Versa SASE ZTNA SWG RBI CASB NGFWaaS SD-WAN Routing Analytics
  Deployment Options Multi-tenancy Automation
  SASE Components Endpoints Appliances Control & Management Cloud Gateways
SASE ROI Calculator

SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.

Try It Now
Solution Overview Work-from-Home Solutions WAN Edge Solutions Secure SD-WAN Security Routing Lean IT Solutions
Industry Solutions Architecture Education Energy & Utilities Engineering & Construction Federal Government Financial Services Healthcare Hospitality
  Legal Manufacturing Public Sector Retail Satellite ISP Technology Transportation
SASE ROI Calculator

SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.

Try It Now
Our Customers Customer Acclaim Customer Videos Customer Support
Case Studies Top Energy Firm Global Satellite Provider Global Pharmaceutical Company Large Food Retailer National Dental Practice Global Retailer Global Financial Services Firm
  Global Credit Card Payments Company Cloud/SaaS Digital Marketing Firm McLaren Racing Limited Leading Media and Communications Service Provider Fortune 500 Financial Services Company
Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

Case Study
Partner Overview Program Summary Technology Partners Microsoft Azure Google Cloud Dell Technologies
Titan for Partners Find a Partner Become a Partner Partner Portal
 
Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

Read the Report
What’s New SASE ROI Calculator Analyst Reports Webinars
Videos Datasheets Solution Briefs White Papers & eBooks
Versatility 2022 Product Documentation Versa Academy
Gartner Magic Quadrant for WAN Edge Infrastructure

Gartner Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Read the Report
Company Overview Leadership Team Our Investors Awards Contact Us
News Latest News Press Releases Media Coverage Events
Careers Current Openings Life at Versa Cultural Values
Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

Watch the Video
Secure Access Service Edge What are the Major SASE Components? What is Secure Web Gateway? What is ZTNA? What is CASB?
A Quick Introduction to SASE Architecture How to Adopt SASE Primary SASE Challenges Network Transformation with 5G
Why is SASE Necessary? What Kind of Company Should Use SASE? What are the Primary SASE Benefits? How Can SASE Help You and Your Organization?
Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location.

Read the Brief
What is SD-WAN? SD-WAN Tutorial SD-WAN Technology Choosing a Vendor
Hybrid WAN Cloud WAN IDS/IPS
 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

Read the Brief

The Modern Secure
Network Blog

Research Lab

The SolarWinds Hack: Understanding SolarStorm’s SUNBURST Backdoor

jayesh-gangadas
By Jayesh Gangadas Patel
Senior Threat Analyst, Versa Networks
December 21, 2020

FireEye recently provided information about the widespread attack campaign registered against components of the SolarWinds Orion platform. The SolarWinds Orion platform has a huge customer base of 300,000 clients and issued this advisory on Sunday, December 20th

In this blog post, we will focus on answering specific questions that organizations may have regarding the SolarWinds attack. 

Some notable points to consider: 

  • Supply chain was the specific target with the compromise of SolarWinds Orion platform
  • As per the recently filed SEC report: of the 300,000 customer base, fewer than 18,000 customers were known to have the trojanized version of the Orion software running
  • In the wake of this highly sophisticated attack, SolarStorm threat actors created a legitimate, digitally signed backdoor, SUNBURST, as a trojanized version of the SolarWinds Orion plug-in
  • The scope of this threat has been observed to deliver multiple payloads, focused mainly on memory-only droppers such as the FireEye-dubbed Teardrop and Cobalt Strike Beacon
  • Command and Control (C&C) traffic pretends traffic coming from a legitimate Orion improvement program
Am I at risk even if I don’t use the the SolarWinds Orion platform?

As of now, the only known component compromised within SolarWinds has been identified as the Orion platform. If your organization does not use the Orion platform, it is not at risk. In addition, only customers running the updated Orion platform between March and June 2020 are likely to be compromised. The affected versions are 2019.4 HF 5, 2020.2 with no hotfix installed, or with 2020.2 HF 1. For more information about the affected products, please follow the link to the SolarWinds Security Advisory.

How do I detect if my organization has a possible backdoor? 

At the time of writing and based on the signatures and various indicators released thus far, all Versa Networks customers are protected with the specific detectors being released for the SolarWinds Orion platform trojan activity. Please see the list below for released signature detection that detects the vulnerability based on IPS subscription:

1000015902_Backdoor_SUNBURST_Communication_Attempt.rules

1000015903_Backdoor_SUNBURST_Communication_Attempt.rules

1000015905_Backdoor_SUNBURST_Communication_Attempt.rules

1000015906_Backdoor_SUNBURST_Communication_Attempt.rules

1000015907_Backdoor_SUNBURST_Communication_Attempt.rules

1000015908_Backdoor_SUNBURST_Communication_Attempt.rules

1000015909_Backdoor_SUNBURST_Communication_Attempt.rules

1000015910_Backdoor_SUNBURST_Communication_Attempt.rules

1000015911_Backdoor_SUNBURST_Communication_Attempt.rules

1000015912_Backdoor_SUNBURST_Communication_Attempt.rules

1000015913_Backdoor_SUNBURST_Communication_Attempt.rules

1000015914_Backdoor_SUNBURST_Communication_Attempt.rules

1000015915_Backdoor_SUNBURST_Communication_Attempt.rules

1000015916_Backdoor_SUNBURST_Communication_Attempt.rules

1000015917_Backdoor_SUNBURST_Communication_Attempt.rules

1000015918_Backdoor_SUNBURST_Communication_Attempt.rules

1000015919_Backdoor_BEACON_Communication_Attempt.rules

1000015920_Backdoor_BEACON_Communication_Attempt.rules

1000015921_Backdoor_BEACON_Communication_Attempt.rules

1000015922_Backdoor_BEACON_Communication_Attempt.rules

1000015923_Backdoor_BEACON_Communication_Attempt.rules

1000015924_Backdoor_BEACON_Communication_Attempt.rules

1000015925_Backdoor_BEACON_Communication_Attempt.rules

1000015926_Backdoor_BEACON_Communication_Attempt.rules

1000015927_Backdoor_BEACON_Communication_Attempt.rules

1000015928_Backdoor_BEACON_Communication_Attempt.rules

Protective measures will continuously be updated as new details related to this threat activity emerge. Apart from the countermeasures recommended by the Versa Security Team, there are additional steps customers need to take if using any of the above mentioned SolarWinds Orion platforms:

  1. Identify all of the SolarWinds systems inside the organization and work towards an update to the Orion Platform version 2020.2.1 HF2 now available for all customers.
  2. Evaluate guidelines related to the update of SolarWinds systems as per the resources listed below:
Resources

CISA Announcement for SolarWinds

SolarWinds Security Advisory

Secure Orion Platform


Topics



Recent Posts

Tony Garcia
Making the Right Selection: Single-Vendor SASE or Unified SASE?
By Tony Garcia
November 18, 2022
Mickey Singh
Why Versa Unified SASE is Best Suited for Enterprises?
By Mickey Singh
November 3, 2022
Versa Staff
Streaming Services With the Best Content, According to Viewers
By Versa Staff
October 19, 2022
Avik Bose
SWG VS FWaaS
By Avik Bose
October 17, 2022
Jon Taylor
Ransomware and What It Could Cost You
By Jon Taylor
October 17, 2022


Top Tags


Gartner Research Report

Gartner Magic Quadrant for WAN Edge Infrastructure

Gartner Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.