Networking vendor Huawei Technologies is under fire because security researchers say its routers are easily hacked....
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
What's your take? Is there legitimate cause for concern with the security of Huawei enterprise networking equipment?
Ask the Expert!
Have questions about network security for expert Matt Pascucci? Send them via email today! (All questions are anonymous.)
You ask if there is cause for concern with Huawei router security, and, as of right now, there doesn't seem to be anything tangible. The apple doesn't fall far from the tree, however. If vulnerabilities were able to pass through the QA process of the models in question, there's a reasonable chance that there are vulnerabilities in the enterprise network equipment that haven't been discovered.
Here are a few things to look for concerning the security of Huawei routers, should you have any on your network:
- Determine what the vulnerability is and if the vendor is putting out a patch that will remediate this issue. As of now, while writing this article, there was no valid patch for the vulnerabilities found. I'd see if there are any updates that you can subscribe to in order to keep updated on the status of the issue.
- Call your rep at Huawei Technologies, get an idea of what's going on and demand an update. This might help with getting a time frame for a patch/upgrade and what can be done now about the vulnerability.
- Keep logging or start logging your company's network. Log everything from these devices and determine if someone's trying to exploit them. If you don't have a patch or a time frame for a patch, you need to proactively monitor these routers much closer. Now that the vulnerability is out there, criminals will start scanning networks in search of these devices. If you see them, block them promptly.
- Lastly, if there isn't a good response from Huawei on how to handle the issue or a patch to fix the vulnerability, it might be time to search for a new vendor. This might sound brash, but your network's security is too important to leave unprotected.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Matthew Pascucci
A new version of the Ursnif Trojan uses mouse movements to bypass security efforts by beating sandbox detection. Expert Matthew Pascucci explains how...continue reading
Adobe Flash's end of life is coming, and it includes an incremental removal method, allotting security teams enough time to adjust. Matt Pascucci ...continue reading
Explore the differences of public versus private bug bounty programs, as well as the benefits of each one. Expert Mathew Pascucci explains the risk ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.