<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
     xmlns:content="http://purl.org/rss/1.0/modules/content/"
     xmlns:dc="https://purl.org/dc/elements/1.1/"
     xmlns:dcterms="http://purl.org/dc/terms/"
     xmlns:media="http://search.yahoo.com/mrss/"
     xmlns:atom="http://www.w3.org/2005/Atom"
>
    <channel>
                    <atom:link rel="alternate" hreflang="en-GB"
                       href="https://www.itpro.com/uk/feeds/tag/software-defined-wide-area-network-sd-wan"
                       type="application/rss+xml"/>
                            <title><![CDATA[ Latest from ITPro UK in Software-defined-wide-area-network-sd-wan ]]></title>
                <link>https://www.itpro.com/uk/tag/software-defined-wide-area-network</link>
        <description><![CDATA[ All the latest software-defined-wide-area-network-sd-wan content from the ITPro  UK team ]]></description>
                                    <lastBuildDate>Thu, 26 Feb 2026 10:12:05 +0000</lastBuildDate>
                            <language>en</language>
                                <item>
                                                            <title><![CDATA[ Security agencies issue warning over critical Cisco Catalyst SD-WAN vulnerability ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-attacks/security-agencies-issue-warning-over-critical-cisco-catalyst-sd-wan-vulnerability</link>
                                                                            <description>
                            <![CDATA[ Threat actors have been exploiting the vulnerability to achieve root access since 2023 ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">W3nhLCHBdhW9sQ8LSdtdbU</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/tS8HTW7yrXNbExyfrJHDUN-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 26 Feb 2026 10:12:05 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Attacks]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Emma Woollacott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/aWfskavxoVSMDy6cDWtYmJ.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/tS8HTW7yrXNbExyfrJHDUN-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Logo of Cisco, developer of the Cisco ASA (Adaptive Security Appliance) device range, pictured at Mobile World Congress Barcelona 2023.]]></media:description>                                                            <media:text><![CDATA[Logo of Cisco, developer of the Cisco ASA (Adaptive Security Appliance) device range, pictured at Mobile World Congress Barcelona 2023.]]></media:text>
                                <media:title type="plain"><![CDATA[Logo of Cisco, developer of the Cisco ASA (Adaptive Security Appliance) device range, pictured at Mobile World Congress Barcelona 2023.]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/tS8HTW7yrXNbExyfrJHDUN-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Security agencies are warning that a maximum-severity flaw in Cisco Catalyst SD-WAN Controller has been exploited in the wild for years.</p><p>An advisory from CISA noted that threat actors have compromised SD-WANs to add a malicious rogue peer, allowing them to conduct a range of follow-on actions to achieve root access and maintain persistent access.</p><p>"Based on collaboration with international partners and CISA’s forensic analysis, the ease with which these vulnerabilities can be exploited demands immediate action from all federal agencies," said Madhu Gottumukkala, the acting director of the US <a href="https://www.itpro.com/security/what-is-cisa">Cybersecurity and Infrastructure Security Agency (CISA)</a>. </p><p>"We urge all entities to implement the measures outlined in this Emergency Directive without delay. CISA leadership and all (excepted) staff remain committed to fulfilling our mission while protecting the American people.” </p><p>Successful exploitation of <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk" target="_blank"><u>CVE-2026-20127</u></a>, which has a CVSS score of 10, could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. </p><p>Using this account, an attacker could access NETCONF, allowing them to manipulate network configuration for the SD-WAN fabric. </p><p>Cisco Catalyst SD-WANs that have management interfaces exposed to the internet are at most risk of compromise. </p><p>"CISA’s guidance is a clear signal that adversaries are aiming for the control plane, not just individual endpoints. The vulnerability being discussed allows an attacker to reach sensitive management functions without going through normal access checks," said Nick Tausek, lead security automation architect at Swimlane. </p><p>"What makes this especially serious is how quickly a compromised management path can translate into broad influence over how sites connect, which routes are preferred, and what policies are enforced across networks." </p><h2 id="cisco-catalyst-sd-wan-best-practices">Cisco Catalyst SD-WAN best practices</h2><p>According to Cisco, the first thing to check for is any control connection peering event identified in Cisco Catalyst SD-WAN logs, as this may indicate an attempt at initial access via CVE-2026-20127. </p><p>All such peering events require manual validation to confirm their legitimacy, with particular focus on vManage peering types. </p><p>The company warned unauthorized peer connections may appear superficially normal but occur at unexpected times, originate from unrecognized IP addresses, or involve device types inconsistent with the environment's architecture.</p><p>Organizations should move quickly to inventory SD-WAN components, confirm which are internet-facing, and map all management access methods - web UI, SSH, NETCONF, APIs - including which networks and admin accounts can reach them, said Moshe Hassan, VP of research and innovation at Upwind.</p><p>Elsewhere, organizations are urged to restrict management access to known-good sources, Allowlisting trusted IPs/admin networks only, removing public exposure, and segmenting management interfaces behind <a href="https://www.itpro.com/uk/software/vpn">VPN</a>/jump hosts. </p><p>Unsolicited access to management ports and unusual management-plane traffic should be blocked.</p><p>"Patch exposed systems first, or block until you can. Prioritize patching any internet-reachable appliances immediately. If patching can’t happen fast enough, temporarily block management protocols from the internet, disable unused services, and deploy compensating controls (ACLs/IPS rules) until updates are in place," he said.</p><p>"Watch for unexpected new peers/devices in the <a href="https://www.itpro.com/software-defined-wide-area-network-sd-wan/33346/what-is-sd-wan">SD-WAN</a> fabric, suspicious changes to configuration or policy, anomalous admin activity, and unusual lateral connections within the management plane."</p><p>Cisco has published a hardening guide <a href="https://sec.cloudapps.cisco.com/security/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuide" target="_blank"><u>here</u></a>.</p><h3 class="article-body__section" id="section-follow-us-on-social-media"><span>FOLLOW US ON SOCIAL MEDIA</span></h3>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ New Aryaka reseller program offers up to 35% deal margins ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/business/business-strategy/new-aryaka-reseller-program-offers-up-to-35-deal-margins</link>
