SD-WAN SLA Optimization Using Fortigate NGFW Firewall Policy: A Case Study of XYZ Institution

Authors

  • Abdul Rahim Universitas Muhammadiyah Malang
  • Denar Regata Akbi Universitas Muhammadiyah Malang

DOI:

https://doi.org/10.30865/json.v7i1.9012

Keywords:

bandwidth, firewall policy, Fortigate, network security, SD-WAN, service level agreement

Abstract

The development of network technology demands reliable, efficient, and secure connectivity, especially for institutions with high operational needs. Software-Defined Wide Area Network (SD-WAN) emerges as an innovative solution to overcome the limitations of traditional networks, such as reliance on a single internet service provider (ISP) and inadequate security. This research aims to implement Maximize Bandwidth (SLA) on SD-WAN technology with firewall policies in Fortigate Next-Generation Firewall (NGFW) to improve network performance and security at Institution XYZ. The research method involves network simulation using Graphical Network Simulator 3 (GNS3) with a tree topology, two ISP clouds, and Fortigate configuration as NGFW. Testing was conducted through bandwidth monitoring, ICMP testing, and network parameter measurement using Iperf3. The results show that the implementation of SD-WAN with the Maximize Bandwidth (SLA) method successfully optimized bandwidth distribution and reduced connection disruptions. The implemented firewall policies were also effective in network segmentation, restricting inter-divisional access, and enhancing security. Testing confirmed network stability with a consistent bitrate of 1.05 Mbits/sec, low jitter (0.371–0.841 ms), and no packet loss. In conclusion, this solution not only addresses bandwidth limitations but also improves network security, thus serving as a reference for other institutions facing similar challenges.

References

W. Pratiwi and D. Gunawan, “Design and Strategy Deployment of SD-WAN Technology : In Indonesia (Case Study: PT.XYZ),” in 2021 International Conference on Green Energy, Computing and Sustainable Technology (GECOST), Jul. 2021, pp. 1–6. doi: 10.1109/GECOST52368.2021.9538796.

G. K. Soejantono, M. I. Nashiruddin, S. N. Hertiana, and M. A. Nugraha, “Performance Evaluation of SD-WAN Deployment for XYZ Enterprise Company in Indonesia,” in 2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), Oct. 2021,

pp. 0311–0316. doi: 10.1109/IEMCON53756.2021.9623170.

B. V Jadhav R Gosavi, M. D. Pawar, and A. Professor, “Software-Defined Wide-Area Network (SD-WAN) Implementation in Service Provider Network,” | An ISO, vol. 9001, p. 14541, 2021, doi: 10.15680/IJIRSET.2021.1011081.

A. Botta, R. Canonico, A. Navarro, G. Stanco, and G. Ventre, “Adaptive overlay selection at the SD-WAN edges: A reinforcement learning approach with networked agents,” Computer Networks, vol. 243, Apr. 2024, doi: 10.1016/j.comnet.2024.110310.

M. KholilRomadhoni, L. S. Kenanga, D. R. Akbi, and D. Risqiwati, “Performance Evaluation of Outgoing Interface Selection Method on Fortigate SD-WAN for Network Optimization,” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, May 2025, doi: 10.22219/kinetik.v10i2.2120.

M. Muchlisin and B. Yuliadi, “Improving Network Performance of Headquarters and Branches Using Software-Defined Network WAN (SD-WAN),” PIKSEL : Penelitian Ilmu Komputer Sistem Embedded and Logic, vol. 12, no. 1, pp. 23–34, Mar. 2024, doi: 10.33558/piksel.v12i1.8115.

Z. Qin, “SD-WAN for Bandwidth and Delay Improvements on the Internet,” SHS Web of Conferences, vol. 144, p. 02004, 2022, doi: 10.1051/shsconf/202214402004.

“Internal Segmentation Firewall.” Accessed: Jun. 09, 2025 [Online]. Available: https://www.fortinet.com/content/dam/fortinet/assets/white-papers/wp-isf-security-where-you-need-it-w hen-you-need-it.pdf

“Secure End-to-End Segmentation at Scale.” Accessed: Jun. 09, 2025 [Online]. Available: https://www.cisco.com/c/dam/en/us/products/collateral/security/sdwan-seg-scale-sol-brief1.pdf

A. S. George, A. S. Hovan George, and T. Baskar, “SD-WAN Security Threats, Bandwidth Issues, SLA, and Flaws: An InDepth Analysis of FTTH, 4G, 5G, and Broadband Technologies,” Partners Universal International Innovation Journal, 2023, doi: 10.5281/zenodo.8057014.

P. T. Anh Quang, S. Martin, J. Leguay, X. Gong, and F. Zeng, “Intent-based policy optimization in SD-WAN,” in Proceedings of the 2021 SIGCOMM 2021 Poster and Demo Sessions, Part of SIGCOMM 2021, Association for Computing Machinery, Inc, Aug. 2021, pp. 74–75. doi: 10.1145/3472716.3472858.

Fortinet Document Library, “Maximize bandwidth (SLA) strategy,” Fortinet. Accessed: Jun. 09, 2025. [Online].Available:https://docs.fortinet.com/document/fortigate/7.0.4/administrationguide/708464/maximize-bandwidth-sl a-strategy

Jordan Pioth, “How SD-WAN Helps with Bandwidth Aggregation,” COEO. Accessed: Jun. 09, 2025. [Online]. Available: https://www.coeosolutions.com/news/sd-wan-helps-bandwidth-aggregation

“SD-WAN Traffic Optimization,” 2025. Accessed: Jun. 09, 2025. [Online]. Available: https://docs.versa-networks.com/Solutions/SD-WAN_Design/09_SD-WAN_Traffic_Optimization

D. Prima Jaya, H. Aspriyono, and E. Suryana, “Implementasi Keamanan Jaringan Komputer Menggunakan Fortigate Sebagai Firewall pada Lab Komputer IAIN Bengkulu Implementation of Computer Network Security Using Fortigate as a Firewall at the Computer Lab of IAIN Bengkulu,” Print) Gatotkaca Journal, vol. 2, no. 1, doi: 10.37638/gatotkaca.2.1.31-38.

Fortinet Document Library, “SD-WAN rules - maximize bandwidth (SLA),” Fortinet. Accessed: Jun. 09, 2025. [Online]. Available: https://docs.fortinet.com/document/fortigate/6.2.16/cookbook/708464/sd-wan-rules-maximize-bandwidt h-sla

Fortinet Document Library, “Securing OT with Network Microsegmentation.” Accessed: Jun. 09, 2025. [Online]. Available:https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sb-securing-ot-networks-with-micr osegmentation.pdf

V. V. Baligodugula, A. Ghimire, and F. Amsaad, “An Overview of Secure Network Segmentation in Connected IIoT Environments,” Computing&AI Connect, vol. 1, Aug. 2024, doi: 10.69709/caic.2024.193182.

SolarWinds Worldwide, LLC., “Graphical Network Simulator 3,” Graphical Network Simulator 3”. Accessed: Jun. 09, 2025. [Online]. Available: gns3.com

Downloads

Published

2025-09-08

How to Cite

Abdul Rahim, & Denar Regata Akbi. (2025). SD-WAN SLA Optimization Using Fortigate NGFW Firewall Policy: A Case Study of XYZ Institution. Jurnal Sistem Komputer Dan Informatika (JSON), 7(1), 147–153. https://doi.org/10.30865/json.v7i1.9012

Issue

Vol. 7 No. 1 (2025): September 2025

Section

Articles

License

Copyright (c) 2025 Abdul Rahim, Denar Regata Akbi

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.