INAP Operational Transparency
Monitoring - Dear INAP Customer,

By now, you’ve likely come across a plethora of news articles and blogs illustrating the severity of the Log4Shell vulnerability. INAP has been closely monitoring the situation since its initial discovery, maintaining continuous engagement with our security, development, and engineering teams. Here’s what you need to know:

What is Log4Shell?

Log4Shell is a software vulnerability first published publicly on December 10th,2021 with alleged claims of exploits “in the wild” as early as the beginning of the month. Specifically, this flaw can be found in Log4j, which is a java library for logging error messages in applications. This is an open-source library developed by the Apache Software Foundation and is a key component to Java logging framework. This vulnerability maintains a CVSS score of 10, which is the highest possible severity. If exploited successfully, a remote attacker can execute arbitrary code which may expose sensitive data, cause damage to data and/or gain control over the server. For more details, please see https://nvd.nist.gov/vuln/detail/CVE-2021-44228

Why do I care about Log4j?

While you may have been unaware of the existence of this library and may not use it for your own application, it’s important to understand that many commercial applications do utilize the library and may be vulnerable. As an example, several management tools and appliances provided by network manufacturers are known to be exposed. Several popular software applications (or components of) such as some Atlassian products, Elasticsearch, Splunk, HPE, Dell and Solarwinds have all published advisories, with the majority supplying software patches/updates to remediate. Some components of VMware are also known to be affected, with workarounds published and patches in development. This highlights only a small few of the many applications that could be at risk. The National Cyber Security Centrum of the Netherlands has posted a running list on github, which can be viewed at https://github.com/NCSC-NL/log4shell/tree/main/software . As always, if you are unsure whether your application is at risk, please engage with your software vendor directly.

Is INAP vulnerable?

INAP’s engineering and development teams, in conjunction with the Office of the CISO, have conducted an extensive audit and mitigation effort across all platforms. While some systems are known to utilize the log4j library, we have validated that none of these components are exposed or at risk to compromise. Additional workarounds have been implemented to eliminate traces of risk where necessary, and engineers continue to work closely with applicable software vendors to apply permanent patches immediately as they become available. To further supplement the effort, INAP has amended its internal traffic monitoring tools to detect and alert on any attempts of an attack and react if necessary. None of the network components in use by INAP infrastructure or used to provide our services (routers, switches, firewalls, load-balancers) use Log4j and therefore are not open to attack.

Are you vulnerable?

In the spirit of transparency, it’s important to note that INAP customers utilizing Virtual Private Cloud and Dedicated Private Cloud products are on a VMware platform. One component particularly in use utilizes Log4j called vCenter Server. However, in all cases this “virtual appliance” is not exposed to the public in any fashion and protected through network restriction policies. Accordingly, your environment is not presently at risk even though Log4j is utilized in vCenter Server. There is no patch available from VMware yet, but once released, the fixes will be applied immediately.

For all customers, we highly encourage you to check with your various software vendors and apply updates where necessary and as swiftly as possible. Our support staff is always available to answer any questions or give guidance on the right direction for contact.

Happy Holidays from INAP and stay safe!
Dec 23, 07:30 CST
Monitoring - A fix has been implemented and we are monitoring the results.
Jan 24, 12:25 CST
Investigating - We have identified degraded connectivity on our Cloud Connect cluster in Phoenix. We are currently investigating the issue.
Jan 24, 10:49 CST

About This Site

The network and cloud service status information on this site currently applies to the following INAP data centers (formerly SingleHop Data Centers): CHI-3, PHX-1, NYC-1, AMS-1, CT-1. Additional INAP services and data centers will be added soon. Click subscribe above for automatic network status and operational updates.

