previously..." />

Web Security Service Announcement - Miami Data Center Migration

Duration: 12 hours
Complete
Complete

An update to the Miami, Florida (MIA2) data center migration has been issued. You can find the updated information below.

https://wss.status.broadcom.com/incidents/q24t1qpkq4gx

Scheduled

As part of the previously announced migration to Google Cloud Platform (GCP), the Miami, Florida WSS site will be migrated on April 24, 2020 starting at 20:00 UTC. This maintenance will last up to 12 hours.

Impact Expect the site to be completely unavailable during the maintenance window.

At the conclusion of the maintenance, all WSS traffic for the Miami site will be processed in the new GCP-based POP designated Miami, Florida (GUSMI).

The ingress IP address for IPSec access for Miami (GUSMI) will be:

168.149.137.164 (Existing address, no change should be required)

The ingress IP addresses for all other access methods for Miami (GUSMI) will be:

168.149.137.164 (Existing address, no change should be required) 168.149.138.164 (New ingress address, change may be required) 168.149.139.164 (New ingress address, change may be required) 168.149.140.164 (New ingress address, change may be required)

The egress network IP ranges for Miami (GUSMI) will be:

168.149.137.0/24 (Existing range, no change should be required) 168.149.138.0/24 (Existing range, no change should be required) 168.149.139.0/24 (Existing range, no change should be required) 168.149.140.0/24 (Existing range, no change should be required)

Required Action If end user connectivity to WSS is regulated by stringent firewall rules, those firewall rules should be adjusted to allow traffic to pass to the ingress and egress IP networks listed above prior to the maintenance window. In addition, any third party application provider who regulates connections by source IP should be updated to accept connections from the ingress and egress IP networks listed above to ensure WSS traffic passes unencumbered.

IPSec: Customers should bring up their secondary tunnel prior during the maintenance window.

Unified Agent and WSS Agent: Firewall rules may need to be updated as described above to allow the new ingress addresses. Customer traffic will be automatically redirected by Symantec to the nearest alternate site during the maintenance window.

Symantec Endpoint Protection Web Traffic Redirector (SEP-WTR): The underlying IP address for sep-wtr.threatpulse.net will be updated as part of this migration. Firewall rules will need to be updated as described above to allow the new ingress addresses. Customer traffic will be automatically redirected by Symantec to the nearest alternate site during the maintenance window.

Explicit proxy and proxy forwarding: The underlying IP address for proxy.threatpulse.net will change as a part of this migration. Firewall rules will need to be updated as described above to allow the new ingress addresses. Customers directing traffic to proxy.threatpulse.net will be automatically redirected by Symantec to the nearest alternate site during the maintenance window..

Explicit over IPSec (“trans-proxy”): The underlying IP address for ep.threatpulse.net will change as part of this migration. Firewall rules will need to be updated as described above to allow the new ingress addresses. Customers that use explicit proxy through IPSec to ep.threatpulse.net should take the same action as IPSec customers and bring up their secondary tunnel during the maintenance.

Others: Any customer, regardless of connection method, with a configuration pointing to a specific site or IP address must manually failover to a secondary site during the migration window to avoid an outage.

Please visit these KB articles for a full list of IP networks used by WSS: Worldwide data center IP addresses: https://knowledge.broadcom.com/external/article?legacyId=TECH242979 Authentication IP addresses: https://knowledge.broadcom.com/external/article?legacyId=TECH240889

Questions? Please visit this KB article for additional details on the Web Security Service Migration to Google Cloud Platform: https://knowledge.broadcom.com/external/article?legacyId=tech257356

If you have further questions regarding this announcement, contact Technical Support. Support information is located at: https://support.broadcom.com/security

Schedule • Start Date: April 24, 2020, at 20:00 UTC • End Date: April 25, 2020, at 08:00 UTC

Began at:

Affected components