EU - Admin Console Access and Authentication Incident
Incident
Report for SafeNet Trusted Access
Postmortem
Resolved
Authentication & Console Services have remained stable after intervention on our end. We are closing the incident now and continue to monitor closely for any abnormalities.
We will communicate when we fail back to the Primary site.
We will communicate when we fail back to the Primary site.
Update
We continue to investigate the issues. All services are working nominally from our secondary site and they continue to do so. We will continue to provide updates as they become available.
Update
For customers manually pointing to the Primary site Radius IP address, Push services may fail. To mitigate this, you may either use manual OTP generation or manually point Radius to our Failover IP address - see below.
Primary RADIUS Server IP: 34.77.242.204:1812 Primary Agent: cloud.eu.safenetid.com:443
Failover RADIUS Server IP: 35.246.223.136:1812 Failover Agent: cloud.eu.safenetid.com:443
For customers who need to configure a secondary disaster recovery site please refer to STA EU configuration here: https://supportportal.thalesgroup.com/csm?id=kb_article_protected&sys_id=b7af9a474f1cbfcc102400818110c77e
Primary RADIUS Server IP: 34.77.242.204:1812 Primary Agent: cloud.eu.safenetid.com:443
Failover RADIUS Server IP: 35.246.223.136:1812 Failover Agent: cloud.eu.safenetid.com:443
For customers who need to configure a secondary disaster recovery site please refer to STA EU configuration here: https://supportportal.thalesgroup.com/csm?id=kb_article_protected&sys_id=b7af9a474f1cbfcc102400818110c77e
Monitoring
All core Primary services have been verified as stable and running from the Secondary environment. We are still testing the other services.
Update
Testing is underway to ensure all services run on the secondary site.
Identified
We have begun the fail-over process to the secondary site
Update
The issue is still there on the Primary Side hence we are moving the traffic from the EU Primary Region to the EU DR Region in a short while.
Investigating
The SafeNet Trusted Access monitoring system has detected a problem with Console Access, API and SAML Authentication for some customers.
Issues in Admin console may have an impact on your ability to access and manage tokens, users, provisioning, policies, application configuration, and other management operations.
SAML/OIDC Authentication issues can affect users ability to authenticate or access business applications configured with STA.
The Thales Incident Response Team is actively investigating this problem and will update this incident with additional information as it becomes available.
Issues in Admin console may have an impact on your ability to access and manage tokens, users, provisioning, policies, application configuration, and other management operations.
SAML/OIDC Authentication issues can affect users ability to authenticate or access business applications configured with STA.
The Thales Incident Response Team is actively investigating this problem and will update this incident with additional information as it becomes available.
This incident affected: EU Service Zone (Authentication Services, Admin Consoles).
X
STA Service Zone
STA Service Zone
Once logged into their STA console accounts, both STA operators and users with access to the console can easily identify the STA Zone hosting their environment by checking the URL displayed.
- The following URLs refer to the following zone:
- STA Classic Zone: https://sta.safenetid.com/
- STA EU Zone: https://sta.eu.safenetid.com/
- STA US Zone: https://sta.us.safenetid.com/
STA Classic Zone
URL: https://sta.safenetid.com/home/dashboard.
STA Classic Zone Screenshot
STA Classic Zone Screenshot
STA EU Zone
URL: https://sta.eu.safenetid.com/home/dashboard.
STA EU Zone Screenshot
STA EU Zone Screenshot
STA US Zone
URL: https://sta.us.safenetid.com/home/dashboard.
STA US Zone Screenshot
STA US Zone Screenshot
X
Incident Categories
Operational
All systems are operational
Degraded Performance
- Authentication Services ? : One or more methods impacted but works intermittently i.e. RADIUS service
- Admin Console ? : One or both consoles are intermittently accessible and users cannot perform functionalities within console
- End User Services ? : One or more methods impacted and not accessible for users i.e. Self-Service
- Push Delivery ? : One or more methods impacted and not accessible for users i.e. Push OTP
- Management ? : One or more methods impacted and not accessible for users i.e. SOAP Management API
Partial Outage
- Authentication Services ? : One or more methods fails completely i.e. RADIUS
- Admin Console ? : Users are not able to access either one of the consoles
Major Outage
- Authentication Services ? : All the methods are down, all customers are impacted
- Admin Console ? : Users are not able to access both consoles, cannot log in completely
Maintenance
There is a planned upcoming maintenance.
Have questions or need help?
Technical Support Website
Technical Support Website
© 2021 Gemalto. All rights reserved.