Web Security Service Announcement - Hong Kong (HKG2) Data Center Migration

12 hours
Complete
Complete

The scheduled maintenance has been completed.

Update

This maintenance has been extended by an additional 4 hours. The new completion time will be April 30, 2020, at 03:00 UTC.

Underway

Scheduled maintenance is currently in progress. We will provide updates as necessary.

Scheduled

As part of the previously announced to Google Cloud Platform (GCP), the Hong Kong (HKG2), WSS site will be migrated on April 29, 2020 starting at 15:00 UTC. This maintenance will last up to 8 hours.

At the conclusion of the maintenance, all WSS traffic for the Hong Kong site will be processed in the new GCP-based POP designated Hong Kong (GCNHK). The ingress and egress network IP addresses for the Hong Kong site will remain unchanged from the old Hong Kong (HKG2) site.

The ingress IP address for all access methods for Hong Kong (GCNHK) will be:

103.246.38.164 (Existing address, no change should be required)

The egress network IP ranges, also used for communication with Auth Connector, for Hong Kong (GCNHK) will be:

103.246.38.0/24 (Existing range, no change should be required)

Impact Expect the site to be completely unavailable during the maintenance window.

Required Action IPSec: Customers should bring up their secondary tunnel prior during the maintenance window.

Explicit over IPsec (“trans-proxy”): The underlying IP address for ep.threatpulse.net will not change as part of this migration. Customers that use explicit proxy through IPsec to ep.threatpulse.net should take the same action as IPsec customers and bring up their secondary tunnel during the maintenance.

Unified Agent and WSS Agent: No customer action is required. Customer traffic will be automatically redirected by Symantec to the nearest alternate site during the maintenance window.

Symantec Endpoint Protection Web Traffic Redirector (SEP-WTR): No customer action is required. The underlying IP address for sep-wtr.threatpulse.net will not change as part of this migration. Customer traffic will be automatically redirected by Symantec to the nearest alternate site during the maintenance window.

Explicit proxy and proxy forwarding: No customer action is required. The underlying IP address for proxy.threatpulse.net will not change as a part of this migration. Customers directing traffic to proxy.threatpulse.net will be automatically redirected by Broadcom to the nearest alternate site during the maintenance window.

Others: Any customer, regardless of connection method, with a configuration pointing to a specific site or IP address must manually failover to a secondary site during the migration window to avoid an outage.

Please visit these KB articles for a full list of IP networks used by WSS: Worldwide data center IP addresses: https://knowledge.broadcom.com/external/article?legacyId=TECH242979 Authentication / egress IP addresses: https://knowledge.broadcom.com/external/article?legacyId=TECH240889

Questions? Please visit this KB article for additional details on the Web Security Service Migration to Google Cloud Platform: https://knowledge.broadcom.com/external/article?legacyId=tech257356

If you have further questions regarding this announcement, contact Technical Support. Support information is located at: https://support.broadcom.com/security

For real time updates and status visit and subscribe to Broadcom Service Status: https://wss.status.broadcom.com

Schedule Start Date: April 29, 2020 at 15:00 UTC End Date: April 29, 2020 at 23:00 UTC

Began at:

Affected components