Does SD-WAN have major Security Flaws? yes.
SD-WAN created the SASE segment
SASE (Secure Access Service Edge) has blown up over the last 12 months. Many organizations are quickly pivoting to incorporate an SD-WAN + SASE strategy for their network operations. The underlying issue is the numerous security flaws. This is a major challenge organizations must accept as they move to software-defined solutions.
While hardware based solutions have had security flaws, bugs, an loopholes, the fact that they previously relied on dedicated on-premise devices added a fundamental layer of security. As cloud first technologies take hold, security becomes increasingly paramount.
Staggering SD-WAN Security Holes
In a recent reddit post on r/networking, two users jemilk and LucidZulu identified a number of organizations that publicly disclose their security bugs and advisories.
Here is a short list of available Security Advisories. While many of these bugs expand pass SD-WAN specific advisories, the importance of updating these technologies regularly is critical.
Cisco Bug Search Tool (You can google Cisco Bugs and see specific bugs, but need to be logged in to use the tool and see a list)
SD-WAN Vulnerability Disclosure is key
There are notable absent names on this list. These providers either do not disclose the bugs publicly and likely have alternative reporting methodologies. It’s worth noting the importance of public transparency around these issues to help organizations fix these holes quickly and effectively.