Cisco Viptela’s SD-WAN Problems Persist

Cisco Viptela’s SD-WAN Problems

Last week it emerged that Cisco Viptela’s SD-WAN problems persist. A high-severity insufficient input validation flaw was discovered within Cisco’s IOS XE software for SD-WAN routers.

While Cisco’s incident response team was unaware of any exploitation of the vulnerability, they acknowledged that a successful exploit could allow an attacker to execute commands with root or superuser privileges.

This incident is not isolated. Cisco’s IOS XE software has been plagued with security issues over the past few months:

With 20,000 customers around the world using Cisco’s Viptela and Meraki SD-WAN offerings, these bugs represent a significant threat.

Cisco Viptela’s SD-WAN Problems

The ongoing Cisco SD-WAN problems are likely related to the complexity of integrating what was previously standalone SD-WAN functionality — including data management — with Cisco’s proprietary switch, router, and firewall operating system.

According to Gartner’s Magic Quadrant for WAN Edge Infrastructure, Cisco’s SD-WAN, powered by Viptela on the IOS XE platform, has stability and scaling issues, as reported by Gartner clients and Cisco channels.

Some customers who have purchased Cisco ISR hardware during the past few years have informed Gartner that they had to upgrade their hardware platforms to support Viptela due to throughput limitations.

Security Vulnerabilities

More Security Vulnerabilities Likely

Cisco has broad, separate, and overlapping SD-WAN offerings that don’t share a common management platform, hardware platform, or sales team. Given that Cisco IOS has a huge number of features to manage and maintain, it is likely that more security issues will crop up in the future.

If you’re an MSP that relies on high-performance, secure SD-WAN to deliver services to your clients, you need to ask yourself: can your company afford a security vulnerability that could damage your reputation irreparably?

Avoid Cisco Viptela’s SD-WAN problems and choose an SD-WAN solution that’s built for service providers.

Simplified SD-WAN for Service Providers

With Turnium SD-WAN, managed service providers can maintain control of the customer experience and ensure maximum security for their clients’ infrastructure.

Turnium’s packet-based link load balancing provides physical security against intercepts. This means that even if an attacker gained access to a single circuit, only a portion of the packets would be revealed, rendering the content useless. AES128/256 and Salsa20 encryption provide further levels of security.

Plus, Turnium is agnostic so it works with any core node server or edge infrastructure the service provider wants to use.

Skip Cisco Viptela’s SD-WAN problems and talk to us today.