SD-WAN Threat Landscape

Software Defined Wide Area Network (SD-WAN or SDWAN) is a modern conception and an attractive trend in network technologies. SD-WAN is defined as a specific application of software-defined networking (SDN) to WAN connections. There is growing recognition that SDN and SD-WAN technologies not only exp...

Full description

Saved in:
Bibliographic Details
Published in:arXiv.org 2018-11
Main Authors: Gordeychik, Sergey, Kolegov, Denis
Format: Article
Language:English
Subjects:
Cybersecurity
Software development
Software-defined networking
Threat models
Threats
Wide area networks
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Software Defined Wide Area Network (SD-WAN or SDWAN) is a modern conception and an attractive trend in network technologies. SD-WAN is defined as a specific application of software-defined networking (SDN) to WAN connections. There is growing recognition that SDN and SD-WAN technologies not only expand features, but also expose new vulnerabilities. Unfortunately, at the present time, most vendors say that SD-WAN are perfectly safe, hardened, and fully protected. The goal of this paper is to understand SD-WAN threats using practical approach. We describe basic SD-WAN features and components, investigate an attack surface, explore various vendor features and their security, explain threats and vulnerabilities found in SD-WAN products. We also extend existing SDN threat models by describing new potential threats and attack vectors, provide examples, and consider high-level approaches for their mitigations. The provided results may be used by SD-WAN developers as a part of Secure Software Development Life Cycle (SSDLC), security researchers for penetration testing and vulnerability assessment, system integrators for secure design of SD-WAN solutions, and finally customers for secure deployment operations and configurations of SD-WAN enabled network. The main idea of this work is that SD-WAN threat model involves all traditional network and SDN threats, as well as new product-specific threats, appended by vendors which reinvent or introduce proprietary technologies immature from a security perspective.
ISSN:2331-8422