Cloud Services Partial Outage
LEAP3 ? Operational
SingleHop API ? Operational
AI Infrastructure ? Operational
CHI-3 Veeam Cloud Connect ? Operational
PHX-1 Veeam Cloud Connect ? Partial Outage
CHI-3 Zerto DRaaS Operational
PHX-1 Zerto DRaaS Operational
NYC-1 Zerto DRaaS Operational
Data Centers - Network and Power Uptime Operational
CHI-3 ? Operational
PHX-1 ? Operational
NYC-1 ? Operational
AMS-1 ? Operational
NYJ-4 Operational
LON-8 ? Operational
SEF-3 ? Operational
WDC-2 ? Operational
ACS - Atlanta Operational
Virtual Private Cloud Infrastructure Operational
CHI-3 Virtual Private Cloud Operational
PHX-1 Virtual Private Cloud Operational
NYC-1 Virtual Private Cloud Operational
Public Cloud Infrastructure Operational
CHI-3 Public Cloud Operational
AMS-1 Public Cloud Operational
PHX-1 Public Cloud Operational
Managed Storage (MH) Operational
Managed Storage - ACS ? Operational
Managed Storage - DAL006 ? Operational
Managed Storage - NYJ004 ? Operational
Managed Storage - SJE011 ? Operational
Bare Metal Services Operational
San Jose SJC01 Bare Metal Servers Operational
San Jose SJC01 Cloud Servers Operational
Dallas DA01 Bare Metal Servers Operational
Dallas DA01Cloud Servers Operational
New York NYJ001 Bare Metal Servers Operational
New York NYJ001 Cloud Servers Operational
Amsterdam AMS01 Bare Metal Servers Operational
Amsterdam AMS01 Cloud Servers Operational
Singapore SIN001 Bare Metal Servers Operational
Singapore SIN001 Cloud Servers Operational
Hong Kong HKG004 Bare Metal Servers Operational
Hong Kong HKG004 Cloud Servers Operational
INAP Customer Tools Operational
Ticketing systems Operational
Phone Support Operational
Customer portal Operational
INAP website ? Operational
Horizon Dashboard ? Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Past Incidents
Jan 26, 2022

No incidents reported today.

Jan 25, 2022
Completed - The scheduled maintenance has been completed.
Jan 25, 19:00 CST
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Jan 25, 15:00 CST
Scheduled - Start Time: Tuesday January 25, 2022, 22:00 CET (UTC+1)
End Time: Wednesday January 26, 2021, 02:00 CET (UTC+1)

Event Locations: AMS6 and AMS7 data centers

Impact: Packet loss and added latency

Event description: INAP engineers will re-home transport equipment in the Amsterdam area which will briefly interrupt a subset of Internet circuits for the AMS6 and AMS7 Data Centers as well as between the AMS6 and CHG1 (Chicago) Data Centers. Some packet loss and added latency may be observed as routes re-converge.

Thank you,
INAP Support
Jan 21, 13:07 CST
Jan 24, 2022

Unresolved incident: Phoenix Veeam Cloud Connect service degraded.

Jan 23, 2022

No incidents reported.

Jan 22, 2022

No incidents reported.

Jan 21, 2022

No incidents reported.

Jan 20, 2022
Resolved - This incident has been resolved.
Jan 20, 06:56 CST
Identified - Hello,
At approximately 11;53 EST the INAP NOC was alerted to multiple backbone circuits down out of the Dallas region. Customers may have seen packet loss and/or latency as network traffic across those links was shifted to redundant paths. Customers may also notice an increase in latency from Dallas to New York and Atlanta because of this event. We apologize for any impact this may have caused. The INAP NOC is following up with our fiber provider and will provide updates as they become available. If you have any questions please contact the INAP NOC at 877-843-4662 and reference ticket CASE00494964.

Thank you,
INAP Support
Jan 19, 11:29 CST
Jan 19, 2022
Jan 18, 2022

No incidents reported.

Jan 17, 2022

No incidents reported.

Jan 16, 2022

No incidents reported.

Jan 15, 2022

No incidents reported.

Jan 14, 2022

No incidents reported.

Jan 13, 2022

No incidents reported.

Jan 12, 2022

No incidents reported.