Security Notice

  • SECURITY Updates +

    Latest Security Issues

  • POODLE Update +

    Systech has analyzed the recent SSL vulnerability known as POODLE. Although the possibility of compromising a communication link using a SysLINK or IPG product is low, we are updating our products to eliminate the possibility altogether.

    There have been no reported issues with Systech products.

    Here are some additional details. Systech SysLINK and IPG gateways all use the TLS 1.0 security protocol which is recommended by security experts. However, many network devices fall back to SSLv3 if one of the two communicating devices do not support TLS. The POODLE vulnerability takes advantage of this behavior and tricks the communicating devices to switch from TLS 1.0 to SSLv3. Then, POODLE attempts to take advantage of vulnerabilities specific to SSLv3.

    Reportedly the POODLE vulnerability is far more difficult for potential invaders to actually make use of than, say, the HeartBleed problem. To trip up a connection with POODLE, a couple difficult things need to happen. 1) There needs to be a man-in-the-middle attack. So some device along the path from the client to the server needs to be compromised and be doing the attack. 2) The attacker needs to trigger many retries of the data, manipulating the data going back and forth over many iterations.

    The vulnerability may be eliminated by updating either side of the communication link (the server side or the gateway side). So as servers are updated, the vulnerability is eliminated even if the gateway is not yet updated. Also, if the gateway is updated, then vulnerability is eliminated, independent of the server update.

    Systech is committed to the security of your data, and we will continue to monitor for security vulnerabilities.

    [last updated 10-21-14]

  • BASH/SHELLSHOCK Update +

    Systech has completed a review of all software systems with regard to a security issue identified as the “Bash Bug”, also known as "Shellshock". We have determined that Systech hardware is not affected since Bash is not installed on any model. Also, Systech web services (such as SOUP) are not affected since Bash scripts are not invoked. However, as a precaution, all Systech web services have been updated with a patch. Systech is committed to the security of your data, and we will continue to monitor for security vulnerabilities.

    [last updated 10-7-14]

  • HEARTBLEED Update +

    The Heartbleed bug is an issue found in OpenSSL cryptography libraries widely used to secure Internet traffic.  Systech’s implementation of OpenSSL does not allow the Heartbleed exploit to gain access to any secure data.  All information from the gateway remains intact.  However, recently there has been an increasing level of network traffic, actively probing for Heartbleed vulnerabilities.  We have found these probes  may cause some Systech gateways to go-offline.  The gateway data is secure, but the gateway becomes inaccessible in some cases.

    This Heartbleed offline issue is only present on models which begin with “IPG” or “NDS”.  All SysLINK “SL” models are unaffected by Heartbleed.

    As a quick solution, we have updated the gateway configurations of accessible units to block the Heartbleed probes.  Once the configuration has been updated on the Systech Online Update Protocol (SOUP) server, the gateway will automatically download and install the updated configuration during its normal update cycle which occurs periodically.  We are testing a more permanent software solution that will be available once testing is complete.

    It has been reported that many network-based products from many different companies may have been vulnerable to the Heartbleed exploit.   Systech is committed to the security of your data, and will continue to monitor the network for further vulnerabilities.

    Rest assured that all data on a Systech gateway is secure.

    [last updated 04-29-14]

  • 1

Hardware Support

See latest hardware support information.