September 21, 2018 11:22AM BST September 21, 2018 10:22AM UTC
[Investigating] We have received reports that some customers are seeing issues with VPN connectivity and connections to services using SSL via the N4 Protect firewall platform
Engineers are currently working on the platform to restore service. This will involve a failover event to the secondary firewall
The platform and associated services are at risk while this work is undertaken
September 21, 2018 11:38AM BST September 21, 2018 10:38AM UTC
[Identified] The platform has been failed over which has restored service for customers
We are currently engaging with the vendor to identify root cause
The platform remains at risk
September 21, 2018 2:48PM BST September 21, 2018 1:48PM UTC
[Identified] It has been identified that we need to complete a reboot of the primary appliance. This will be completed out of hours this evening
We continue to investigate with vendor TAC as to the root cause
September 21, 2018 5:46PM BST September 21, 2018 4:46PM UTC
[Identified] An emergency maintenance has been raised for tonight at 10pm to reboot the primary appliance. Following the reboot traffic will be moved back to the primary firewall.
A further emergency maintenance has been scheduled for 10pm on Sunday evening (23rd September) to upgrade the firmware on both firewalls
September 21, 2018 10:17PM BST September 21, 2018 9:17PM UTC
[Identified] Work to reboot the firewall is beginning now
A further update will be provided in one hour
September 21, 2018 11:18PM BST September 21, 2018 10:18PM UTC
[Monitoring] The reboot has corrected the problem. Full platform resilience has been restored and traffic has been moved back to the primary firewall
We will continue to monitor the firewalls closely over the weekend
August 15, 2018 4:55PM BST August 15, 2018 3:55PM UTC
[Investigating] As of 09am 15th August 2018, Node4 have been aware of the discovery of a new “speculative execution side-channel" type vulnerabilities within Intel processors. Called L1 Terminal Fault (L1TF) or "Foreshadow", this vulnerability concerns processors with SMT technology which could allow malicious code running on one thread to access data from the other thread's L1 cache within a single core.
Of the 3 discovered variants only L1FT VVM could affect Node4 Cloud services. L1FT / Foreshadow vulnerability is extremely complex to implement and only a proof of concept , developed in the laboratory, validated its existence. While there is currently no single fix for the vulnerabilities, a number of vendors have released suggested mitigations and remediation(s). As these are released, we’ll assess, test, coordinate and deploy accordingly across our environment. We will communicate to affected customers if actions that would impact their environments are required.
Node4 takes security of its clients and its own infrastructure extremely seriously and work closely with our partners, manufacturers and publishers, to improve the security of our infrastructure every day.
This complex and evolving situation will be monitored by Node4 Security Operations Centre to ensure our customers’ environments are protected, and we’ll do that in the least impactful manner possible.
Node4 Technical Support
September 18, 2018 8:58AM - October 16, 2018 8:58AM BST September 18, 2018 7:58AM - October 16, 2018 7:58AM UTC
SIPLink Derby, SIPLink Leeds
Over the coming weeks we will be performing ongoing maintenance to our SIPLINK platform. This will require customers to update the IP addresses used for our SBCs in their configuration. We do not expect any disruption or risk to the platform as a whole and any impact of customer specific changes will be discussed prior to changes taking place.
We will be contacting customers directly to provide notice and further details before any changes are made and if you have any questions either prior to or after a the change please contact our support desk.