Classic -Radius Authentication Services Incident
Incident
Report for SafeNet Trusted Access
Resolved
As the deluge of requests has slowed, we will close this incident. However, we do recommend continuing to review the nature of the requests being sent to customer Radius gateways and block any suspicious activity proactively.
Investigating
The SafeNet Trusted Access monitoring system has detected a problem with Radius Authentication Services.
This may impede your ability to authenticate using RADIUS, SAML/OIDC applications, Admin Consoles, and any other authentication services using STA.
Issues with RADIUS will impede your access to VPN and other network assets.
It appears that there are many illegitimate requests being sent to STA via some customer auth nodes, creating delays in Radius response. We are attempting to mitigate the impact, however, we encourage our customers to review their Radius traffic being sent to us and block any suspicious IPs/Requests.
Increasing Radius timeout values until the incident is resolved should prove to be effective in allowing Radius authentications to complete successfully.
The Thales Incident Response Team is actively investigating this problem and will update this incident with additional information as it becomes available.
This may impede your ability to authenticate using RADIUS, SAML/OIDC applications, Admin Consoles, and any other authentication services using STA.
Issues with RADIUS will impede your access to VPN and other network assets.
It appears that there are many illegitimate requests being sent to STA via some customer auth nodes, creating delays in Radius response. We are attempting to mitigate the impact, however, we encourage our customers to review their Radius traffic being sent to us and block any suspicious IPs/Requests.
Increasing Radius timeout values until the incident is resolved should prove to be effective in allowing Radius authentications to complete successfully.
The Thales Incident Response Team is actively investigating this problem and will update this incident with additional information as it becomes available.
This incident affected: Classic Service Zone (Authentication Services, Admin Consoles, End User Services).
X
STA Service Zone
STA Service Zone
Once logged into their STA console accounts, both STA operators and users with access to the console can easily identify the STA Zone hosting their environment by checking the URL displayed.
- The following URLs refer to the following zone:
- STA Classic Zone: https://sta.safenetid.com/
- STA EU Zone: https://sta.eu.safenetid.com/
- STA US Zone: https://sta.us.safenetid.com/
STA Classic Zone
URL: https://sta.safenetid.com/home/dashboard.
STA Classic Zone Screenshot
STA Classic Zone Screenshot
STA EU Zone
URL: https://sta.eu.safenetid.com/home/dashboard.
STA EU Zone Screenshot
STA EU Zone Screenshot
STA US Zone
URL: https://sta.us.safenetid.com/home/dashboard.
STA US Zone Screenshot
STA US Zone Screenshot
X
Incident Categories
Operational
All systems are operational
Degraded Performance
- Authentication Services ? : One or more methods impacted but works intermittently i.e. RADIUS service
- Admin Console ? : One or both consoles are intermittently accessible and users cannot perform functionalities within console
- End User Services ? : One or more methods impacted and not accessible for users i.e. Self-Service
- Push Delivery ? : One or more methods impacted and not accessible for users i.e. Push OTP
- Management ? : One or more methods impacted and not accessible for users i.e. SOAP Management API
Partial Outage
- Authentication Services ? : One or more methods fails completely i.e. RADIUS
- Admin Console ? : Users are not able to access either one of the consoles
Major Outage
- Authentication Services ? : All the methods are down, all customers are impacted
- Admin Console ? : Users are not able to access both consoles, cannot log in completely
Maintenance
There is a planned upcoming maintenance.
Have questions or need help?
Technical Support Website
Technical Support Website
© 2021 Gemalto. All rights reserved.