NSA Issues Recommendations to Protect Software Defined Networking Controllers – National Security Agency

Official websites use .gov
Secure .gov websites use HTTPS

FORT MEADE, Md. – The National Security Agency (NSA) has released the Cybersecurity Information Sheet (CSI), “Managing Risk from Software Defined Networking Controllers.” The report provides recommendations to help National Security Systems (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators mitigate the risks associated with software driven network management solutions, such as Software Defined Networking Controllers (SDNC).

SDNCs allow enterprises to configure networking and security policies and control access to applications from a centralized location. SDNCs enable dynamically pushing configurations out to network devices within the Software Defined Networking (SDN) environment, greatly reducing the number of separate devices an administrator must access to keep them updated. If these functions are compromised by malicious cyber actors, they can access the SDNC and perform management functions as if they were a legitimate administrator. SDNCs provide beneficial centralized enterprise network management, but such centralized management makes them a high priority target for adversaries.

“SDNCs are packaged solutions for using a single point to manage the entire network,” Ryan Larson, the NSA Technical Director for System Threats and Vulnerability Analysis. “Although convenient for network administrators, they can become a single point of failure and a high priority target for malicious cyber actors if not secured properly.”
 
The CSI indicates that a typical SDNC communicates across two separate types of network flows, one for managing the SDNC and the other for configuring network devices. For both flows, the network traffic contains authentication and configuration information which could be vulnerable to man-in-the-middle techniques or passive viewing if the information is not adequately protected.
 
The CSI mentions potential attack surfaces and threats that can enable misconfigurations and further malicious activities, such as accessing sensitive configuration and authentication data.
 
SDNC environments require additional oversight to prevent both malicious activity and unintentional changes to the network. NSA recommends network administrators implement the mitigations listed in the report, including the following:
Control access to the management interface
Secure sensitive information in network traffic
Protect critical data at rest inside the controller
Limit device configuration to the authorized SDNC only
Do not let unknown devices join the SDN environment
Control access to SDNC APIs

Read the full report here.
Visit our full library for more cybersecurity information and technical guidance.
NSA Media Relations
MediaRelations@nsa.gov
443-634-0721
Civil Liberties, Privacy, & Transparency Office

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *