CloudSOC Scheduled Maintenance for Global CASB Cloud for Gateway

1 day and 5 hours
Complete
Complete

The scheduled maintenance has been completed.

Underway

Scheduled maintenance is currently in progress. We will provide updates as necessary.

Update

Please be advised, the schedule for this maintenance has been changed. The new certificate deployment schedule can be reviewed below.

New Schedule

  • New Certificate Deployed Start: November 13, 2019, at 21:00 UTC
  • New Certificate Deployed End: November 15, 2019, at 02:00 UTC

    • Update

    We would like to remind our customers to follow the steps that were previously communicated in order to ensure there is no disruption caused by the certificate authority changes. Please see the notification below for background and refer to the KB articles linked below for additional steps.

    Update

    We would like to remind our customers to follow the steps that were previously communicated in order to ensure there is no disruption caused by the certificate authority changes. Please see the notification below for background and refer to the KB articles linked below for additional steps.

    Scheduled

    The CA certificate used for the Symantec CloudSOC Gateway will expire on December 12, 2019. This affects customers on the Global CloudSOC tenant with Gateway using “gw.elastica.net” and “mgw.elastica.net”.

    Due to this upcoming certificate expiration date, CloudSOC is changing our CA certificate on November 7, 2019. The new certificate contains the same security properties as previous and will be required for encrypted traffic interception by “gw.elastica.net” and “mgw.elastica.net”.

    Impact

  • CloudSOC Reach - If Reach is deployed amongst your devices in your organization, please ensure you update Reach on all devices before the Gateway update to at least version 2.0.31170.0 on Windows and version 1.0.31170.0 on Mac. These Reach versions going forward will contain the old and new certificate.
  • Clients using a PAC file, proxy forwarding or other custom implementations, please download and install the new CA Certificate (found in ALERT2689) in preparation of the Gateway update on all components like endpoints and/or i.e. proxy servers to prevent issues related to the certificate not being trusted, with subsequent problems that can lead to content being blocked by the browser for the end user or errors and warnings.
  • Mobile devices - Typically use an MDM profile to redirect traffic to the CASB Mobile Gateway. The new Gateway root CA needs to be pushed to all the mobile devices as well.

    Domains Affected

  • gw.elastica.net
  • mgw.elastica.net

    Action Required Customers are encouraged to review the below KB article and should consider implementing both (old and new) certificates in their environment in preparation of the cut over. The new certificate can be downloaded from the below KB, under the “Related Attachments” section.

    ALERT2689

    Original Schedule

  • New Certificate Deployed: November 7, 2019, at 20:00 UTC

    • Began at:

    Affected components