Security News
Enea, a global supplier of innovative software components for telecommunications and cybersecurity, and Videns IT Services, a network independent service provider delivering fully managed SD-WAN and Secure Access Service Edge services, announced that they have entered into a partnership enabling Videns to deliver second-generation SD-WAN solutions and services to customers worldwide. The services will be based on Enea NFV Access, a virtualization platform for universal Customer Premise Equipment.
To meet the demands of a dynamic business environment, many organizations are finding that SD-WAN is ideal for providing fast, scalable, and flexible connectivity between different network environments. With the proper SD-WAN solution in place, organizations can quickly support digital transformation objectives while ensuring business continuity across an expanding remote workforce with minimum IT staff and infrastructure resources.
As small to mid-sized businesses use more bandwidth every year to modernize their companies, Kinetic Business is proud to announce a SD-WAN solution to help manage their usage. Kinetic Business SD-WAN is built upon VeloCloud technology from VMware, an industry leader in SD-WAN solutions.
The flaw exists in Cisco IOS XE. This Linux-based version of Cisco's Internetworking Operating System is used in Cisco software-defined wide area network routers. In March, Cisco issued 24 patches tied to vulnerabilities in its IOS XE operating system.
Any SD-WAN strategy needs to have security embedded from the outset, with a design that ensures traffic inspection and security policies are applied as close to where data resides as possible. Some networking vendors have recognized the importance of this and converged their SD-WAN and security solutions to provide a single point for consistent management of network and security configuration.
Application performance, impacted by network complexity at the edge and in the cloud, is the key enterprise concern this year for organizations implementing SD-WAN, according to Aryaka. "Modern applications are being distributed across on premises data centers, multiple public clouds and edge locations. This is creating more complexity and greater dependency on the network to ensure optimal application performance as confirmed by the Aryaka report," said Bob Laliberte, Sr. Analyst and Practice Director at ESG. "Organizations need WAN solutions that deliver performance, flexibility and simplicity to overcome that complexity. This is driving interest in managed SD-WAN offerings that combine application optimization and secure connectivity, to any location, from any location, including access and support for remote workers."
Cisco has patched a clutch of high-priority vulnerabilities in its SD-WAN routers and their management software that admins will want to apply as soon as possible. The latter is a privilege escalation vulnerability in the SD-WAN management software used with a range of Cisco routers, including the vEdge 100 Series, 1000 Series, 2000 Series, 5000 Series, and Cloud Router.
Cisco has fixed five security vulnerabilities in its Software-Defined WAN Solution, two of which could allow an authenticated, local attacker to either gain root privileges on the underlying operating system or to inject arbitrary commands that are executed with root privileges. While there is no indication that these flaw are being actively exploited, no workarounds addressing the vulnerabilities exist so upgrading to the Cisco SD-WAN Solution software release 19.2.2.
Cisco has issued a series of security updates for its SD-WAN and Webex software, just when they're most needed. The five CVE-listed bugs are down to what Cisco calls "Insufficient input validation," and the avenues to exploit it range from SQL to HTTP requests.
If exploited, the flaws could enable bad actors to execute commands with root privileges on affected systems. The three flaws are located in various Cisco hardware and software products running the company's SD-WAN software earlier than Release 19.2.2.