Analyst(s): Fernando Montenegro
Publication Date: March 16, 2026
Fortinet announced FortiOS 8.0, expanding the Fortinet Security Fabric operating system with new AI governance and visibility controls, next-generation SASE deployment options, and post-quantum cryptography enhancements. The release matters because it frames secure networking as a single operating system layer that must simultaneously govern the use of generative AI (GenAI), handle encrypted traffic inspection, and meet sovereignty requirements without increasing operational complexity.
What is Covered in This Article:
- Fortinet’s FortiOS 8.0 release
- AI visibility and usage governance
- SASE flexibility and sovereignty models
- Quantum-safe controls for encrypted traffic
- Platform operational simplification via agents
The News: Fortinet announced FortiOS 8.0 on March 10, 2026, at Fortinet Accelerate 2026 in Las Vegas, introducing updates to the operating system that powers the Fortinet Security Fabric. The release adds AI-driven security capabilities, expands SASE options, and extends quantum-safe protections to support hybrid and multi-cloud environments while simplifying security architectures.
New capabilities include FortiView for AI attack surface and shadow AI, AI-aware application control for GenAI usage, visibility into Model Context Protocol (MCP) and agent-to-agent (A2A) interactions, and enhanced data loss prevention (DLP) with optical character recognition (OCR). FortiOS 8.0 also introduces AI agents across the Fortinet Security Fabric for conversational troubleshooting and configuration in firewall and SD-WAN environments, along with SASE Outpost, sovereign SASE deployment options, unified SD-WAN bundles, and multipath IPsec tunnels.
Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet, said, “FortiOS 8.0 reflects more than 25 years of continued innovation at the intersection of networking and security. As organizations embrace AI, cloud, and increasingly encrypted environments, a unified operating system is essential to reduce complexity, improve visibility, and ensure security can scale without slowing the business.
Fortinet’s FortiOS 8.0 Pushes Secure Networking Toward AI Governance
Analyst Take: Fortinet has always had a strong, deliberate focus on its FortiOS-driven approach, and FortiOS 8.0 continues to reflect this strategy. By anchoring capabilities to a unified operating system, Fortinet effectively minimizes the integration costs and operational friction that plague highly fragmented security environments. Fortinet is positioning FortiOS 8.0 secure networking as a single control plane reshaped by the adoption of GenAI, rising encrypted traffic, and uneven regulatory expectations.
AI Governance Becomes a Network-Layer Requirement
The explicit support for AI use cases is a welcome development that directly addresses a frequent user request: the need to actively discover and control AI usage across the enterprise. This initiative aligns perfectly with recent survey data from Futurum Intelligence. According to our January 2026 report, Futurum Research: AI Workloads and Hybrid Work Redefine Network Architecture, securing traffic for AI and machine learning workloads has emerged as the most influential driver shaping enterprise network security architectures for the next two years.
FortiOS 8.0 frames AI adoption as something that must be observed and governed through the same mechanisms used for other high-risk applications. Capabilities such as FortiView for AI attack surface and shadow AI emphasize the need to distinguish sanctioned from unsanctioned tools as AI usage spreads. The addition of AI-aware application control signals that policy enforcement is shifting from allowing or blocking entire apps to controlling risky actions inside approved GenAI tools. Visibility into MCP and A2A interactions also suggests Fortinet expects more enterprise activity to occur through agent-mediated workflows that can evade traditional monitoring.
Fabric-Based AI Agents Aim to Reduce Operational Friction
Fortinet’s inclusion of AI agents across the Security Fabric targets day-to-day operational load rather than only threat detection efficacy. Conversational troubleshooting and configuration for firewall and SD-WAN environments emphasize reducing misconfiguration risk. The approach reinforces Fortinet’s long-standing bet that a consistent operating system experience lowers integration and operational costs across products.
More to Cyber Than AI: SASE and Sovereignty Move to the Forefront
The announcement also shows that there is much more to cybersecurity beyond the AI juggernaut, with Fortinet’s SASE features addressing critical, long-term compliance challenges. FortiOS 8.0 expands SASE options with SASE Outpost and sovereign SASE deployment models, reflecting demand for local enforcement and tighter control over data residency. Sovereign SASE adds a layered approach to log retention, control-plane residency, sovereign POP selection, and fully sovereign deployments within customer data centers. These features imply that SASE competition is increasingly shaped by regulatory procurement requirements rather than only user experience and performance claims.
Post-Quantum Features Signal “Future-Proofing” as a Platform Theme
Also stepping beyond AI, FortiOS 8.0 extends quantum-safe capabilities through post-quantum cryptography (PQC) elements and hybrid approaches tied to management access and encrypted traffic inspection. Strengthened TLS deep inspection with hybrid key exchange and post-quantum-safe cryptography connects quantum-safe narratives to an immediate operational reality: security teams need visibility into encrypted traffic without undermining end-to-end encryption expectations.
The Competitive Landscape and OT/ICS Advantage
The competitive landscape is fierce. We continue to see Fortinet compete heavily with Palo Alto Networks, Cisco, and Check Point in broader networking deals (including SASE), and with Netskope, Zscaler, Versa, Cato, and others in SASE. In this crowded field, Fortinet’s distinct advantage remains its deeply entrenched channel presence and an architectural worldview that translates well across multiple environment types. This unified FortiOS approach is particularly well received in specialized, high-stakes environments such as OT (Operational Technology) and ICS (Industrial Control Systems), where uptime is critical and minimizing integration complexity is paramount.
What to Watch:
- How will customers incorporate new capabilities into their workflows? With Fortinet now adding more support for AI governance, customers can now bring this new source of telemetry and insight into their existing AI governance efforts.
- How do capabilities support agentic initiatives at customers? The focus on shadow AI and attack surface is important, but customers are moving fast on the broader application of agentic AI, which involves different stakeholders, use cases, and more.
- How does company positioning change with newer use cases? Fortinet has been a strong vendor in network security, but its new capabilities, such as PQC support, sovereignty, and AI, are more strategic, and the company must support these use cases with strong messaging, field enablement, and partnerships.
See the full press release on Fortinet’s FortiOS 8.0 announcement on the company website.
Declaration of generative AI and AI-assisted technologies in the writing process: This content has been generated with the support of artificial intelligence technologies. Due to the fast pace of content creation and the continuous evolution of data and information, The Futurum Group and its analysts strive to ensure the accuracy and factual integrity of the information presented. However, the opinions and interpretations expressed in this content reflect those of the individual author/analyst. The Futurum Group makes no guarantees regarding the completeness, accuracy, or reliability of any information contained herein. Readers are encouraged to verify facts independently and consult relevant sources for further clarification.
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.
Other Insights from Futurum:
Who Owns Cyber Physical Systems (CPS) Security? – Report Summary
Sovereign AI: What Nations Want (And What They’ll Actually Get) – Report Summary
Futurum Research: AI Workloads and Hybrid Work Redefine Network Architecture
Futurum Research: Cybersecurity Buyers Prioritize Integration Over Cost Savings
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
