News

Citrix Touts Its SD-WAN Security After Hackers Breach Internal Network

• By David Ramel
• 03/11/2019

Citrix Systems Inc. touted the enhanced security capabilities of its software-defined wide-area network (SD-WAN) solution only days after news that "international cyber criminals gained access to the internal Citrix network."

In a March 8 blog post, Citrix announced that the FBI had notified the company of the breach.

"While our investigation is ongoing, based on what we know to date, it appears that the hackers may have accessed and downloaded business documents," the company said. "The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised."

An NBC News report attributed the attack to Iranian-based hackers.

According to Citrix, the FBI believes the "password spraying" approach was used in the attack by hackers, who got into the network via weak passwords and then used their internal access to subvert other security layers.

Two days after that breach post, the company published a news release with the headline "Citrix Raises Bar for SD-WAN Security."

"The company today announced next-generation capabilities within its SD-WAN solution that enable enterprises to easily administer user-centric policies and connect branch employees to applications in the cloud with greater security and reliability," the release said.

Security is reportedly boosted via integration with a series of third-party APIs to work with other products like the Zscaler Cloud Security Platform.

The statement highlighted easier administration for tasks such as synchronizing local information with the Citrix SD-WAN management plane via the API integration, along with simplified branch networking in its SD-WAN solution, though it didn't specify what was new or when new functionality was added.