Astaro released a bad update causing their firewall products to fail to route traffic to some networks and VPNs. Astaro customers notified the company of the problem and received a swift solution. Details and apology from the Astaro blog, excerpts below:
[..] What happened? Today at 6:07 CEST our Up2Date servers began distributing Intrusion Prevention System (IPS) patterns (version 12404) which included two rules (numbers 15851 and 16576) that were incompatible with the version of the IPS engine used in ASG 7.5. The IPS stopped working following the update and, on systems with IPS enabled, all traffic was blocked due to the IPS fail-closed policy. At 9:30 CEST our Up2Date servers began distributing IPS pattern version 12405 which corrected the error and we alerted all of our partners via email about the situation. Systems with IPS activated could not download the new patterns because all network connectivity was blocked. As is usual, systems with IPS deactivated do not download new patterns either. Immediately our support team began distributing instructions to our partners on how to resolve this problem. After further testing of this solution, we communicated the final instructions on how to resolve the situation to all of our partners via email at 11:44 CEST. Then, incredibly, at 12:25 CEST our Up2Date servers began distributing Anti Virus (AV) pattern version 12407 which included a signature incompatible with the AV engine our systems are running. On systems with Dual AV Scanning enabled the Web proxy was not working and the Mail proxy was not forwarding email. Our Up2Date servers began distributing the corrected patterns at 13:20 CEST and the issue corrected itself automatically once the systems loaded version 12410 of the patterns. At 13:15 CEST we notified our partners via the Up2Date Blog about the incident. [..]