Astaro released a bad update causing their firewall products to fail to route traffic to some networks and VPNs. Astaro customers notified the company of the problem and received a swift solution. Details and apology from the Astaro blog, excerpts below:


What happened?

Today at 6:07 CEST our Up2Date servers began distributing Intrusion Prevention System (IPS) 
patterns (version 12404) which included two rules (numbers 15851 and 16576) that were 
incompatible with the version of the IPS engine used in ASG 7.5. The IPS stopped working 
following the update and, on systems with IPS enabled, all traffic was blocked due to the 
IPS fail-closed policy.

At 9:30 CEST our Up2Date servers began distributing IPS pattern version 12405 which corrected 
the error and we alerted all of our partners via email about the situation.

Systems with IPS activated could not download the new patterns because all network 
connectivity was blocked. As is usual, systems with IPS deactivated do not download new 
patterns either.

Immediately our support team began distributing instructions to our partners on how to resolve 
this problem. After further testing of this solution, we communicated the final instructions 
on how to resolve the situation to all of our partners via email at 11:44 CEST.

Then, incredibly, at 12:25 CEST our Up2Date servers began distributing Anti Virus (AV) pattern 
version 12407 which included a signature incompatible with the AV engine our systems are 
running. On systems with Dual AV Scanning enabled the Web proxy was not working and the Mail 
proxy was not forwarding email.

Our Up2Date servers began distributing the corrected patterns at 13:20 CEST and the issue 
corrected itself automatically once the systems loaded version 12410 of the patterns.

At 13:15 CEST we notified our partners via the Up2Date Blog about the incident.


main page ATTRITION feedback