SSL/TLS provides network security and privacy over the Internet for web, email, instant messaging (IM) and virtual private networks (VPNs). The Heartbleed bug has been identified as a serious vulnerability in the OpenSSL cryptographic software library. The Heartbleed bug’saccess to systems protected by vulnerable versions of the OpenSSL software, poses a serious compromise to data and network integrity.
Hillstone Networks has verified and confirmedthat there is no impact to any of its product lines from any exposure to the HeartbleedOpenSSL vulnerability, including OpenSSL 1.0.1 and 1.0.2-beta.
The Hillstone product lines include:
• Next-Generation Firewall M/G Series
• Data Center Firewall X Series
• Intelligent Next-Generation firewall T Series
• Management Platform HSM
• Log and Audit Management Platform HSA
• IPS platform NIPS
We ask our customersto update their IPS signatures to version 1.0.193 in order to detect and block any vulnerability in their own systems and environments.
Our recommendationsinclude:
1. Thoroughly check all services and applications that use SSL and identify those using OpenSSl 1.0.1 and 1.0.2-beta versions
2. Update the IPS signatures to the 1.0.193
It is critical that businesses with services and applications running with the SSL protocol make a public announcement and have their customers reset passwords or change SSL certificates, as required.