License server glitch exposes SonicWall users to e-mail security threats
Vendor says it has fixed problem; angry customers blast company in user forum
Computerworld - A technical problem in a license management server at SonicWall Inc. created havoc earlier today for users of the company's e-mail security products, leaving many customers temporarily unprotected against spam, phishing and malware threats while others were unable to log into their own systems.
Colleen Nichols, a spokeswoman for SonicWall, said Tuesday evening that the Sunnyvale, Calif.-based vendor had resolved the server issue as of noontime PST and that affected customers could "resynchronize their licenses" by visiting the customer support section of the company's Web site.
It wasn't immediately clear how many customers were affected by the license server glitch. But numerous users posted angry messages on a forum on the SonicWall site during a period that lasted for several hours.
According to a user who reported the problem to Computerworld via e-mail, the glitch affected all customers of SonicWall's ES series of e-mail security appliances, based on what he was told by a person he described as the vendor's "general support ticket-taker."
The user, who asked not to be identified, said that during the overnight hours from Monday into Tuesday, SonicWall's license manager erroneously reset the license keys for products installed on his systems and those of other customers, thereby making the licenses appear to be invalid.
"Very early this morning," Nichols confirmed via e-mail, "one server in SonicWall's licensing server pool that handles distribution of [antivirus] signatures and license keys malfunctioned." The malfunction caused "some" license keys to be reset, requiring them to later be resynchronized with SonicWall's servers, she said.
The company shut off the problematic license server "shortly after it began malfunctioning, and at the same time proactively stopped automatic license key updates while we verified the integrity of the rest of our licensing servers," Nichols wrote. During that period, customers were still able to manually download updates and resynchronize their licenses through the company's Web site, she added.
Nichols said that SonicWall was working to contact customers believed to have been affected by the problem to ensure them that the technical issues had been resolved.
In posts on the user forum, a person named Jody Spoor who identified himself as a senior technical support engineer at SonicWall said that the company had been alerted about the problem "as early as we could be" and had taken immediate steps to prevent the issue from spreading further.
Typically, a problem with a license server shouldn't result in local product registration information being lost, Spoor said in one post. But for some reason, the registration information was lost "for a number of units," he added. Spoor recommended a manual work-around for affected customers while SonicWall worked to fix the technical snafu.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Endpoint Security White Papers | Webcasts