High Availability’s Implementation on the Fortigate Firewall Using SD-WAN Zone and HA Cluster Active-Passive


  • Novandi Rizki Fattahilah BINUS Online Learning, Bina Nusantara University, West Jakarta, DKI Jakarta
  • Farah Nurfadila BINUS Online Learning, Bina Nusantara University, West Jakarta, DKI Jakarta
  • Yanto Setiawan BINUS Online Learning, Bina Nusantara University, West Jakarta, DKI Jakarta




FortiGate, high availability, SD-WAN, load balancing, failover


Networks that contain sensitive data or have high-security requirements require reliable and dependable network security solutions. FortiGate Firewall, as one of the popular network security solutions, provides High Availability (HA) features that ensure network availability and reliability. This study aims to analyze the implementation of HA on FortiGate Firewall in specific scenarios, such as networks with sensitive data or networks with high-security requirements. A real-world case study is applied to evaluate the effectiveness of HA implementation on FortiGate Firewall in enhancing network reliability and security. In this research, the implementation of HA on FortiGate Firewall at PT ABC was successfully built using the PPDIOO method and deploying SD-WAN load balancing and failover configurations, along with the utilization of a high-availability cluster mechanism. The HA implementation on FortiGate proves to be an effective solution, as demonstrated in the SD-WAN Zone testing of the Source-destination SD-WAN load balancing mode, which showed effectiveness in evenly and optimally distributing traffic among multiple available links, resulting in a 93.3% reduction in downtime. Furthermore, the testing of HA cluster mode in active-passive configuration achieved a 91.8% reduction in downtime compared to the pre-HA implementation state.


Bouizem, Y., Parlavantzas, N., DIb, D., & Morin, C. (2020). Active-Standby for High-Availability in FaaS. WOSC 2020 - Proceedings of the 2020 6th International Workshop on Serverless Computing, Part of Middleware 2020, 31–36. https://doi.org/10.1145/3429880.3430097

Bustamante, J. R., & Avila-Pesantez, D. (2021). Comparative analysis of Cybersecurity mechanisms in SD-WAN architectures: A preliminary results. Proceedings of the 2021 IEEE Engineering International Research Conference, EIRCON 2021. https://doi.org/10.1109/EIRCON52903.2021.9613418

Cheng, F. C., Liu, W. C., & Pan, T. J. (2020). Fail recovery method and internet of things system and charging system using the same (Patent U.S. Patent No. 10,805,147). Patent and Trademark Office.

Devaraj, A. F. S., Elhoseny, M., Dhanasekaran, S., Lydia, E. L., & Shankar, K. (2020). Hybridization of firefly and Improved Multi-Objective Particle Swarm Optimization algorithm for energy efficient load balancing in Cloud Computing environments. Journal of Parallel and Distributed Computing, 142, 36–45. https://doi.org/10.1016/j.jpdc.2020.03.022

Du, C., Xiao, J., & Guo, W. (2022). Bandwidth constrained client selection and scheduling for federated learning over SD-WAN. IET Communications, 16(2), 187–194. https://doi.org/10.1049/cmu2.12333

Fiade, A., Agustian, M. A., & Masruroh, S. U. (2020). Analysis of Failover Link System Performance in OSPF, EIGRP, RIPV2 Routing Protocol with BGP. The 7th International Conference on Cyber and IT Service Management (CITSM 2019). https://doi.org/10.1109/CITSM47753.2019.8965373

Fikri, M., & Rifqi, M. (2023). Implementasi VPN Antar Cabang Menggunakan Teknologi Sdwan Dengan Metode Load Balance (Studi Kasus: PT. Mitra Solusi Infokom). Jurnal Teknologi Informasi Dan Ilmu Komputer (JTIIK), 10(1), 105–113. https://doi.org/10.25126/jtiik.2023105236

Filali, A., Mlika, Z., Cherkaoui, S., & Kobbane, A. (2020). Preemptive SDN Load Balancing with Machine Learning for Delay Sensitive Applications. IEEE Transactions on Vehicular Technology, 69(12), 15947–15963. https://doi.org/10.1109/TVT.2020.3038918

Ghama Wellyandi. (2022). Implementation of Load Balancing and Failover Network Using Fortinet SDWAN Technology at PT. Lintasarta. Ceddi Journal of Information System and Technology (JST), 1(2), 8–13. https://doi.org/10.56134/jst.v1i2.20

Golchi, M. M., Saraeian, S., & Heydari, M. (2019). A hybrid of firefly and improved particle swarm optimization algorithms for load balancing in cloud environments: Performance evaluation. Computer Networks, 162. https://doi.org/10.1016/j.comnet.2019.106860

