The National Security Agency has released a new report outlining recommendations for mitigating security risks associated with software-defined networking controllers, also known as SDNCs.
NSA said Tuesday SDNCs work as a centralized network management server to control access to applications, making them a high-priority target for cyberthreat actors looking to gain control of an entire network environment.
“Although convenient for network administrators, they can become a single point of failure and a high priority target for malicious cyber actors if not secured properly,” said Ryan Larson, technical director for system threats and vulnerability analysis at NSA.
To reduce vulnerability to compromise, the agency recommended that organizations control access to the SDNC management interface, prevent viewing of sensitive information in network traffic, protect critical data at rest and only allow the authorized SDN controller to configure network devices.
Organizations must also restrict unauthorized or unauthenticated network devices from joining the SDN environment and control access to SDNC application programming interfaces.
