Any technology has its own security challenges to face; that's true even of advanced ones. SD-WAN is known for being able to improve performance and security for organizational networks, but that doesn't mean that there aren't SD-WAN security challenges to address as well. Before your organization adopts SD-WAN technology, you should be aware of the following SD-WAN challenges and risks, and have plans to address them.
Root Privilege Vulnerabilities in SD-WAN
Early in 2020, multiple root privilege vulnerabilities were discovered and patched in SD-WAN. These three vulnerabilities could have been used to compromise networks, routers and controller software. One such exploit allowed malicious attackers to execute arbitrary commands with root privileges. This is an extraordinarily dangerous situation and could easily compromise virtually any network. Furthermore, there were not any workarounds for the vulnerabilities; users needed to push through the patch that Cisco provided to make sure that the vulnerabilities were addressed.
The bright side of these types of vulnerabilities and attacks is that they are patched out quickly. The darker side is that companies are particularly vulnerable to these types of attacks the moment they are discovered — before they have been patched. If companies aren't patching their software solutions as quickly as possible, they are much more likely to fall prey to these types of exploits.
Inconsistent Security Frameworks
Organizations need to apply security evenly throughout their network. When it comes to an SD-WAN, experts have seen organizations fail to properly secure the new environment. The primary SD-WAN connection must be secured and integrated into other security solutions. Web filtering, network access control, SSL inspection and more should all be part of a single security strategy. When first implementing SD-WAN, companies should be well aware of the strategy frameworks that they want to use, and they should have an MSP or other security partner provide an overview of their security strategies.
Forgetting About or Bypassing Firewalls
An organization's exposed attack surface can expand when an SD-WAN network is implemented. One of the most common errors when migrating to an SD-WAN solution is either forgetting about or bypassing firewalls. Companies may start to use routers to protect themselves rather than firewalls or may forget to configure their firewalls again when they have switched to SD-WAN. Either way, what's most important is for the organization to look at their firewalls and make sure they're still providing the protection that they need. Many organizations that are using SD-WANs and firewalls may actually bypass their firewall inadvertently, sending traffic through tunnels or troubleshooting applications and then forgetting to restore their firewall settings.
Not Investing in Security
When organizations are switching over to SD-WAN, there can be multiple primary impulses. Some organizations want to switch over to SD-WAN because they are interested in improving security. But others are just interested in creating a faster or more efficient network.
When organizations are primarily interested in performance benefits, they may not spend the time to invest in security and make sure that everything is properly configured and controlled. Organizations should always have a security specialist or security partner who can review their new infrastructure to make sure that it's both high-performing and secure.
That being said, SD-WANs will often save an organization money over time in terms of security, as the total cost of ownership is low. It's only the initial setup of the SD-WAN that may take additional investment and work.
Failing to Configure Their Network
Finally, the SD-WAN approach is often touted as being a "one click" or "low touch" approach. In other words, it's just supposed to work. And while in many scenarios it does "just work," it does need to be properly configured by a professional. This isn't just for security but also for performance. SD-WAN, like any other technology, needs configuration for better protection.
Companies need to make sure their data is being properly secured, encrypted and controlled, and that monitoring and analysis will tell them in the event that something has happened that needs to be mitigated or addressed. Furthermore, there should be continued management and maintenance of the SD-WAN solution, as well as investments in upgrades for security in the future. The more an organization puts into their configuration, the better the network will operate for them.
SD-WAN technology can be groundbreakingly important to many companies. But that doesn't mean that they don't have some security and vulnerability challenges to overcome. If your organization is interested in the benefits of SD-WAN technology, but concerned about the potential drawbacks, the best thing to do is consult with a professional. Find out more about SD-WAN management with Red River.