Endian Heartbleed Impact

As you may be aware, there has been a major security vulnerability in an open source encryption package (OpenSSL) called “Heartbleed”. This vulnerability has a major potential for impact and has many people scrambling to figure out if they are at risk and steps need to be taken to address any issues.

  • Endian Products & Services
    First, we are happy to report that NONE of the Endian UTM product family (hardware, software, and virtual) are exposed to this vulnerability for any version of Endian! We have also verified that Endian Network and all of it’s services are not impacted by the Heartbleed vulnerability as well. This means that you do not need to take any action with you or your customer’s Endian appliances in order to address this vulnerability as it specifically relates to Endian and it’s use of SSL technology. This does NOT mean you or your customers are completely safe from Heartbleed.
  • General Advice
    Given that Endian is a gateway router that generally protects internal servers you should do you due diligence to ensure that you and your customers networks are safe. Verify that none of their internal services or the services they utilize (like hosted/cloud services) are affected. You can utilize this online tool to check your own servers to see if they are vulnerable. Then you can check here to see if any of your services are affected and whether you should take action. If your vendor is not listed, then go to their website or search them in Google to find information on any potential vulnerability and their recommended solution. Lastly, educate yourself (if you haven’t already) and go to the following site to learn more about this issue.

Endian  understands itself as a security first and as such we want to ensure our partners and customers remain as safe as possible from Internet threats and potential vulnerabilities. If you have any questions or concerns, please don’t hesitate to contact us.

Your Endian Team.