• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Four Common Security Issues in Distributed Enterprise SD-WAN Deployments

June 27, 2019 By The Editor

Many midmarket businesses and distributed enterprises are implementing SD-WAN to lower costs and make their networks more agile. However, networks that span many remote locations have several unique security risks that are often exacerbated by a move to SD-WAN, especially if the IT team doesn’t take security into account during the rollout. Our Sr. Technical Product Manager Ben Brobak recently wrote a guest article for SD-WAN Resources.com explaining four of these security issues and how they can be prevented. Here’s an excerpt from the article explaining how the move to SD-WAN creates new attack surfaces:

Imagine a collection of remote offices with an MPLS (Multi-Protocol Label Switching) connection that routes all traffic to HQ, where it then passes through a corporate firewall. Since none of the remote locations are exposed to the open internet and the connection is secured at headquarters, it’s fairly safe overall. However, if that company moves to an SD-WAN model, each of those locations now has a physical connection to the internet, exposing them to a staggering number of attacks. For example, in one research trial, a fake AWS server was online for less than a minute before automated hacks began targeting it…This creates new risk even if all of their traffic is still being routed to headquarters and through a firewall via VPN tunnels.

Other risks associated with SD-WAN rollouts are applying security centrally instead of at each location (which allows threats that penetrate the network to freely move laterally once they’re in), forgetting to add firewalls to protect traffic that is now moving across the open internet, and accidentally bypassing the firewall when installing or troubleshooting an SD-WAN appliance.

Read Ben’s full article to learn more about SD-WAN security. WatchGuard offers some SD-WAN services, and using a setup like ours that combines security and SD-WAN in one appliance is one way to solve many of the issue Ben’s article highlights. Read more about what we can offer here on Secplicity, or on our main site here.

Share This:

Related

Filed Under: Editorial Articles, Featured

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use