SafeNet Trusted Access EU/US incident

Classic -Radius Authentication Services Incident

SafeNet Trusted Access EU/US experienced a minor incident on December 24, 2024 affecting Authentication Services and Admin Consoles and 1 more component, lasting 2d 19h. The incident has been resolved; the full update timeline is below.

Started: Dec 24, 2024, 07:27 PM UTC
Resolved: Dec 27, 2024, 03:00 PM UTC
Duration: 2d 19h
Detected by Pingoru: Dec 24, 2024, 07:27 PM UTC

Affected components

Authentication ServicesAdmin ConsolesEnd User Services

Update timeline

investigating Dec 24, 2024, 07:27 PM UTC

The SafeNet Trusted Access monitoring system has detected a problem with Radius Authentication Services. This may impede your ability to authenticate using RADIUS, SAML/OIDC applications, Admin Consoles, and any other authentication services using STA. Issues with RADIUS will impede your access to VPN and other network assets. It appears that there are many illegitimate requests being sent to STA via some customer auth nodes, creating delays in Radius response. We are attempting to mitigate the impact, however, we encourage our customers to review their Radius traffic being sent to us and block any suspicious IPs/Requests. Increasing Radius timeout values until the incident is resolved should prove to be effective in allowing Radius authentications to complete successfully. The Thales Incident Response Team is actively investigating this problem and will update this incident with additional information as it becomes available.
resolved Dec 27, 2024, 03:00 PM UTC

As the deluge of requests has slowed, we will close this incident. However, we do recommend continuing to review the nature of the requests being sent to customer Radius gateways and block any suspicious activity proactively.