN links, simplifying the deployment process.

Traffic Management:

• Application-Based Routing: Routes traffic based on application type, ensuring that critical applications have priority and that non-essential traffic does not impact performance.
• Performance Monitoring: Continuously monitors link performance and adjusts traffic paths to maintain optimal application performance.