Cloud SWG Announcement Sydney, Australia (GAUSY) POP Failover Testing

1 day and 12 hours
Complete
Complete

The maintenance is now complete. Thanks for your patience.

Underway

The scheduled maintenance is now underway. We'll keep you updated on our progress.

Scheduled

Update

Please take a note of some additions made under the Impact and Melbourne IP Range section. See the original posting for complete details.

Scheduled

The Sydney, Australia (GAUSY) Cloud SWG site will undergo a POP failover test beginning on July 09, 2024 starting at 15:00 UTC, lasting for a duration of up to 36 hours. Failover testing is conducted on a regular basis to ensure the platform can gracefully handle a real outage. Carefully review the information below to avoid disruption of service.

Timing

  • Failover : July 09, 2024 at 15:00 UTC
  • Failback : July 10, 2024 at 15:00 UTC

Impact

The following describes what happens to connected clients during the testing window, based on access method:

  • WSS Agent and SEP Agent: The service automatically redirects connections to alternate infrastructure within the same geographic location during the testing window.
  • No other connection methods will be impacted.
  • WSS Agent status window will display the data center name as UNK (ip_address) by design. Browsing to pod.threatpulse.com will display the data center name

Cloud SWG Sydney (GAUSY) egress IP ranges (provided for convenience; there are no changes):

  • 103.246.36.0/24
  • 170.176.245.0/24
  • 148.64.2.0/24

Cloud SWG Melbourne (GAUME) egress IP ranges (provided for convenience; there are no changes):

  • 168.149.190.0/24
  • 168.149.191.0/24
  • 34.129.99.0/24

Please reference this KB article for all Cloud SWG data center IP ranges.

Required Action

Prior to July 09, 2024, please ensure that your agents can connect to any Cloud SWG data center to maximize failover opportunities. Although most agents will fail over to Melbourne, some may failover to other data centers for various reasons. Failure to make these changes could prevent users from connecting to Cloud SWG, accessing third party web applications, or authenticating against the service using the Auth Connector (where applicable).

  • Firewall rules regulating connectivity to/from your network to Cloud SWG should be adjusted to allow traffic to pass to the IP networks listed in the KB article above.
  • Third party applications that regulate connections by source IP address should be updated to accept connections from the IP networks in the KB article above to ensure traffic proxied through Cloud SWG can reach the applications.
  • Auth Connector must be able to communicate with all IP ranges listed in the KB article above, on TCP 443, where applicable.

Technical Support

Experiencing issues? Contact technical support by visiting here.

For service status and maintenance updates visit and subscribe to Broadcom Service Status.

Began at:

Affected components