Hadjadj, T. E., Bouhoula, A., Tebourbi, R., & Ksantini, R. (2022). Optimization of parallel firewalls filtering rules. International Journal of Information Security, 21(2), 323–340. https://doi.org/10.1007/s10207-021-00557-4

Ilham, B., & Setiawan, Y. (2023). Implementation of High Availability Message ISO 8583 using F5 Active-Passive Failover Method. International Journal of Engineering Trends and Technology, 71(4), 264–273. https://doi.org/10.14445/22315381/IJETT-V71I4P223

Mukhopadhyay, B. (2020). A Novel Approach to Load Balancing and Cloud Computing Security using SSL in IaaS Environment. International Journal of Advanced Trends in Computer Science and Engineering, 9(2), 2362–2370. https://doi.org/10.30534/ijatcse/2020/221922020

Neupane, K., Haddad, R., & Chen, L. (2018). Next Generation Firewall for Network Security: A Survey. In SoutheastCon IEEE, 1–6.

Novianto, D., Setiawan Japriadi, Y., Luhur Pangkalpinang, A., Jenderal Sudirman, J., Selindung Baru, K., Gabek, K., & Pangkal Pinang, K. (2021). Comparative Analysis Of Performance Between Ecmp And Nth Methods In Implementation Of Microtic-Based Dual Link Load Balancing Techniques. Jurnal TAM (Technology Acceptance Model), 12(1), 80–88.

Ouamri, M. A., Barb, G., Singh, D., & Alexa, F. (2023). Load Balancing Optimization in Software-Defined Wide Area Networking (SD-WAN) using Deep Reinforcement Learning. IEEE, 1–6. https://doi.org/10.1109/isetc56213.2022.10010335

Peng, Z., Chen, D., & He, W. (2017). A load-balancing and state-sharing algorithm for fault-tolerant firewall cluster. Proceedings - 2017 4th International Conference on Information Science and Control Engineering, ICISCE 2017, 34–37. https://doi.org/10.1109/ICISCE.2017.17

Pribadi, Y., Putra Negara, A. B., & Irwansyah, M. A. (2020). Analisis Penggunaan Metode Failover Clustering untuk Mencapai High Availability pada Web Server (Studi Kasus: Gedung Jurusan Informatika). Jurnal Sistem Dan Teknologi Informasi (Justin), 8(2), 218. https://doi.org/10.26418/justin.v8i2.31965

Sahoo, K. S., Tiwary, M., Mishra, P., Reddy, S., Balusamy, B., & Gandomi, A. (2019). Improving End-Users Utility in Software-Defined Wide Area Network Systems. IEEE Transactions on Network and Service Management, 14(8), 1–12. https://doi.org/10.1109/TNSM.2019.2953621

Sun, J. (2022). Computer Network Security Technology and Prevention Strategy Analysis. Procedia Computer Science, 208, 570–576. https://doi.org/10.1016/j.procs.2022.10.079

Tanha, M., Sajjadi, D., Ruby, R., & Pan, J. (2018). Capacity-Aware and Delay-Guaranteed Resilient Controller Placement for Software-Defined WANs. IEEE Transactions on Network and Service Management, 15(3), 991–1005. https://doi.org/10.1109/TNSM.2018.2829661

Taresh, A. A. R., & Zghair, N. A. K. (2023). Redesign of the communications network based on high availability of traffic management technologies to improve the communication. Measurement: Sensors, 27. https://doi.org/10.1016/j.measen.2023.100776

Wicaksono, D., & Widiasari, I. R. (2022). Sistem Keamanan Jaringan Menggunakan Firewall Dengan Metode Port Blocking Dan Firewall Filtering. Jurnal Teknik Informatika Dan Sistem Informasi, 9(2), 1380–1392. http://jurnal.mdp.ac.id

Yang, K., Guo, D., Zhang, B., & Zhao, B. (2019). Multi-Controller Placement for Load Balancing in SDWAN. IEEE Access, 7, 167278–167289. https://doi.org/10.1109/ACCESS.2019.2953723

Zouini, M., Mantar, Z. El, Rouboa, N., Bensaoud, O., Outzourhit, A., & Bahnasse, A. (2022). Towards a Modern ISGA Institute Infrastructure Based on Fortinet SD-WAN Technology: Recommendations and Best Practices. Procedia Computer Science, 210(C), 311–316. https://doi.org/10.1016/j.procs.2022.10.156