š When Security Vendors Criticise SD-WAN (But Miss Their Own Flaws)
Are Security Vendors Criticizing SD-WAN to Distract from Their Own Issues?
Driving SD-WAN Adoption in South Africa
In recent years, security vendors have been quick to criticise SD-WAN vendors, claiming that these networking solutions lack sufficient built-in security. On the surface, this might sound validābut dig deeper, and it becomes clear that many of these criticisms are self-serving and ignore serious issues in the security vendors' own stacks.
One of the most vocal critics is Fortinet, who heavily promote their firewall-first SD-WAN approach, often citing their Gartner Magic Quadrant status as validation. But letās take a closer look.
š The Magic Quadrant or the Magic Quagmire?
The Gartner Magic Quadrant, once respected, has lost credibility in many circlesāespecially after findings like those from the Nugent Commission, which raised serious questions about its transparency and vendor influence. And while Fortinet may be featured prominently in this quadrant, appearance does not equal superiority.
Fortinet has become something of a paradox: a security vendor whose own firewall vulnerabilities are some of the most serious threats in the infrastructure world. The companyās track record includes:
Persistent zero-day vulnerabilities impacting enterprise customers worldwide
Delayed disclosures and patches
Exploitation by ransomware gangs and APT actors due to poor vulnerability lifecycle handling
In fact, many CISOs rank Fortinetās own products among the top infrastructure risks, not SD-WAN. This reality exposes a massive contradiction: a vendor promoting itself as a āsecure SD-WAN solutionā while being the vector for critical exploits.
š§± The Firewall Bottleneck
Fortinet claims that only a full-stack, single-vendor security model can protect modern networks. But this philosophy ignores a critical innovation in SD-WAN and cloud-native design: service chaining.
With service chaining, organisations can:
Deploy best-in-class security solutions (from multiple vendors)
Integrate dynamic routing, SD-WAN overlays, and cloud firewalls
Remain agile and modular, avoiding single-vendor lock-in
Fortinet's positionāthat anything outside their stack is vulnerableāis not only technologically outdated, but also strategically dangerous. It locks customers into a brittle, complex, and hard-to-manage platform that increases security risk rather than reducing it.
ā ļø The Risk of Using Fortinet for SD-WAN
While Fortinet boasts about combining security and SD-WAN in a single appliance, the reality is:
Their networking functionality is limited and deeply dependent on their firewall logic
Their configuration interface is complex and slow
Their security vulnerabilities routinely compromise customer environments
Compare that to a dedicated SD-WAN architecture, such as Nepean Networksās, which:
Provides a robust, modular SD-WAN overlay
Integrates seamlessly with existing security solutions via service chaining
Delivers superior performance without introducing unnecessary risk
Maintains network integrity, uptime, and control independently of any security vendor
In this model, security becomes a flexible, composable service, not a rigid dependency.
š Wrap | Choose Networking First, Chain in Security
Security vendors have a vested interest in folding networking into their firewall productsābut this approach is flawed, limiting, and ultimately more vulnerable. Instead, organisations should prioritise networking solutions that are built for networking, like Nepean Networksās SD-WAN, and chain in security where and when needed.
Fortinet doesnāt reduce your riskāit adds to it.
The future is clear: modular, interoperable architectures, where networking and security are decoupled, dynamic, and best-in-class.