                                                                            <description>
                            <![CDATA[ The SD-WAN and unified SASE specialist is aiming to “reignite” its reseller partnerships ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">WwaWZv8GHSSTE9kEXS5zSV</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/qM5wx2aM9EmnwYkGgoVSkJ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 26 Apr 2023 09:27:43 +0000</pubDate>                                                                                                                                <updated>Thu, 24 Apr 2025 18:10:27 +0000</updated>
                                                                                                                                            <category><![CDATA[Business Strategy]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (Daniel Todd) ]]></author>                    <dc:creator><![CDATA[ Daniel Todd ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/SRyC34qeLpNDj3dJtsVDhT.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/qM5wx2aM9EmnwYkGgoVSkJ-1280-80.jpg">
                                                            <media:credit><![CDATA[Aryaka]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Aryaka company logo against a sky blue background]]></media:description>                                                            <media:text><![CDATA[Aryaka company logo against a sky blue background]]></media:text>
                                <media:title type="plain"><![CDATA[Aryaka company logo against a sky blue background]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/qM5wx2aM9EmnwYkGgoVSkJ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Unified secure access edge (SASE) and SD-WAN solutions provider Aryaka has cut the ribbon on IGNYTE, a new reseller initiative that sits within its Accelerate Global Partner Program. </p><p>The program has been designed to facilitate between 25-35% margins on each partner deal, as well as provide discounts and sales and marketing support that focuses on pipeline creation.</p><p>In an announcement, Aryaka said it’s aiming to “reignite” its partnerships with value-added resellers (VARs) and systems integrators around the world.</p><p>This focus will be especially strong across EMEA, where the firm has key relationships with businesses such as Deutsche Telekom and CDW.</p><p>“IGNYTE enables resellers to offer market-leading <a href="https://www.aryaka.com/managed-sase/">unified SASE </a>solutions quickly through our ‘as a service’ model,” said Craig Patterson, senior vice president of global channels. </p><p>“We offer competitive margins and low risk with no upfront investment or revenue commitments. Plus, we offer white-label and co-management options.”</p><p>Headquartered in San Mateo, California, Aryaka specializes in fully managed SD-WAN and unified SASE solutions, claiming to offer flexible architecture and all-in-one services to help companies of any size modernize their business.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="sgtt22VkANBHJQxy2MfqDh" name="Using cloud-based, AI-driven management to improve network operations_listing.jpg" caption="" alt="Whitepaper with title and logos and summary on dark blue background" src="https://cdn.mos.cms.futurecdn.net/sgtt22VkANBHJQxy2MfqDh.jpg" mos="" link="" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div><figcaption itemprop="caption description" class=""><span class="credit" itemprop="copyrightHolder">(Image credit: Juniper Networks)</span></figcaption></figure><p class="fancy-box__body-text"><strong>IDC: Using cloud-based, AI-driven management to improve network operations</strong></p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/technology/artificial-intelligence/idc-using-cloud-based-ai-driven-management-to-improve-network-operations"><strong>DOWNLOAD FOR FREE</strong></a></p></div></div><p>The firm has been making moves to strengthen its channel activity over the last 18 months.</p><p>Back in January 2022, it launched the Aryaka Accelerate Global Partner Program, which unified its partner-led go-to-market strategy under a single framework.</p><p>At the time, the company said its new streamlined initiative would help partners find expanded revenue opportunities through its all-in-one <a href="https://www.itpro.com/software-defined-wide-area-network-sd-wan/33346/what-is-sd-wan"><u>SD-WAN</u></a> and SASE solutions.</p><p>In January 2023, Aryaka <a href="https://www.itpro.com/channel/369808/aryaka-names-new-vice-president-of-channel-sales-for-emea"><u>announced the appointment of Jon Selway</u></a> as its new vice president of channel sales for EMEA. The seasoned channel pro now leads the new reseller initiative across the region as part of the wider Accelerate program.</p><p>“We’re excited to introduce IGNYTE to our partner community,” Selway said. “Our new SD-WAN and SASE offerings tailored to small and midmarket enterprises are aligned with our partners’ <a href="https://www.itpro.com/business-strategy/31699/what-is-a-gtm-strategy"><u>go-to-market</u></a> models. And our free services promotion will help IGNYTE partners capture market share.”</p><p>Last month, Aryaka unveiled a revamped enterprise <a href="https://www.itpro.com/business-operations/31711/what-is-a-managed-it-service"><u>managed service</u></a> experience for small and medium enterprises (SMEs), promising to deliver high-performing and easy-to-use solutions starting at less than $150 per site.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
            </channel>
</rss>