SonicWALL Licensing Server Failure
Tuesday morning December 2nd one of SonicWALL’s Licensing Servers failed to respond correctly to licensing queries from SonicWALL Firewalls. Although this issue has been corrected, it left some SonicWALLs with reduced functionality. SonicWALL devices will disable all licensed content if they are unable to contact a SonicWALL server. Licensed features include:
- Content Filtering
- Client AV
- Gateway AV
- Anti-Spyware
- Intrusion Prevention
- Application Firewall
- E-Mail Filter
If a SonicWALL attempted to contact the misconfigured server during the outage, all of the above features would have been disabled until an administrator logs on and resyncs the device. This action requires the mysonicwall.com username and password. SonicWALL firewalls will still operate as a firewall, denying traffic based on firewall rules. However, neither Intrusion Prevention signatures nor content filtering rules would be in effect. Generally, SonicWALLs are configured to “fail open,” meaning they will allow users to visit any website if the content filter is not working.
Note: For those SonicWALL devices managed by Gladiator, we will be synchronizing all affected devices by the end of the day.
Reference Links:
- SonicWALL Support (http://www.sonicwall.com/us/11087.html)
- The Register (http://www.theregister.co.uk/2008/12/03/sonicwall_licensing_snafu/)
- SANS ISC Diary (http://isc.sans.org/diary.html?storyid=5419)