Simply put, what the title says.
The network is based on a centralized location and a bunch of satellite locations around the world. These satellite locations connect to the centralized location via IPSec VPN so we can service the production systems.
In the past these have been based on Fortigate 101 (D for the older ones, E for the newer ones), as well as Aruba 2930m switches, and for the most part this worked well. The only issue is that this was hard to manage on a large scale.
To make it more manageable we moved over to a setup around Cisco Meraki. MX85 as routers and MS225 as switches. This mane the management a lot easier, but with some significant drawbacks:
- ONLY cloud managed
- On our satellite locations the bandwith is often low or completely gone. Meraki don’t like this at all.
- Our satellite locations are mostly onboard ships, and Meraki s8mply doesn’t handle the harsh operating environment as well as Fortigate+Aruba
- Meraki doesn’t provide a whole lot of info as to why when it is unable to connect to its cloud platform. It’s pretty adaptive and tries a lot of configurations before it gives up, but in some cases it’d be nice to be able to set it up according to the wan connection available. Some sort of local diagnostics would be nice.
So, any recommendations for hardware that is:
- Cloud managed
- Allows local configuration when cloud is unreachable
- Durable
- Preferably with load balancing between up to four Wans
Honestly, why not do fortiswitch with your FortiGates? Using the fortilink feature fortiswitchs can be managed from the FortiGate
In addition if you get the fortigate cloud license you are then able to use the FortiCare portal to manage the device and can still login locally to make changes. Do not get the fortimanager cloud that is a seperate offering you do not want in this case as local changes will mess with things