The security industry loves to talk about the future, but the timeline for quantum computing breaking modern encryption is accelerating. Regulators are shifting their target dates for Q-Day from a comfortable mid-2030s window to a much tighter 2029 or 2030 deadline. For enterprise security teams, this means post-quantum cryptography is no longer a research project. Fortinet is tackling this challenge by embedding quantum-safe algorithms directly into FortiOS, using a phased rollout to transition organizations from legacy protection to a hybrid, multi-layered defense. We recently got a chance to hear how they are solving these problems during Security Field Day 15.

Building the Basics

The evolution of FortiOS highlights how the company is preparing the underlying network plumbing for this shift. Back in version 7.2, the focus was entirely on securing IPsec VPNs using post-quantum preshared keys and quantum key distribution interfaces. By version 7.6, the operating system expanded to support standardized algorithms like ML-KEM and ML-DSA alongside proprietary alternatives like BIKE and Frodo. The upcoming version 8.0 moves further up the stack, shifting from basic network tunnels to application-side visibility with hybrid post-quantum cryptography and deep inspection for SSL and SSH traffic. Taken together, these software updates mean that organizations can begin adopting quantum-safe standards on existing hardware footprints without a disruptive rip-and-replace cycle.

Implementing these new algorithms introduces a distinct set of performance trade-offs that network architects must account for. Post-quantum cryptography relies on complex asymmetric key exchanges during the initial phase of tunnel creation, and this math must run entirely in software. In practice, establishing a standard ML-KEM tunnel causes roughly a 10% degradation in the initial tunnel setup rate. Stacking heavier algorithms like ML-DSA increases that latency penalty significantly. The good news is that this performance hit is strictly confined to Phase 1 setup. Once the secure tunnel is established, Phase 2 bulk data encryption switches back to symmetric algorithms, allowing Fortinet to offload the heavy lifting to its custom ASICs, such as the MP77 chip, to maintain wire-speed throughput.

Expanding Encryption Needs

For typical enterprise SD-WAN environments with a few thousand redundant tunnels, a slight delay during initial tunnel creation is a non-issue. The story changes entirely when you look at massive telecommunications networks. A single security gateway at a telco provider might anchor hundreds of thousands of IPsec VPN tunnels connecting to individual cell sites. If a major network failover occurs, attempting to simultaneously rebuild that mountain of tunnels using stacked software algorithms will grind the system to a halt. As a result, telco providers are taking a different architectural path by prioritizing physical Quantum Key Distribution hardware over software stacking.

To support this use case, Fortinet utilizes the industry-standard ETSI interface to integrate with specialized quantum hardware partners like ID Quantique and Toshiba. This interface establishes a strict division of labor across the network fabric. The dedicated third-party quantum appliances handle the intensive quantum key exchanges externally, while the Fortinet infrastructure manages the underlying IPsec VPN tunneling. By offloading the cryptographic negotiation to specialized hardware, service providers can bypass the software latency bottlenecks entirely while maintaining the scale of their network security infrastructure.

Ultimately, navigating the transition to post-quantum security requires deep visibility before you can enforce new policies. Organizations cannot protect what they cannot see, which is why compiling a comprehensive Cryptographic Bill of Materials is becoming a compliance necessity. Fortinet addresses this by capturing specific key exchanges within its central management tools, allowing administrators to map out exactly which tunnels or third-party vendors are still relying on legacy encryption. Furthermore, using deep packet inspection at the application layer lets the firewall actively log when external applications, cloud servers, or content delivery networks upgrade their own systems to quantum-safe algorithms.

Bringing IT All Together

Preparing for Q-Day is not about a sudden, dramatic overnight switch to unproven algorithms. The smart play is a hybrid defense, stacking standardized options over traditional Diffie-Hellman baselines to preserve interoperability while testing new defenses. Fortinet’s strategy of combining software-based agility for key generation with custom hardware offloading for data forwarding offers a realistic blueprint for migration. Security teams should leverage these built-in inventory and inspection tools immediately to map their exposure, ensuring that when the regulatory deadlines arrive, the infrastructure is already hardened against the quantum threat.

To learn more about how Fortinet is jumping out in front of post-quantum security challenges, make sure to check out their website at https://Fortinet.com. To see their entire presentation from Security Field Day, check out the presentation appearance page here.