Tuesday, January 10, 2012

Communication with MAV - 7 Jan 2012

There was a communication issue with Managed AntiVirus on 7 January ... information is posted at GFIMAXSTATUS --

The issue was not with any of the GFIMAX infrastructure, but a DNS issue:

Several customers have reported receiving a significant number of “No communication from MAV Agent…” alerts this past weekend.

Unfortunately, the reason for this was that the DNS provider with whom we host the DNS records used by the Managed Antivirus Agent suffered a catastrophic DDoS attack which rendered all of their DNS constellations non-responsive for a period of approx. 1 hour starting around 9pm GMT on Saturday 7th January. The attack was a combination SYN, ICMP and DNS Flood, in excess of 1 Gig/sec across our anycast IPs with packets per second ranging from 500K to 1M across each nameserver. Our provider identified the target domain and delegated this away from their nameservers ...
Note that steps are already being taken by both GFIMAX and the DNS provider to avoid similar issues in the future.   We apologize for any inconvenience this may have caused.