Business & Technology

Fortinet Secure SD-WAN Again, Receives NSS Labs’ “Recommended” Rating

By Nirav Shah | June 19, 2019

For enterprises with large numbers of branch offices, managing digital transformation for a complex WAN environment can be especially challenging. The need for reliable connectivity across and between branch offices, the explosion of IoT and BYOD devices at the branch, critical latency-sensitive business applications like unified communications, and SaaS applications like Office365 and SalesForce have pushed traditional WAN connections to the breaking point.

As a result, today’s enterprise organizations are looking to simplify their WAN edge operations and reduce overhead, while also enabling faster cloud adoption. The solution that is making this possible is SD-WAN. As a result, more than 50% or organizations are looking to pilot or adopt SD-WAN in 2019. But due to the growing number of vendors in the space, well over 60 different solutions are currently on the market, finding the right solution to lower WAN Costs, establish and maintain reliable Quality of Experience, while reducing complexity is challenging.

The Value of Third-Party Testing – Are Customers Getting the ROI Promised by SD-WAN?

One of the most effective ways to begin to sort through the noise of vendors is to look to third-party testing. For example, most vendors claim that SD-WAN will reduce cost by 40%. But is that really true? And how do you find out?

Rather the running your own internal bake-offs, third-party testing can provide real world insight into critical issues such as performance, ease of deployment, and true total cost of ownership—all issues that can make or break an SD-WAN deployment. To that end, the FortiGate Secure SD-WAN solution has received its second consecutive “Recommended” rating and the showcased lowest TCO – validating the SD-WAN promise of ROI – in the latest third-party test conducted by NSS Labs.

In addition, the FortiGate SD-WAN solution’s high VPN performance of 893 Mbps, combined with true VPN overlay functionality that can support interconnectivity between even the largest WAN environments, optimizes applications in the multi-cloud world to provide the best possible user experience.

Simplifying and Enhancing WAN Edge Operations

The traditional enterprise branch relies on a variety of point products to enable employee productivity. For example, routers that try to combine multiple services into a single device may sound like a good idea, but they require multiple management consoles, including a clumsy CLI interface that can make them so complex – and expensive – ­to deploy and troubleshoot. Other SD-WAN solutions require significant overhead to in order to deploy, support, and maintain essential functionality and advanced WAN management capabilities such as connectivity, security, and traffic management. As a result, it can typically take week or months to deploy a new branch and significant resources to troubleshoot any network issues.

FortiGate enables true WAN Edge transformation by consolidating key capabilities such as SD-WAN functionality, WAN optimization, NGFW, and advanced routing – built on purpose-built ASICs designed to accelerate critical functions without the overhead of traditional off-the-shelf CPUs. As a result, in this latest NSS Labs public test, the FortiGate Secure SD-WAN showcased the lowest TCO of all participants, including zero touch provisioning in minutes for efficient operations.

Delivering Reliable and Resilient Quality of Experience 

As applications move from the datacenter to the cloud, and traditional MPLS connectivity is being replaced or augmented by broadband internet, the impact on the traditional branch WAN has been profound. Organizations are adopting cloud applications at a much faster pace, and running them across hybrid public cloud environments such as AWS, GCP, and Azure.

Traditional WAN networks designed for a different era are simply not ready for the broad number of services being offered at the WAN edge, nor for the explosive growth of WAN traffic that multi-cloud adoption brings. This explosive growth of traffic and services at the WAN edge has resulted in poor application experience, highlighting the need for higher bandwidth needs and support for operational complexity.

Fortinet SD-WAN innovations deliver the reliable quality of experience organizations require for their business-critical applications. With its application-focused WAN path controller and multi-path intelligence, the Fortinet SD-WAN solution once again showcased reliable application performance for both unified communication and multi-cloud applications in NSS Labs SD-WAN Group Test 2.0 extreme test conditions.

High availability is another critical requirement for enterprise organizations deploying SD-WAN to ensure a stable and consistent network experience and reliable business continuity. In this latest NSS Labs test, for example, Fortinet delivered the highest quality of experience in 3 of the 10 tests for video with a score of 4.53, while being subjected to WAN link failure conditions.

In addition, Fortinet’s WAN Remediation functionality provides path awareness intelligence and link remediation to delivers reliable application performance through its automated fail-over and fail-back mechanism. This improves cloud application performance by prioritizing business critical applications and enabling branches and branch devices to directly and securely communicate to the internet.

The Need for Integrated Security at the WAN Edge

Increasingly, organizations are looking to enable direct internet access at the branch for the best possible application experience. But as a result, the attack surface at the WAN edge continues to grow as more local breakouts at distributed locations are introduced. And of course, securing these direct internet paths is critical for maintaining consistent security posture at WAN Edge. However, part of the challenge is that perimeter security deployed at the datacenter, which has historically provided WAN protection, simply cannot keep up with the WAN edge transformation. So, while direct internet access makes the life of the end-user better, enhancing the application experience, it doesn’t necessarily make the life of the network/security teams easier—especially if an entirely different set of solutions need to be deployed for SD-WAN and security.

This is forcing enterprises to rethink their WAN security strategy and look for ways to deploy and maintain a consistent security posture at the WAN edge. Fortinet, a global leader in security, not only provides comprehensive and fully integrated NGFW protection as part of their SD-WAN solution, but that NGFW is the only one to have also received a “Recommended” rating from NSS Labs for the last 5 consecutive years. In the recent NSS Labs test, the FortiGate NGFW also provide high SSL Inspection,—without impacting performance, ensuring that in addition to world-class WAN performance and functionality, customer also receive high security effectiveness.


Fortinet not only continues to innovate in the SD-WAN space, but both its networking and security functions can be fully managed and orchestrated through a single management console. It can also be seamlessly integrated with the Fortinet Security Fabric, enabling organizations to create a single, holistic security strategy that spans from their core network to the WAN, and from enduser and IoT devices out to any multi-cloud environment.

Fortinet’s Secure SD-WAN solution includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering.

Read these customer case studies to see how Warrior Invictus Holding Co., Inc. and the District School Board of Niagara implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs. 

Read the news release giving more details on this announcement.