Datto AV - DNS Secure is classifying legitimate websites under the Unknown category, and blocking them

Incident Report for Kaseya Inc

Postmortem

On February 20th at 9:56am UTC, Datto AV Partners experienced a service interruption which caused Datto DNS Secure blocking  websites with category “Unknown”. 

 

The root cause was identified when an update to categories was released, which added the "unknown" category for many websites. An Unknown website is one that has not been fully scanned to verify it does not present the risk of possible malware or other threats.

 

In response to this, the category “unknown” was removed from both the Datto EDR UI and the backend.  This will prevent mis-categorization of known websites.

 

Our Engineering team deployed a fix to correct the problem February 20th at 6:19pm UTC.

Posted Feb 21, 2025 - 12:59 EST

Resolved

We have identified the root cause and have updated all tenants accordingly. The "Unknown" Category has been set to allow in all policies and we will be releasing an update to the DNS Secure policy to remove the unknown category from the UI as well.

Thank you for your understanding.
Posted Feb 20, 2025 - 14:16 EST

Identified

We have identified the root cause and have updated all tenants accordingly. The "Unknown" Category has been set to allow in all policies and we will be releasing an update to the DNS Secure policy to remove the unknown category from the UI as well. Our R&D team is actively investigating this as a top priority to identify and resolve the issue as quickly as possible.

We appreciate your patience and will provide updates as soon as we have more information.

Thank you for your understanding.
Posted Feb 20, 2025 - 14:02 EST

Update

We are aware of reports about Datto AV's DNS Secure incorrectly categorizing certain web pages as "Unknown" and blocking access for EU and AP region tenants. Our R&D team is actively investigating this as a top priority to identify and resolve the issue as quickly as possible. We sincerely apologize for any inconvenience caused.

The recommended workaround is to disable or toggle off the "Unknown" category under the Security Categories portion of the DNS Secure section in the Datto AV Policy.

We encourage you to subscribe to our Status page to receive further updates via email or text for this incident.

We appreciate your patience and partnership.
Posted Feb 20, 2025 - 09:54 EST

Update

We are continuing to investigate this issue.
Posted Feb 20, 2025 - 09:37 EST

Investigating

We are aware of reports indicating that Datto AV - DNS Secure is blocking access to certain legitimate websites as a result of classifying them as 'Unknown' for the EU and AP regions. Our R&D team is actively investigating this as a top priority to identify and resolve the issue as quickly as possible.

We appreciate your patience and will provide updates as soon as we have more information.

Thank you for your understanding.
Posted Feb 20, 2025 - 07:55 EST
This incident affected: Datto AV.
Current Status Powered by Atlassian Statuspage