Does SD-WAN have major Security Flaws? yes.

SD-WAN created the SASE segment

SASE (Secure Access Service Edge) has blown up over the last 12 months. Many organizations are quickly pivoting to incorporate an SD-WAN + SASE strategy for their network operations. The underlying issue is the numerous security flaws. This is a major challenge organizations must accept as they move to software-defined solutions.

While hardware based solutions have had security flaws, bugs, an loopholes, the fact that they previously relied on dedicated on-premise devices added a fundamental layer of security. As cloud first technologies take hold, security becomes increasingly paramount.

Staggering SD-WAN Security Holes

In a recent reddit post on r/networking, two users jemilk and LucidZulu identified a number of organizations that publicly disclose their security bugs and advisories.

Here is a short list of available Security Advisories. While many of these bugs expand pass SD-WAN specific advisories, the importance of updating these technologies regularly is critical.

Juniper Security Advisories

Cisco Bug Search Tool (You can google Cisco Bugs and see specific bugs, but need to be logged in to use the tool and see a list)

F5 Networks

Palo Alto Networks

Silverpeak

SD-WAN Vulnerability Disclosure is key

There are notable absent names on this list. These providers either do not disclose the bugs publicly and likely have alternative reporting methodologies. It’s worth noting the importance of public transparency around these issues to help organizations fix these holes quickly and effectively.