SonicWALL server switches off protective functions
Users of SonicWALL security gateways may have been unprotected against remote attack for a while, without their knowledge. A problem with the SonicWALL licensing server switched off the content filter, intrusion prevention and antivirus protection in some of its products.
SonicWALL says this occurred because a particular licensing server gave incorrect responses, resetting some product licence keys so that they could not be successfully validated to use the gateways and run these services. With protection services disabled, users were able to visit web sites that the content filter would normally have blocked, intrusion prevention no longer identified attacks, and the virus filter stopped scanning.
SonicWALL says the problem began on 2 December at 2 am (Pacific Time) for as yet unidentified reasons and affected the SonicWALL UTM Firewall Appliances PRO series, TZ series and NSA series Appliances, all SonicWALL Email Security Appliances, and Email Security Software. The SonicWALL Content Security Manager Appliances and Continuous Data Protection Appliances also failed to do their job.
The problem is now said to have been solved. SonicWALL has posted instructions (MySonicWall login required) for registered users, detailing the resolution steps for resynchronising the licences for each product. SonicWALL is apologising to its customers for any inconvenience caused by this issue and says it will take corrective actions to avoid any problems of this nature from recurring.