MPLS Migration to Fortinet SD-WAN: A Step-by-Step Guide
If you are thinking MPLS migration or SD-WAN adoption, you are in good company. For many businesses, however, the move from inflexible MPLS networks to secure, hybrid WANs that offer the flexibility and simplicity of SD-WAN is far from straightforward. At PJ Networks, we’ve been there, done that and want to share our step-by-step guide with you to have your painless upgrade path from legacy MPLS to Fortinet SD-WAN.
1. Current State Audit
Start with defining your current MPLS environment. Before doing anything else, get to know your current MPLS environment. This is important in order to plan the migration properly.
- Make an inventory of your network devices: routers, firewalls, switches.
- Record the current MPLS bandwidth and performance.
- Catalog the linked sites and their critical applications.
- Know your SLAs (Service Level Agreements) of the provider of your MPLS service.
- Self assess: Where is the pain coming from—do you have high costs, scalability barriers and reliability issues?
The audit enables you to see where you are, and identify what needs to go onto SD-WAN.
2. Pilot Deployment
Bypassing step by step is dangerous. Another part of the solution is starting with a pilot, through which Fortinet SD-WAN can help minimize the likelihood of downtime and surprises.
- Choose a low risk branch location for a pool/test of the SD-WAN setup.
- Select one of the Fortinet devices you need that best suits your environment (I would suggest selecting FortiGate models).
- Deploy simple SD-WAN policies to prioritise traffic based on path selection and failover.
- Experiment with hybrid WAN with MPLS link and broadband link running simultaneously.
In the pilot, you’re testing not only technology but also how your employees go about approaching the new system. Expect some learning curves.
3. Cutover Planning
Planning the actual switchover is vital. It’s a story of going from successful pilot to full deployment with no hiccups.
- Create an in-depth migration timeline.
- Don’t just get IT involved, communicate to all parties.
- Have a fall-back plan for any problems.
- Working with ISP and MPLS to changes links.
- Cutover should take place during non business hours to reduce interruption.
“Try to get ahead and anticipate roadblocks early and to have established a Plan B and Plan C by then.
4. Phased Migration
You don’t want to flip the switch all at once everywhere. You can deploy the Fortinet SD-WAN in phases by site with phased migration.
- Softer targets first to build momentum.
- Migrate your sites in batches and closely monitor the progress of your migration at each stage.
- Use Fortinet’s central management console for coordination.
- Stand by MPLS links as a means of fallback while migration is in progress.
- Adapt policies according to feedbacks and networks behaviour.
With phased migration, you will not break business as usual by preserving its continuity and being able to solve problems immediately.
5. Validation
Don’t stop there once it is migrated! Validation Validating your new software-defined WAN to meet business and security needs.
- Monitor the states of applications at branches.
- Validate that security policies are being enforced and are functioning by Fortinet devices.
- Test in case of failover to ensure fault tolerance.
- Collecting user feedback for network experience.
- Analyze savings in relation to legacy MPLS spend.
This process completes the circle and enables you to fine-tune your hybrid WAN.
Migrating legacy MPLS to Fortinet SD-WAN is a road. So with the right level of planning — all the way from undertaking an in-depth audit of the current state, through to validation — SD-WAN can absolutely be an outright enabler. Don’t forget, an incremental migration and a pilot launch protect your business from networking interruptions and make for a successful MPLS migration.
