OpenSSL Heartbleed bug created shock waves to all the users across the globe when many websites and users are rushing to change passwords to protect themselves against what is considered to be the most threatening cyber-attack against the Internet in history.
-Array Networks (News - Alert) Inc., announced that Array Networks products are NOT exposed to the OpenSSL Heartbleed vulnerability. Unlike hardware and software vendors that have integrated OpenSSL into core product and service offerings, Array is unaffected because the company uses a proprietary SSL stack to process SSL, TLS and DTLS service traffic.
Array products – including APV, vAPV, AG, vxAG and EOS products (TMX, SPX) – use the company’s proprietary SSL stack to process all SSL, TLS and DTLS service traffic. The Array products are not affected by this OpenSSL Heartbleed vulnerability.
Michael Zhao, president and CEO of Array Networks said in a statement, “As a leader in SSL acceleration and SSL VPN, we are happy to report that Array is not affected by this recent OpenSSL vulnerability. The time and attention we pay to creating our own implementations not only deliver superior performance, scalability and economics for customers that transact business on the Web, it also ensures that customers are not exposed to vulnerabilities that so often arise from use of open technologies.”
Additionally, Array products only have limited usage of OpenSSL for WebUI and SSH management. The versions of OpenSSL used by Array products are not affected by the OpenSSL Heartbleed vulnerability so management traffic on Array products is also not affected by the vulnerability.
Array’s proprietary SSL implementation is less vulnerable to exposure and delivers additional significant advantages to customers. For businesses requiring 2048-bit or 4096-bit SSL acceleration, Array supports industry-leading scalability and performance on every entry-level, mid-range and high-end appliance.