very well put ! Just like Federation is not a service, but a pattern. I think the crucial difference in opinion is perhaps that I would go further and say that you can't promote something without an implementation of it - this speaks to the adoption issue you raised below. So, NREN (SANREN/TENET or say KENET) has to say "look, here's how we think a DMZ should be built" and they provide a reference implementation. This may go so far as being actual code that can be forked for a site and re-instantiated with their local customisations.
The other important thing is the interfaces for services. In my of utopia there would be a DMZ which would contain certain fairly similar services - the HPC cluster, the big data centre, the replication site, etc. You can't just open up access to them from anywhere since this would mean the "science traffic" would be indistinguishable from the rest of the internet traffic, so you have a series of gateways which are sanctioned access points and live at the edge of the DMZ. They allow people from "the internet" to access the DMZ in a trusted manner (hello federation !).
If you don't have a reference implementation (sure, it can be iteratively extended, etc) then it's quite hard to say that your network configuration that you're calling a SDMZ at a site actually is a SDMZ at a site. It is this that I believe the NREN should do and I think it can be done "properly" for reasonable cost, but it must be done in collaboration with a real site where real data will flow, else it's just an academic exercise.
So, yes money talks, but you could just as well say "where there's a will there's a way" - or rather a real use case is needed. So, both the funding model and the usage to drive adoption are needed.
Let's say that there is some kind of proposal-based funding (this would be quite similar to the HPC world where sites bid for funding from NRF to build clusters). Without some coordination there will just be islands of performance where the resources sit. In the HPC world this is bad, but not terrible - but in the network world it's completely counter productive ! So, there should be a "Faster Data" task force whose sole responsibility is to engineer the connections between SDMZ's. This group could be funded by the proposals themselves, as a kind of consultancy service.
Perhaps it's worth them providing some kind of proposal review as well.
In this way, you have aspects of sustainability (part of the funding pays for the bigger picture), as well as collaborative, collective action, which can work against fragmentation. The Task Force is motivated to do good work, since they get credit and cash for it, whilst the NRF or other funding body knows it's spending its money efficiently.
Best of all, the science case wins.