We’ve been receiving a lot of inquiries regarding the Heartbleed Bug, a vulnerability in the popular Open SSL cryptographic software library. Simply put as described at heartbleed.com, “The Heartbleed bug allows anyone on the internet to read the memory of systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.”
Because of the significant number of inquiries we’ve received, we thought it prudent to provide our customers (and future customers) an official company post assuring you that our Cloud Load Balancer or any other component of our cloud platform is not vulnerable to this bug. This includes our support portal, cloud management portal and everything else. We do not have OpenSSL version 1.01 through 1.01f inclusive deployed on any public-facing systems.
Here is a handy test tool that you can use. If you are a Load Balancing customer and utilize our SSL_BRIDGE protocol method, which is essentially SSL pass-through (we do not encrypt or decrypt, we just send the traffic along), we encourage you to test your systems to see if they are vulnerable. If they are, please don’t blame us 🙂 There are some helpful strategies at the heartbleed.com link above.
Please rest assured that we continue to take the security of our platform and our customer applications and information very seriously here. If you have any questions or concerns regarding this, please create a support ticket.
The Total Uptime team
Ironically after writing a blog post earlier today commenting on how ISPs are not the best organization to handle DNS because it is not their core competency, AT&T suffered a significant DNS outage that affected many customers across the United States for many hours. Network World has a few more details as does ComputerWorld. AT&T did not release […]
In 1959 there was a fire in the Pentagon. It resulted in seven million dollars’ worth of damage, taking out three mainframe computers. In today’s currency that would be $58.1 million. The National Fire Protection Agency (NFPA) was then tasked with creating rules and regulations to manage risks in computer environments. They came up with […]
DNS is the critical first link in a Website’s ability to load quickly for its users. Cloud solutions don’t mean much if your DNS system isn’t giving you great performance and the level of granulized control you need. High performance and granular control have always been focal points for our business here, and the existing demand […]
As the global pool of IPv4 space continues to diminish every day, organizations are looking to deploy IPv6 at an ever increasing pace. But sometimes it’s just plain difficult, especially when it requires a complete overhaul of your local network. Some organizations can implement dual-stack just fine, but for other organizations who host websites or applications at […]