SonicWall server glitch leaves networks unprotected

Updated 3:36 p.m. PST with SonicWall comment.

An outage at SonicWall's licensing server disabled subscription-based security services for customers for at least several hours on Tuesday, according to the company and an angry customer.

Beginning around 2 a.m. PST, "some SonicWall products contacting a particular SonicWall licensing server began receiving erroneous responses," the company said in an e-mail notice to customers sent around 5:40 p.m. PST on Tuesday.

"You are receiving this mail because our monitoring systems indicate that your SonicWall product(s) may have been affected. This may have caused the product license key to be reset, and in some cases may have affected the products' operation," the notice said. "The issue has been corrected and all servers and licensing functions have been restored."

The notice listed affected products as SonicWall UTM Firewall Appliances-PRO series, TZ series and NSA series; all SonicWall Email Security Appliances and Email Security software; SonicWall Content Security Manager Appliances; all Continuous Data Protection Appliances; and SGMS managed appliances.

I was shocked this would happen. It's like buying a car and because General Motors servers go down your car stops working

--John Wilson, president of Avalon Technology Consultants

It was unclear how long the outage lasted and how many customers were affected.

SonicWall spokeswoman Colleen Nichols sent CNET News this statement Wednesday afternoon: "Yes, very early yesterday, one server in SonicWALL's licensing server pool that handles distribution of signatures and license keys malfunctioned. This malfunction caused some customers' license keys to be reset, requiring them to be resynchronized. SonicWALL shut off this server shortly after it began malfunctioning, and at the same time proactively stopped automatic license key updates while we verified the integrity of the rest of our licensing servers. During this period, customers were still able to manually download updates and resynchronize their licenses through mysonicwall.com. As of noon yesterday, our license server pool is online and available, and affected customers can resynchronize their licenses through their product user-interface."

Customers who believe they are affected can go to SonicWall's Web site to get more information about resynchronizing their licenses keys, she said.

At least one customer was wondering why the operation of vital services would be tied to a server used for validating licenses.

"I was shocked this would happen," John Wilson, president of Avalon Technology Consultants, told CNET News. "It's like buying a car and because General Motors servers go down your car stops working."

Avalon, which manages about 50 SonicWall firewalls for its customers, noticed at about 10 a.m. PST on Tuesday that the firewalls were reporting that the antivirus, antispyware, and intrusion prevention services were not longer functioning, he said.

SonicWall advised customers to check all devices to be sure they were functioning, which "is not an insignificant task," he added.

"We have been recommending and installing SonicWall firewalls for our clients for several years, and we had no idea that the devices would stop working when SonicWall's servers went offline," Wilson wrote in an e-mail to CNET News.

"We believe that this is a serious security flaw with the potential to compromise security for tens of thousands or even millions of networks, and we believe this should be brought to the industry's attention," he wrote.

[tekwiz4u]

I'm not really a big fan for subscription based software. These type of software not only puts the customerat risk, but it brings forefront that customers are held hostage if anything were to happen with authentication servers. Same goes with Symantec, Trend Micro, and others that employ this type of technology. If you pay for a years license, it should be hardcoded into the customer product, and have it talk to the server when it nears the license expiration date. That way if they're offline, the network is still protected. Not to the other way around. This company is a EPIC fail.

[Dalkorian]

Exactly, I couldn't agree more.

[humanssssss]

The whole objective of every company is to hold their customers hostage. You want to get as much money from your customers as possible before they leave and never come back.

[gggg sssss]

same issues w saleforce, netledger, soon microsoft, google apps, amazon services. Never never never allow your clients to buy into one of these house of cards schemes. You dont want some server jockey to forget to plug it in and have your whole busness crash around your ears. And the new MS WGA seems to be an opportunity for disaster as well.

[Dalkorian]

WGA is the exact reason I'm a known hater of all things M$. Not only is there the issue you see (server down - computer denied to owner), but an update can do this as well when the update has a bug in it (that's what bit me).

I wouldn't use winblows for anything but a powerful game console if it was the last OS on the planet. Linux rules!

[Sausagebiscuit]

This is called DRM. Your software has to phone home in order to stay working. This is a prime example of why DRM is hated so much. It is not just games that have DRM, as you can see here. This might not be as bad as say SecuROM system-wise, but it still leaves you without access to a product you paid for because some server failed somewhere be it hardware issue or some whack job working on it and breaks it.

Any software that has to phone home to keep working is no software I will ever use.