# 🔒 When Security Vendors Criticise SD-WAN (But Miss Their Own Flaws)

In recent years, **security vendors have been quick to criticise SD-WAN vendors**, claiming that these networking solutions **lack sufficient built-in security**. On the surface, this might sound valid—but dig deeper, and it becomes clear that many of these criticisms are self-serving and ignore serious issues in the **security vendors' own stacks**.

One of the most vocal critics is **Fortinet**, who heavily promote their **firewall-first SD-WAN** approach, often citing their **Gartner Magic Quadrant** status as validation. But let’s take a closer look.

### **🎭 The Magic Quadrant or the Magic *Quagmire*?**

The **Gartner Magic Quadrant**, once respected, has lost credibility in many circles—especially after findings like those from the **Nugent Commission**, which raised serious questions about its transparency and vendor influence. And while Fortinet may be featured prominently in this quadrant, **appearance does not equal superiority**.

Fortinet has become something of a paradox: a security vendor whose own **firewall vulnerabilities** are some of the most serious threats in the infrastructure world. The company’s track record includes:

* **Persistent zero-day vulnerabilities** impacting enterprise customers worldwide
    
* **Delayed disclosures and patches**
    
* **Exploitation by ransomware gangs and APT actors** due to poor vulnerability lifecycle handling
    

In fact, many **CISOs** rank **Fortinet’s own products** among the **top infrastructure risks**, not SD-WAN. This reality exposes a massive contradiction: a vendor promoting itself as a “secure SD-WAN solution” while being the **vector for critical exploits**.

### **🧱 The Firewall Bottleneck**

Fortinet claims that **only a full-stack, single-vendor security model** can protect modern networks. But this philosophy ignores a critical innovation in SD-WAN and cloud-native design: **service chaining**.

With service chaining, organisations can:

* Deploy **best-in-class security solutions** (from multiple vendors)
    
* Integrate **dynamic routing, SD-WAN overlays, and cloud firewalls**
    
* Remain **agile and modular**, avoiding single-vendor lock-in
    

Fortinet's position—that anything outside their stack is vulnerable—is not only **technologically outdated**, but also **strategically dangerous**. It locks customers into a brittle, complex, and **hard-to-manage platform** that **increases security risk** rather than reducing it.

### **⚠️ The Risk of Using Fortinet for SD-WAN**

While Fortinet boasts about combining security and SD-WAN in a single appliance, the reality is:

* Their **networking functionality is limited** and deeply dependent on their firewall logic
    
* Their **configuration interface is complex and slow**
    
* Their **security vulnerabilities routinely compromise customer environments**
    

Compare that to a **dedicated SD-WAN architecture**, such as **Nepean Networks’s**, which:

* Provides a **robust, modular SD-WAN overlay**
    
* Integrates seamlessly with **existing security solutions** via service chaining
    
* Delivers **superior performance** without introducing unnecessary risk
    
* Maintains **network integrity**, uptime, and control independently of any security vendor
    

In this model, **security becomes a flexible, composable service**, not a rigid dependency.

---

### **🔗 Wrap | Choose Networking First, Chain in Security**

Security vendors have a vested interest in folding networking into their firewall products—but this approach is **flawed**, **limiting**, and ultimately **more vulnerable**. Instead, organisations should **prioritise networking solutions that are built for networking**, like **Nepean Networks’s SD-WAN**, and **chain in security** where and when needed.

**Fortinet doesn’t reduce your risk—it adds to it.**

The future is clear: **modular, interoperable architectures**, where networking and security are **decoupled**, **dynamic**, and **best-in-class**.
