Firewall change killed Saps network for hours

[Hanno Labuschagne]

Firewall change killed Saps network for hours

The State Information Technology Agency (Sita) has confirmed an outage that took down internal and public-facing networks of the South African Police Service (Saps) on Tuesday and Wednesday.

Among its impacts, the issue resulted in the Saps website being inaccessible and police officers having to register cases by hand.

 

[konfab]

Following troubleshooting, the agency determined that the root cause of the outage was related to maintenance carried out by one of its service providers, which Tlali would not name.

“There was a change in the configuration of the firewall,” Sita said. “The maintenance was not done in a change-controlled environment and in accordance with the protocols.”

Nah bruv, don't worry with a backup, just push the config. Our BEE certificate means we are qualified to do this work.

 

[Mike Angelo]

Wonder if they are still using the old CAS mainframe system...

 

[DapperDanMan]

Fúck around...
Find out!

 

[HAL 9000]

 

[Mr Scratch]

Nobody picked this up?

Sita spokesperson Tlali Tlali said the problem occurred just after 22:00 on Tuesday, 17 January 2024, after which the agency immediately dispatched its technical teams to investigate.

 

[Jet-Fighter7700]

somebody is in deep doo doo.
but then again, SAPS is so useless that nobody could tell the difference!

 

[Iamn0tageek]

ag jinne

 

[r00igev@@r]

The SAPS uses Checkpoint Firewalls.

 

[Jet-Fighter7700]

The SAPS uses Checkpoint Firewalls.

the Tenda was for Cisco, but the Cadre brought a Bentley and didn't deliver, so Checkpoint it is.

 

[InvisibleJim]

Someone got confused. They were supposed to lose some firearms but f**** up the firewall instead.

It's a totally understandable error - firewall/firearm, it's very confusing.

 

[mpdjhb]

The SAPS uses Checkpoint Firewalls.

Don't tell the SA lawyers at the Hague

 

[UB40]

 

[Danie_V]

“The maintenance was not done in a change-controlled environment and in accordance with the protocols.”

Why has an external provider got this access to do something like this on their own? Especially when they seem oblivious of the protocols required, and they end up breaking it. Strongly suggests they are not competent, and should not have had this access on their own. I'm a bit suspicious that they are not named, as there is no-one to deny the story or deny it. It's time we started knowing who these background players are who are messing up services, corrupting, etc.

Sounds a bit like a Microsoft patch being blindly applied ;-)

 

[r00igev@@r]

“The maintenance was not done in a change-controlled environment and in accordance with the protocols.”

Why has an external provider got this access to do something like this on their own? Especially when they seem oblivious of the protocols required, and they end up breaking it. Strongly suggests they are not competent, and should not have had this access on their own. I'm a bit suspicious that they are not named, as there is no-one to deny the story or deny it. It's time we started knowing who these background players are who are messing up services, corrupting, etc.

Sounds a bit like a Microsoft patch being blindly applied ;-)

You are correct. However, the statement is weird. Who requested the maintenance? Was the maintenance a standard change?
Obviously there are no protocols.

 

[Went_For_Beer]

I know SITA contracts EOH for many services and infrastructure upgrades. Could possibly be a intern at EOH that was playing around on a live system

 

[Went_For_Beer]

Or they didnt pay someone for services and was suspended. This is the most likely case

 

[r00igev@@r]

I know SITA contracts EOH for many services and infrastructure upgrades. Could possibly be a intern at EOH that was playing around on a live system

Their networks transits DimData?