This post was originally published on ZPE Systems
But from a security standpoint, there’s a bigger problem: the attack surface is much larger with in-band management. If an attacker breaches the production network, they’ve got a direct path to the management plane. It’s highly likely that they’ll move laterally from customer-facing systems to control interfaces. When an attacker controls an ISP’s network, they control the business, too.
Shared Access Gives Attackers Broad Control
In many environments, console access isn’t given the proper zero-trust treatment it deserves. Instead, it’s about convenience. Engineers, NOC staff, and third-party vendors will often share access paths, credentials, and devices without segmentation.
This is how small mistakes turn into major security events. A lack of segmentation means that all it takes is one set of credentials to be misplaced or stolen, and an attacker gains broad control. They can move laterally across devices, regional sites, and backbone routers faster than defenders can respond.
Poor Visibility Leaves Soft Spots…Soft
Breaches always come with the same question: What happened?
This is impossible to answer in traditional environments because it’s difficult to find the evidence. Legacy solutions lack detailed logs and audit trails, so there’s no way to get a clear picture of the attack. Security teams can’t
— Read the rest of this post, which was originally published on ZPE Systems.
