FortiGate SD-WAN
WAN edge infrastructure software
SD-WAN solutions
Software-defined perimeter (SDP) software
Network security software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if FortiGate SD-WAN and its alternatives fit your requirements.
Contact the product provider
Free Trial
Free version unavailable
Small
Medium
Large
- Manufacturing
- Banking and insurance
- Retail and wholesale
What is FortiGate SD-WAN
FortiGate SD-WAN is an SD-WAN capability delivered on Fortinet FortiGate next-generation firewall appliances and virtual instances. It is used by network and security teams to connect branches, campuses, and cloud environments over multiple WAN transports while applying centralized security and traffic steering policies. The product combines SD-WAN functions (path selection, application steering, link health monitoring) with integrated firewall, VPN, and security services managed through Fortinet’s management tooling.
Integrated security and SD-WAN
FortiGate SD-WAN runs on the same platform as FortiGate NGFW features, allowing organizations to apply security inspection and segmentation policies alongside WAN path control. This can reduce the need for separate edge devices for firewalling and WAN optimization functions in branch designs. It also supports common secure connectivity patterns such as IPsec VPN overlays and security policy enforcement at the edge.
Broad deployment form factors
The SD-WAN capability is available across FortiGate hardware models and as virtual appliances for private and public cloud environments. This supports consistent policy and routing behavior across branch, data center, and cloud edge use cases. It also enables phased migrations where some sites use appliances while others use virtual instances.
Centralized policy and visibility
Fortinet provides centralized management options (e.g., FortiManager and related tooling) to configure SD-WAN rules, security policies, and templates across many sites. The platform exposes link and application performance metrics used for SLA-based steering and troubleshooting. This helps standardize operations for distributed networks compared with managing each site independently.
Complexity in unified platform
Combining SD-WAN, routing, and advanced security in one device can increase configuration and operational complexity. Teams often need both networking and security expertise to design policies that avoid unintended traffic steering or inspection outcomes. Larger deployments may require disciplined template and change-control practices to keep configurations consistent.
Feature depth varies by model
Practical throughput and enabled security features depend on the specific FortiGate model or virtual instance sizing. Enabling additional inspection services can reduce effective WAN throughput, which may require higher-tier hardware for some sites. Organizations typically need careful capacity planning and testing to align performance with application requirements.
Not a pure cloud-native SDP
While it supports secure access patterns (e.g., VPN, segmentation, identity-aware policy integrations depending on architecture), it is primarily an edge appliance/virtual appliance approach rather than a fully cloud-delivered software-defined perimeter service. Organizations seeking a provider-operated, globally distributed access fabric may need additional components or services. This can increase architectural decisions and integration work for zero-trust access use cases.
Seller details
Fortinet, Inc.
Sunnyvale, California, USA
2000
Public
https://www.fortinet.com/
https://x.com/Fortinet
https://www.linkedin.com/company/fortinet/
